www.apkshub.com Open in urlscan Pro
2606:4700:20::681a:f6e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.apkshub.com/app/com.scottgames.fnaf2
Submission: On December 02 via manual (December 2nd 2023, 5:35:32 pm UTC) from CH — Scanned from CH

Summary HTTP 769 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 134 IPs in 16 countries across 141 domains to perform 769 HTTP transactions. The main IP is 2606:4700:20::681a:f6e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.apkshub.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 17th 2023. Valid for: a year.

This is the only time www.apkshub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	2606:4700:20:... 2606:4700:20::681a:f6e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1 13	2606:4700:10:... 2606:4700:10::6816:3bc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	18.66.23.147 18.66.23.147	16509 (AMAZON-02) (AMAZON-02)
4	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
1	99.86.4.71 99.86.4.71	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:440... 2606:4700:4400::ac40:994e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
6	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
8	145.40.97.67 145.40.97.67	54825 (PACKET) (PACKET)
6	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3 35	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	18.198.161.106 18.198.161.106	16509 (AMAZON-02) (AMAZON-02)
16	2606:4700:10:... 2606:4700:10::6816:2560	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
46	2606:4700:303... 2606:4700:3037::ac43:9e3b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400a::7	15169 (GOOGLE) (GOOGLE)
6 6	23.212.211.47 23.212.211.47	16625 (AKAMAI-AS) (AKAMAI-AS)
12	69.192.162.113 69.192.162.113	16625 (AKAMAI-AS) (AKAMAI-AS)
10	2.19.105.180 2.19.105.180	16625 (AKAMAI-AS) (AKAMAI-AS)
3 15	67.220.226.233 67.220.226.233	16509 (AMAZON-02) (AMAZON-02)
1 4	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
8 14	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 4	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 4	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
4 19	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
13 17	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
15 16	3.68.49.182 3.68.49.182	16509 (AMAZON-02) (AMAZON-02)
1 1	3.127.123.183 3.127.123.183	16509 (AMAZON-02) (AMAZON-02)
4 4	54.198.28.7 54.198.28.7	14618 (AMAZON-AES) (AMAZON-AES)
10 10	52.214.49.207 52.214.49.207	16509 (AMAZON-02) (AMAZON-02)
30 52	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 1	185.86.138.145 185.86.138.145	201081 (SMARTADSE...) (SMARTADSERVER)
4 7	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
4 5	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	35.214.161.29 35.214.161.29	15169 (GOOGLE) (GOOGLE)
2	173.231.180.197 173.231.180.197	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3 3	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2 3	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1 1	141.94.161.190 141.94.161.190	16276 (OVH) (OVH)
2 2	141.94.171.216 141.94.171.216	16276 (OVH) (OVH)
2 3	54.216.8.15 54.216.8.15	16509 (AMAZON-02) (AMAZON-02)
6 9	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
9 38	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
13	34.149.40.38 34.149.40.38	15169 (GOOGLE) (GOOGLE)
1 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	34.247.205.158 34.247.205.158	16509 (AMAZON-02) (AMAZON-02)
6 8	37.157.2.228 37.157.2.228	198622 (ADFORM) (ADFORM)
3 4	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
15	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
4 7	2a05:d018:d29... 2a05:d018:d29:3601:357b:9971:3f66:201	16509 (AMAZON-02) (AMAZON-02)
10 10	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
8 8	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4 4	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 1	188.166.17.21 188.166.17.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
7	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
30 48	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
10 12	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2 2	2600:9000:236... 2600:9000:2362:fa00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	35.214.168.80 35.214.168.80	15169 (GOOGLE) (GOOGLE)
1 10	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
4	3.68.140.79 3.68.140.79	16509 (AMAZON-02) (AMAZON-02)
3 3	81.17.55.122 81.17.55.122	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 12	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:225... 2600:9000:2251:5200:1a:5235:f980:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	52.3.98.252 52.3.98.252	14618 (AMAZON-AES) (AMAZON-AES)
2 4	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.52.2.86 216.52.2.86	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2.19.126.96 2.19.126.96	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	192.132.33.67 192.132.33.67	18568 (BIDTELLECT) (BIDTELLECT)
1	34.149.50.64 34.149.50.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.107.140.113 34.107.140.113	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
1	18.157.198.8 18.157.198.8	16509 (AMAZON-02) (AMAZON-02)
3	54.216.109.54 54.216.109.54	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.223 64.202.112.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	52.50.121.249 52.50.121.249	16509 (AMAZON-02) (AMAZON-02)
3 6	34.197.138.42 34.197.138.42	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550f:766a:43f2:fc20:ff8d	14618 (AMAZON-AES) (AMAZON-AES)
5	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.30.73.115 52.30.73.115	16509 (AMAZON-02) (AMAZON-02)
1 5	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	96.46.186.182 96.46.186.182	7979 (SERVERS-COM) (SERVERS-COM)
7 7	2607:ae80:4::25 2607:ae80:4::25	26558 (FREEWHEEL) (FREEWHEEL)
6	80.77.87.161 80.77.87.161	46636 (NATCOWEB) (NATCOWEB)
3 3	89.149.192.196 89.149.192.196	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5 5	188.42.34.65 188.42.34.65	7979 (SERVERS-COM) (SERVERS-COM)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 5	193.3.178.3 193.3.178.3	399668 (E-PLANNING-) (E-PLANNING-)
6 6	54.72.153.232 54.72.153.232	16509 (AMAZON-02) (AMAZON-02)
23	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
63	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	18.192.135.64 18.192.135.64	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638:3::28 2a02:2638:3::28	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	193.3.178.4 193.3.178.4	399668 (E-PLANNING-) (E-PLANNING-)
7 7	50.19.73.131 50.19.73.131	14618 (AMAZON-AES) (AMAZON-AES)
3 3	69.166.1.34 69.166.1.34	27630 (AS-XFERNET) (AS-XFERNET)
3 3	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
19	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.215.12.121 52.215.12.121	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.29.230.13 52.29.230.13	16509 (AMAZON-02) (AMAZON-02)
1 1	45.137.176.88 45.137.176.88	60350 (VP) (VP)
1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1	2600:1f16:e61... 2600:1f16:e61:3f02:c74:8e54:2ce3:b02a	16509 (AMAZON-02) (AMAZON-02)
2 2	52.50.195.147 52.50.195.147	16509 (AMAZON-02) (AMAZON-02)
1	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1 1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	185.86.138.153 185.86.138.153	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	52.212.46.188 52.212.46.188	16509 (AMAZON-02) (AMAZON-02)
1 1	63.34.248.140 63.34.248.140	16509 (AMAZON-02) (AMAZON-02)
1	34.160.236.64 34.160.236.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	108.128.36.0 108.128.36.0	16509 (AMAZON-02) (AMAZON-02)
1	162.55.236.224 162.55.236.224	24940 (HETZNER-AS) (HETZNER-AS)
1 1	34.234.12.204 34.234.12.204	14618 (AMAZON-AES) (AMAZON-AES)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	34.249.229.188 34.249.229.188	16509 (AMAZON-02) (AMAZON-02)
1 1	193.135.9.125 193.135.9.125	48314 (IP-PROJECTS) (IP-PROJECTS)
1 1	193.135.9.134 193.135.9.134	48314 (IP-PROJECTS) (IP-PROJECTS)
2 4	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
2	23.35.237.75 23.35.237.75	16625 (AKAMAI-AS) (AKAMAI-AS)
14	52.210.15.1 52.210.15.1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.239.72 35.210.239.72	19527 (GOOGLE-2) (GOOGLE-2)
4 5	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	64.202.112.63 64.202.112.63	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	124.146.153.164 124.146.153.164	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
3 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
8	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
9	18.153.147.252 18.153.147.252	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	37.157.4.29 37.157.4.29	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:d::1732:83c8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
2 4	2.19.85.30 2.19.85.30	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	130.211.44.5 130.211.44.5	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
2	2a05:d018:cc3... 2a05:d018:cc3:fe05:b057:3007:c56f:c3e9	16509 (AMAZON-02) (AMAZON-02)
1	162.55.120.196 162.55.120.196	24940 (HETZNER-AS) (HETZNER-AS)
1 2	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
1 1	141.94.170.77 141.94.170.77	16276 (OVH) (OVH)
2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	131.153.158.209 131.153.158.209	60558 (SECUREDSE...) (SECUREDSERVERS-EU)
3	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
13	172.67.10.198 172.67.10.198	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.64.149.180 172.64.149.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:47fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	216.52.2.16 216.52.2.16	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
4	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
2	54.147.45.225 54.147.45.225	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.134.84.24 18.134.84.24	16509 (AMAZON-02) (AMAZON-02)
1 1	34.160.19.107 34.160.19.107	15169 (GOOGLE) (GOOGLE)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.161.119.73 3.161.119.73	16509 (AMAZON-02) (AMAZON-02)
1 1	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
2	52.25.123.43 52.25.123.43	16509 (AMAZON-02) (AMAZON-02)
769	134

32 2606:4700:20::681a:f6e (United States)

ASN13335 (CLOUDFLARENET, US)

www.apkshub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.apkshub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:10::6816:3bc7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

chart.apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.23.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-147.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.210.196.208 (Lanham, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.198.161.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-161-106.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:10::6816:2560 (United States)

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2606:4700:3037::ac43:9e3b (United States)

ASN13335 (CLOUDFLARENET, US)

px.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbc.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400a::7 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

r2---sn-1gi7znek.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.212.211.47 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 69.192.162.113 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-162-113.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.19.105.180 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-105-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 67.220.226.233 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 69.173.144.138 (Frankfurt am Main, Germany) 8 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.9 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 4 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.64.191.210 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 37.252.171.149 (Frankfurt am Main, Germany) 13 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.118 (Loerrach, Germany) 3 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 3.68.49.182 (Frankfurt am Main, Germany) 15 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-49-182.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.123.183 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-123-183.eu-central-1.compute.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.198.28.7 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-28-7.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.214.49.207 (Dublin, Ireland) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-49-207.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 142.250.181.226 (United States) 30 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.145 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 208.93.169.131 (United States) 4 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.66.49 (United States) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.161.29 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 29.161.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.231.180.197 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-delivery-4.sys.adgear.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.0.160.131 (United States) 3 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.161.190 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-2.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.216 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.216.8.15 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-8-15.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 198.47.127.18 (United States) 6 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 51.89.9.254 (London, United Kingdom) 9 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com

u.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.247.205.158 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-158.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.2.228 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.204.74.118 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a05:d018:d29:3601:357b:9971:3f66:201 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.75.62.37 (Frankfurt am Main, Germany) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 98.98.134.241 (United States) 3 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:fa8:8806:16::1400 (Singapore) 8 redirects

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rubicon-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pulsepoint-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.164.11 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.17.21 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 69.173.144.139 (Frankfurt am Main, Germany) 30 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 46.228.174.117 (United Kingdom) 10 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2362:fa00:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.168.80 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 80.168.214.35.bc.googleusercontent.com

trace-eu.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.46.155.104 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.68.140.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-140-79.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 81.17.55.122 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.248.245.213 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:5200:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.98.252 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-98-252.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.146.152 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.126.96 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-96.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.67 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 67.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com

s2s.t13.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.91.45.7 (Ashburn, United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.198.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-198-8.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.216.109.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-109-54.eu-west-1.compute.amazonaws.com

cs.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.121.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-121-249.eu-west-1.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.197.138.42 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-138-42.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550f:766a:43f2:fc20:ff8d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.73.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-73-115.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid-s2s.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.46.186.182 (United States)

ASN7979 (SERVERS-COM, US)

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:ae80:4::25 (United States) 7 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.149.192.196 (Netherlands) 3 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.42.34.65 (Luxembourg) 5 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.3.178.3 (United States) 1 redirects

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.72.153.232 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-153-232.eu-west-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.192.135.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com

media.grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::28 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

grid-mercury.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

u-ams03.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 50.19.73.131 (Ashburn, United States) 7 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-73-131.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.166.1.34 (United States) 3 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.12.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-12-121.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.230.13 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-230-13.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.137.176.88 (France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f16:e61:3f02:c74:8e54:2ce3:b02a (Columbus, United States)

ASN16509 (AMAZON-02, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.195.147 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-195-147.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.153 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.46.188 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-46-188.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.248.140 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-248-140.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.36.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-36-0.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.12.204 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-12-204.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.229.188 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-229-188.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.135.9.125 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.135.9.134 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.194.101 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.239.72 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com

u.ipw.metadsp.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.63 (United States) 3 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.164 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 3 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.153.147.252 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-153-147-252.eu-central-1.compute.amazonaws.com

pdc.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:d::1732:83c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.85.30 (Düsseldorf, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-85-30.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.44.5 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.44.211.130.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (Schiphol, Netherlands) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:cc3:fe05:b057:3007:c56f:c3e9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.121 (Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.170.77 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.153.158.209 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU, US)

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)

csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.16 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.147.45.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-45-225.compute-1.amazonaws.com

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.134.84.24 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-24.eu-west-2.compute.amazonaws.com

1f2e7.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.19.107 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 107.19.160.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.119.73 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-3-161-119-73.vie50.r.cloudfront.net

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.132 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.25.123.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-123-43.us-west-2.compute.amazonaws.com

prod.tahoe-analytics.publishers.advertising.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
93	googlesyndication.com f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	559 KB
88	doubleclick.net 30 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 ad.doubleclick.net — Cisco Umbrella Rank: 139	476 KB
80	rubiconproject.com 44 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 461 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2134 pixel.rubiconproject.com — Cisco Umbrella Rank: 339	133 KB
51	pubmatic.com 11 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504 ads.pubmatic.com — Cisco Umbrella Rank: 544 image6.pubmatic.com — Cisco Umbrella Rank: 793 image2.pubmatic.com — Cisco Umbrella Rank: 859 simage2.pubmatic.com — Cisco Umbrella Rank: 723 image8.pubmatic.com — Cisco Umbrella Rank: 661 image4.pubmatic.com — Cisco Umbrella Rank: 1224 simage4.pubmatic.com — Cisco Umbrella Rank: 1304	84 KB
46	vliplatform.com px.vliplatform.com — Cisco Umbrella Rank: 35885 pbc.vliplatform.com — Cisco Umbrella Rank: 95349	19 KB
38	onetag-sys.com 9 redirects onetag-sys.com — Cisco Umbrella Rank: 714	19 KB
35	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 484 ssum.casalemedia.com — Cisco Umbrella Rank: 1351 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480 dsum.casalemedia.com — Cisco Umbrella Rank: 1364	24 KB
35	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807 s.amazon-adsystem.com — Cisco Umbrella Rank: 285	90 KB
32	apkshub.com www.apkshub.com data.apkshub.com	167 KB
28	bidswitch.net 15 redirects x.bidswitch.net — Cisco Umbrella Rank: 336 media.grid.bidswitch.net — Cisco Umbrella Rank: 2648 pdc.bidswitch.net — Cisco Umbrella Rank: 6454	7 KB
21	4dex.io script.4dex.io — Cisco Umbrella Rank: 1628 mp.4dex.io — Cisco Umbrella Rank: 2346 u.4dex.io — Cisco Umbrella Rank: 3500	34 KB
19	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 2888 mwzeom.zeotap.com — Cisco Umbrella Rank: 3215	6 KB
19	e-planning.net 1 redirects ads.us.e-planning.net — Cisco Umbrella Rank: 2234 u-ams03.e-planning.net — Cisco Umbrella Rank: 30386 sync.e-planning.net — Cisco Umbrella Rank: 4044	4 KB
18	3lift.com 3 redirects tlx.3lift.com — Cisco Umbrella Rank: 592 eb2.3lift.com — Cisco Umbrella Rank: 372	8 KB
18	criteo.com 3 redirects bidder.criteo.com — Cisco Umbrella Rank: 776 dis.criteo.com — Cisco Umbrella Rank: 550 grid-mercury.criteo.com — Cisco Umbrella Rank: 3018 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971 gum.criteo.com — Cisco Umbrella Rank: 424	58 KB
17	yahoo.com 14 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ups.analytics.yahoo.com — Cisco Umbrella Rank: 307 cms.analytics.yahoo.com — Cisco Umbrella Rank: 1240	7 KB
17	adform.net 7 redirects dmp.adform.net — Cisco Umbrella Rank: 2870 c1.adform.net — Cisco Umbrella Rank: 560 track.adform.net — Cisco Umbrella Rank: 4289 s1.adform.net — Cisco Umbrella Rank: 8194 cm.adform.net — Cisco Umbrella Rank: 1211	109 KB
17	adnxs.com 13 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478	13 KB
16	gumgum.com rtb.gumgum.com — Cisco Umbrella Rank: 1472 usersync.gumgum.com — Cisco Umbrella Rank: 1858	5 KB
16	quantumdex.io useast.quantumdex.io — Cisco Umbrella Rank: 19494 sync.quantumdex.io — Cisco Umbrella Rank: 4292	3 KB
15	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	2 KB
13	smilewanted.com prebid.smilewanted.com Failed csync.smilewanted.com — Cisco Umbrella Rank: 2705 static.smilewanted.com — Cisco Umbrella Rank: 9095	18 KB
13	vlitag.com 1 redirects services.vlitag.com — Cisco Umbrella Rank: 40308 assets.vlitag.com — Cisco Umbrella Rank: 49048 media.vlitag.com — Cisco Umbrella Rank: 79301	1011 KB
11	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	604 KB
10	bidr.io 10 redirects match.prod.bidr.io — Cisco Umbrella Rank: 563	5 KB
9	1rx.io 9 redirects sync.1rx.io — Cisco Umbrella Rank: 546	4 KB
9	smartadserver.com 9 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622 ssbsync.smartadserver.com — Cisco Umbrella Rank: 742 ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1332 sync.smartadserver.com — Cisco Umbrella Rank: 1285	2 KB
9	creativecdn.com 3 redirects prebid-asia.creativecdn.com — Cisco Umbrella Rank: 26644 creativecdn.com — Cisco Umbrella Rank: 564	2 KB
8	openx.net 7 redirects rtb.openx.net — Cisco Umbrella Rank: 695 us-u.openx.net — Cisco Umbrella Rank: 491 u.openx.net — Cisco Umbrella Rank: 672	2 KB
8	dotomi.com 8 redirects pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2850 rubicon-match.dotomi.com — Cisco Umbrella Rank: 1918 pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 6644 casale-match.dotomi.com — Cisco Umbrella Rank: 2999	3 KB
8	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 751	1 KB
7	disqus.com 7 redirects ssp.disqus.com — Cisco Umbrella Rank: 1557	2 KB
7	stickyadstv.com 7 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 526	4 KB
7	liadm.com 3 redirects i.liadm.com — Cisco Umbrella Rank: 517 i6.liadm.com — Cisco Umbrella Rank: 2358	4 KB
7	contextweb.com 4 redirects bh.contextweb.com — Cisco Umbrella Rank: 501	7 KB
7	unrulymedia.com 1 redirects targeting.unrulymedia.com — Cisco Umbrella Rank: 805 sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258	2 KB
6	360yield.com 6 redirects ice.360yield.com — Cisco Umbrella Rank: 1817 ad.360yield.com — Cisco Umbrella Rank: 666	2 KB
6	admanmedia.com cs.admanmedia.com — Cisco Umbrella Rank: 1022	1 KB
6	aralego.com hb.aralego.com — Cisco Umbrella Rank: 30104 sync.aralego.com — Cisco Umbrella Rank: 2837	1 KB
5	betweendigital.com 5 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1601	4 KB
5	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	3 KB
5	33across.com ssc-cms.33across.com — Cisco Umbrella Rank: 904	73 B
5	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 711
5	everesttech.net 4 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	1 KB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	51 KB
4	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1750	536 B
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	1 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 489 rtb0.doubleverify.com — Cisco Umbrella Rank: 754 rtbc-ew1.doubleverify.com — Cisco Umbrella Rank: 16633	22 KB
4	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	394 KB
4	smartclip.net 2 redirects ad.sxp.smartclip.net — Cisco Umbrella Rank: 3970	1 KB
4	yellowblue.io cs.yellowblue.io — Cisco Umbrella Rank: 1547 cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2453	2 KB
4	lijit.com ce.lijit.com — Cisco Umbrella Rank: 835 ap.lijit.com — Cisco Umbrella Rank: 650	865 B
4	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 465	1 KB
4	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	102 B
4	turn.com 4 redirects ad.turn.com — Cisco Umbrella Rank: 773	2 KB
4	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 780	2 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2112	3 KB
4	crwdcntrl.net 3 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 799 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	2 KB
4	stackadapt.com 4 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 702	3 KB
4	quantserve.com 4 redirects cms.quantserve.com — Cisco Umbrella Rank: 749	2 KB
4	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1031	2 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	2 KB
3	gstatic.com www.gstatic.com	17 KB
3	zemanta.com 3 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586	905 B
3	krxd.net 1 redirects beacon.krxd.net — Cisco Umbrella Rank: 699 usermatch.krxd.net — Cisco Umbrella Rank: 1751	942 B
3	sonobi.com 3 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 951	2 KB
3	sitescout.com 3 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 681	1 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 24651 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 25773	960 B
3	onaudience.com 3 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 18123 pixel.onaudience.com — Cisco Umbrella Rank: 2916	2 KB
3	ctnsnet.com 2 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 4999 cm.ctnsnet.com — Cisco Umbrella Rank: 3764	892 B
3	rfihub.com 3 redirects p.rfihub.com — Cisco Umbrella Rank: 825	2 KB
3	adition.com 3 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	2 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 487 fonts.googleapis.com — Cisco Umbrella Rank: 29	127 KB
3	google.com chart.apis.google.com — Cisco Umbrella Rank: 47356 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	a2z.com prod.tahoe-analytics.publishers.advertising.a2z.com — Cisco Umbrella Rank: 1935	373 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 644 cdn.indexww.com — Cisco Umbrella Rank: 1640	2 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1234	1 KB
2	adroll.com d.adroll.com — Cisco Umbrella Rank: 1380	361 B
2	metadsp.co.uk 2 redirects u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 4714	906 B
2	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4166	800 B
2	imrworldwide.com 2 redirects obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 38129	428 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	fwmrm.net 1 redirects dmp.v.fwmrm.net — Cisco Umbrella Rank: 12465 1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3915	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	1 KB
2	ad4m.at ad4m.at — Cisco Umbrella Rank: 11359
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	62 KB
2	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 925	60 B
2	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 1010	522 B
2	ipredictive.com 2 redirects sync.ipredictive.com — Cisco Umbrella Rank: 836	958 B
2	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 327	1007 B
2	mediago.io 2 redirects trace-eu.mediago.io — Cisco Umbrella Rank: 16435 trace.mediago.io — Cisco Umbrella Rank: 902	736 B
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 674	872 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	560 B
2	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1388	563 B
2	googlevideo.com 1 redirects redirector.googlevideo.com — Cisco Umbrella Rank: 1163 r2---sn-1gi7znek.googlevideo.com	975 B
1	smadex.com 1 redirects cm.smadex.com — Cisco Umbrella Rank: 2280	617 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 1383	424 B
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 20274	269 B
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 1510	349 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	275 B
1	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 16103	1 KB
1	a-mx.com id.a-mx.com — Cisco Umbrella Rank: 1702	267 B
1	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 5650
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1209	684 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1450	829 B
1	adsafety.net 1 redirects cm.adsafety.net — Cisco Umbrella Rank: 21125	1 KB
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 30222	823 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 638	145 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 1727	60 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1226	204 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 499	533 B
1	exelator.com loadeu.exelator.com — Cisco Umbrella Rank: 7695	324 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 648	201 B
1	adotmob.com 1 redirects sync.adotmob.com — Cisco Umbrella Rank: 1414	680 B
1	aniview.com sync.aniview.com — Cisco Umbrella Rank: 1642	251 B
1	media.net prebid-s2s.media.net — Cisco Umbrella Rank: 2564	518 B
1	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 582	599 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1618	173 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 656	384 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 689	145 B
1	minutemedia-prebid.com cs.minutemedia-prebid.com — Cisco Umbrella Rank: 1777	326 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1074	186 B
1	t13.io s2s.t13.io — Cisco Umbrella Rank: 1747	440 B
1	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 1600	284 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 815	163 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 866	315 B
1	primis.tech live.primis.tech — Cisco Umbrella Rank: 1398	524 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1901	555 B
1	erne.co 1 redirects green.erne.co — Cisco Umbrella Rank: 32406	412 B
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 5215	277 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 870	226 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 1072	554 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 5551	346 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	254 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	85 KB
0	mrtnsvr.com Failed ad.mrtnsvr.com Failed
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	widespace.com Failed engine.widespace.com Failed
0	tidaltv.com Failed sync.tidaltv.com Failed
0	videowalldirect.com Failed cs.videowalldirect.com Failed
0	gammaplatform.com Failed cm-supply-web.gammaplatform.com Failed
769	141

	Domain	Requested by
63	pagead2.googlesyndication.com	cdn.jsdelivr.net pagead2.googlesyndication.com googleads.g.doubleclick.net f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com tpc.googlesyndication.com www.apkshub.com ad.doubleclick.net www.googletagservices.com
52	cm.g.doubleclick.net	30 redirects www.apkshub.com onetag-sys.com spl.zeotap.com googleads.g.doubleclick.net rtb.gumgum.com f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com eb2.3lift.com
45	px.vliplatform.com	www.apkshub.com cdn.jsdelivr.net
43	pixel.rubiconproject.com	25 redirects www.apkshub.com onetag-sys.com
38	onetag-sys.com	9 redirects ads.pubmatic.com www.apkshub.com onetag-sys.com sync.quantumdex.io
26	www.apkshub.com	www.apkshub.com
23	tpc.googlesyndication.com	f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.apkshub.com
20	dsum-sec.casalemedia.com	2 redirects ssum.casalemedia.com googleads.g.doubleclick.net ssum-sec.casalemedia.com
17	mwzeom.zeotap.com	spl.zeotap.com ads.pubmatic.com
16	x.bidswitch.net	15 redirects onetag-sys.com
15	match.adsrvr.org	ads.pubmatic.com www.apkshub.com onetag-sys.com ssum.casalemedia.com spl.zeotap.com googleads.g.doubleclick.net rtb.gumgum.com f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com ssum-sec.casalemedia.com eb2.3lift.com
15	aax-eu.amazon-adsystem.com	3 redirects c.amazon-adsystem.com ads.pubmatic.com aax-eu.amazon-adsystem.com www.apkshub.com spl.zeotap.com
15	securepubads.g.doubleclick.net	services.vlitag.com securepubads.g.doubleclick.net f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com www.googletagservices.com
14	usersync.gumgum.com	rtb.gumgum.com ads.pubmatic.com
14	u-ams03.e-planning.net	ads.us.e-planning.net ssum.casalemedia.com ads.pubmatic.com
14	token.rubiconproject.com	8 redirects eus.rubiconproject.com
13	u.4dex.io	ads.pubmatic.com www.apkshub.com onetag-sys.com ads.us.e-planning.net
13	ib.adnxs.com	9 redirects www.apkshub.com spl.zeotap.com googleads.g.doubleclick.net eb2.3lift.com
12	csync.smilewanted.com	assets.vlitag.com csync.smilewanted.com ads.pubmatic.com
12	eb2.3lift.com	3 redirects aax-eu.amazon-adsystem.com assets.vlitag.com sync.quantumdex.io eb2.3lift.com
12	eus.rubiconproject.com	www.apkshub.com eus.rubiconproject.com ads.us.e-planning.net rtb.gumgum.com
11	www.googletagservices.com	f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com googleads.g.doubleclick.net www.apkshub.com cdn.doubleverify.com www.googletagservices.com
10	sync.quantumdex.io	assets.vlitag.com sync.quantumdex.io onetag-sys.com ads.pubmatic.com ssum-sec.casalemedia.com cs-server-s2s.yellowblue.io
10	googleads.g.doubleclick.net	cdn.jsdelivr.net pagead2.googlesyndication.com f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
10	s.amazon-adsystem.com	1 redirects aax-eu.amazon-adsystem.com www.apkshub.com onetag-sys.com bh.contextweb.com ssum.casalemedia.com
10	match.prod.bidr.io	10 redirects
10	simage2.pubmatic.com	3 redirects ads.pubmatic.com
10	ads.pubmatic.com	www.apkshub.com ads.pubmatic.com aax-eu.amazon-adsystem.com ads.us.e-planning.net rtb.gumgum.com assets.vlitag.com sync.quantumdex.io csync.smilewanted.com
9	pdc.bidswitch.net	f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
9	sync.1rx.io	9 redirects
9	ups.analytics.yahoo.com	9 redirects
9	image8.pubmatic.com	6 redirects ads.pubmatic.com onetag-sys.com
9	image2.pubmatic.com	1 redirects ads.pubmatic.com
8	googleads4.g.doubleclick.net	googleads.g.doubleclick.net ad.doubleclick.net
8	prebid.a-mo.net	assets.vlitag.com www.apkshub.com
8	assets.vlitag.com	services.vlitag.com www.apkshub.com
7	ssp.disqus.com	7 redirects
7	ads.stickyadstv.com	7 redirects
7	f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	pr-bh.ybp.yahoo.com	4 redirects ads.pubmatic.com ssum.casalemedia.com
7	bh.contextweb.com	4 redirects aax-eu.amazon-adsystem.com bh.contextweb.com
6	cs.admanmedia.com	onetag-sys.com sync.quantumdex.io
6	i.liadm.com	3 redirects ssum.casalemedia.com ssum-sec.casalemedia.com
6	c1.adform.net	5 redirects ads.pubmatic.com
6	secure-assets.rubiconproject.com	6 redirects
6	aax.amazon-adsystem.com	c.amazon-adsystem.com
6	useast.quantumdex.io	assets.vlitag.com
6	tlx.3lift.com	assets.vlitag.com
6	htlb.casalemedia.com	assets.vlitag.com
6	bidder.criteo.com	assets.vlitag.com
6	hbopenbid.pubmatic.com	assets.vlitag.com
6	prebid-asia.creativecdn.com	assets.vlitag.com
6	mp.4dex.io	assets.vlitag.com
6	data.apkshub.com	www.apkshub.com data.apkshub.com
5	track.adform.net	f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com s1.adform.net
5	ice.360yield.com	5 redirects
5	ads.betweendigital.com	5 redirects
5	ssc-cms.33across.com	www.apkshub.com
5	id.rlcdn.com	www.apkshub.com onetag-sys.com
5	pixel-eu.rubiconproject.com	5 redirects
5	sync-tm.everesttech.net	4 redirects ads.pubmatic.com
5	hb.aralego.com	assets.vlitag.com
5	cdn.jsdelivr.net	www.apkshub.com assets.vlitag.com f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
4	sync.adkernel.com	sync.quantumdex.io
4	sync.teads.tv	2 redirects googleads.g.doubleclick.net www.apkshub.com
4	s0.2mdn.net	f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	ad.sxp.smartclip.net	2 redirects googleads.g.doubleclick.net
4	a.tribalfusion.com	1 redirects f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com ads.pubmatic.com
4	secure.adnxs.com	4 redirects
4	pixel.tapad.com	2 redirects www.apkshub.com spl.zeotap.com
4	match.sharethrough.com	aax-eu.amazon-adsystem.com www.apkshub.com sync.quantumdex.io cs-server-s2s.yellowblue.io
4	ad.turn.com	4 redirects
4	um.simpli.fi	3 redirects ads.pubmatic.com
4	a.audrte.com	3 redirects ads.pubmatic.com
4	sync.srv.stackadapt.com	4 redirects
4	cms.quantserve.com	4 redirects
4	dis.criteo.com	3 redirects ads.pubmatic.com
4	sync.mathtag.com	1 redirects ads.pubmatic.com onetag-sys.com
4	image6.pubmatic.com	1 redirects ads.pubmatic.com
4	targeting.unrulymedia.com	assets.vlitag.com
4	services.vlitag.com	www.apkshub.com services.vlitag.com
3	ap.lijit.com	www.apkshub.com sync.quantumdex.io csync.smilewanted.com
3	id5-sync.com	assets.vlitag.com sync.quantumdex.io
3	s1.adform.net	track.adform.net s1.adform.net www.apkshub.com
3	ad.doubleclick.net	f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com www.googletagservices.com
3	www.gstatic.com	www.apkshub.com f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
3	creativecdn.com	3 redirects
3	b1sync.zemanta.com	3 redirects
3	dsum.casalemedia.com	ssum.casalemedia.com ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	ssum.casalemedia.com js-sec.indexww.com sync.quantumdex.io
3	ssum.casalemedia.com	1 redirects ads.us.e-planning.net
3	rtb.openx.net	3 redirects
3	sync.go.sonobi.com	3 redirects
3	cat.nl3.eu.criteo.com	cdn.jsdelivr.net
3	grid-mercury.criteo.com	cdn.jsdelivr.net
3	media.grid.bidswitch.net	cdn.jsdelivr.net
3	ads.us.e-planning.net	1 redirects www.apkshub.com
3	ssbsync-global.smartadserver.com	3 redirects
3	ssbsync.smartadserver.com	3 redirects
3	sync.targeting.unrulymedia.com	1 redirects www.apkshub.com
3	pixel-sync.sitescout.com	3 redirects
3	sync.crwdcntrl.net	2 redirects ads.pubmatic.com
3	p.rfihub.com	3 redirects
3	dsp.adfarm1.adition.com	3 redirects
3	c.amazon-adsystem.com	services.vlitag.com c.amazon-adsystem.com
2	prod.tahoe-analytics.publishers.advertising.a2z.com	c.amazon-adsystem.com
2	casale-match.dotomi.com	2 redirects
2	cm.ctnsnet.com	2 redirects
2	cs-server-s2s.yellowblue.io	sync.quantumdex.io cs-server-s2s.yellowblue.io
2	gum.criteo.com	assets.vlitag.com
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	d.adroll.com	ssum.casalemedia.com ssum-sec.casalemedia.com
2	simage4.pubmatic.com	ads.pubmatic.com
2	cdn.doubleverify.com	f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com cdn.doubleverify.com
2	www.google.com	f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
2	fonts.googleapis.com	f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com www.apkshub.com
2	sync.e-planning.net	rtb.gumgum.com ads.us.e-planning.net
2	u.ipw.metadsp.co.uk	2 redirects
2	ad.yieldlab.net	googleads.g.doubleclick.net
2	obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com	2 redirects
2	beacon.krxd.net	spl.zeotap.com
2	sync.smartadserver.com	2 redirects
2	dpm.demdex.net	2 redirects
2	pm.w55c.net	2 redirects
2	ad4m.at	ssum.casalemedia.com
2	rtb.gumgum.com	ads.us.e-planning.net rtb.gumgum.com
2	spl.zeotap.com	ads.us.e-planning.net
2	static.criteo.net	assets.vlitag.com static.criteo.net
2	pulsepoint-match.dotomi.com	2 redirects
2	rubicon-match.dotomi.com	2 redirects
2	cs.yellowblue.io	www.apkshub.com cs-server-s2s.yellowblue.io
2	match.deepintent.com	www.apkshub.com rtb.gumgum.com
2	capi.connatix.com	1 redirects www.apkshub.com
2	sync.ipredictive.com	2 redirects
2	px.ads.linkedin.com	www.apkshub.com eb2.3lift.com
2	s.ad.smaato.net	2 redirects
2	pubmatic-match.dotomi.com	2 redirects
2	dmp.adform.net	1 redirects spl.zeotap.com
2	cr.frontend.weborama.fr	1 redirects ads.pubmatic.com
2	pixel-eu.onaudience.com	2 redirects
2	d5p.de17a.com	2 redirects
2	cm.adgrx.com	ads.pubmatic.com www.apkshub.com
2	script.4dex.io	assets.vlitag.com script.4dex.io
1	cm.adform.net	1 redirects
1	u.openx.net	1 redirects
1	cm.smadex.com	1 redirects
1	s.company-target.com	1 redirects
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	euexchangesync.digitaleast.mobi	1 redirects
1	dmp.brand-display.com	1 redirects
1	1f2e7.v.fwmrm.net	1 redirects
1	static.smilewanted.com	csync.smilewanted.com
1	sync.aralego.com	cdn.aralego.net
1	lb.eu-1-id5-sync.com	assets.vlitag.com
1	cdn.aralego.net	assets.vlitag.com
1	js-sec.indexww.com	assets.vlitag.com
1	id.a-mx.com	assets.vlitag.com
1	pixel.onaudience.com	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	trace.mediago.io	1 redirects
1	ums.acuityplatform.com	1 redirects
1	rtbc-ew1.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	ad.360yield.com	1 redirects
1	tg.socdm.com	1 redirects
1	cm.adsafety.net	1 redirects
1	ads.smartstream.tv	1 redirects
1	tags.bluekai.com	spl.zeotap.com
1	usermatch.krxd.net	1 redirects
1	sync.richaudience.com	spl.zeotap.com
1	odr.mookie1.com	spl.zeotap.com
1	aa.agkn.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	bcp.crwdcntrl.net	1 redirects
1	idsync.frontend.weborama.fr	1 redirects
1	loadeu.exelator.com	spl.zeotap.com
1	dmp.v.fwmrm.net	spl.zeotap.com
1	trc.taboola.com	spl.zeotap.com
1	sync.adotmob.com	1 redirects
1	sync.aniview.com	www.apkshub.com
1	prebid-s2s.media.net	www.apkshub.com
1	s.tribalfusion.com	www.apkshub.com
1	ads.yieldmo.com	www.apkshub.com
1	tr.blismedia.com	www.apkshub.com
1	i6.liadm.com	www.apkshub.com
1	visitor.omnitagjs.com	www.apkshub.com
1	sync.outbrain.com	www.apkshub.com
1	cs.minutemedia-prebid.com	www.apkshub.com
1	exchange.mediavine.com	www.apkshub.com
1	s2s.t13.io	www.apkshub.com
1	s.seedtag.com	www.apkshub.com
1	bttrack.com	www.apkshub.com
1	hb.yahoo.net	www.apkshub.com
1	ce.lijit.com	www.apkshub.com
1	live.primis.tech	www.apkshub.com
1	trace-eu.mediago.io	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	green.erne.co	1 redirects
1	core.iprom.net	ads.pubmatic.com
1	ipac.ctnsnet.com	ads.pubmatic.com
1	csync.loopme.me	1 redirects
1	t.adx.opera.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	sonata-notifications.taptapnetworks.com	1 redirects
1	pbc.vliplatform.com	assets.vlitag.com
1	r2---sn-1gi7znek.googlevideo.com	www.apkshub.com
1	redirector.googlevideo.com	1 redirects
1	media.vlitag.com	1 redirects
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	imasdk.googleapis.com	services.vlitag.com
1	region1.google-analytics.com	www.googletagmanager.com
1	chart.apis.google.com	www.apkshub.com
1	www.googletagmanager.com	www.apkshub.com
0	ad.mrtnsvr.com Failed	ads.pubmatic.com
0	googlecm.hit.gemius.pl Failed	f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
0	engine.widespace.com Failed	spl.zeotap.com
0	sync.tidaltv.com Failed	spl.zeotap.com
0	cs.videowalldirect.com Failed	ads.us.e-planning.net
0	cm-supply-web.gammaplatform.com Failed	ads.pubmatic.com
0	prebid.smilewanted.com Failed	assets.vlitag.com
769	222

This site contains links to these domains. Also see Links.

Domain
undefined
en.apkshub.com
cn.apkshub.com
ru.apkshub.com
ja.apkshub.com
ko.apkshub.com
pt.apkshub.com
it.apkshub.com
nl.apkshub.com
de.apkshub.com
es.apkshub.com
fr.apkshub.com
tw.apkshub.com
ar.apkshub.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-17` - `2024-04-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
vlitag.com GTS CA 1P5	`2023-11-26` - `2024-02-24`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.a-mo.net R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-09` - `2024-12-09`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-11` - `2024-09-11`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.ctnsnet.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-13` - `2024-11-10`	a year	crt.sh
*.iprom.net R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
u.4dex.io GTS CA 1D4	`2023-10-22` - `2024-01-20`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-05-09`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-04` - `2024-04-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-11-30` - `2024-01-01`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2023-04-20` - `2024-05-21`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
ads.us.e-planning.net R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
media.grid.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-08-11` - `2024-08-11`	a year	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
*.e-planning.net R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-09` - `2023-12-10`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
*.tapad.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-18` - `2024-09-17`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon RSA 2048 M02	`2023-02-08` - `2024-02-15`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
pdc.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-04-03` - `2024-04-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
truffle.bid R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh
id.a-mx.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-12` - `2024-11-10`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
prod.tahoe-analytics.publishers.advertising.a2z.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-21`	a year	crt.sh

This page contains 136 frames:

Primary Page: https://www.apkshub.com/app/com.scottgames.fnaf2
Frame ID: CFA1865307C64587674CBE34FF85EEAE
Requests: 188 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Frame ID: F5B83A2CD57EE0174FCEED087977041B
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Frame ID: 0D519F7A73B7A7C214CAC74F3651CEE7
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Frame ID: 20578B6236B2F2BAC6BEBBAA8D8868EE
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: B9E7177C4C6B644235FFED2FB2A92870
Requests: 18 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_pm-db5_ppt_n-vmg_n-baidu_n-Beeswax_smrt_3lift&dcc=t
Frame ID: 32075EC190F037FA117173E747F2CE62
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: C7F1B9BF6CD487E1304669E6DB206385
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 7875C4435DD2E279AE380C4BE0C23550
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&redir=true&gdpr=0&gdpr_consent=
Frame ID: 4CEEFED924989FA90AD7228B66F3BFDD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CBk_BAhNbQQTTT8HCEkkUglNPFETGj9XDU7Ixhy_
Frame ID: 3F5E5A2EF7EC637867E9FE04519C669F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7476920855595883743&gdpr=0&gdpr_consent=
Frame ID: 42CF94E57B0850DAFF1FE27AE3CA10A5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7308052309189916812&gdpr=0&gdpr_consent=
Frame ID: F5C79E07C15CF587CFBD0ADC75B9AB21
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: B98523D4FC9F780817C9E6B057387C3C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=w0SheZI2Xk5mBkU8GEz5-rnDR90&gdpr=0&gdpr_consent=
Frame ID: FF7226AB6C2FE8DDEF6F6BF88D6CFBBD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADVBE7K1tYAABRxDUIUDA&gdpr=0&gdpr_consent=
Frame ID: C6F57ED745F5E8390D21DA8DE5C2063F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd60c7dc45aab4510b9137b80f9bd3457
Frame ID: F78D0EE7F3A918D98953263EE0027618
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWtq2wAEAN3S7QBU
Frame ID: 46719319C08D7D4016D94AFD87308DCD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: CA997FAEEC0C2E888966F14D2A45A21B
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 70E968ADE3BAF70A9D77FEA5CC0731EE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=460297751196113367
Frame ID: 5C42DBE7D3DA75AF203DBD15268D91BE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685631101846490
Frame ID: 360F710D84246D0F86C1D3F1381F05F1
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 0CFB069A90B474A207AED81761CE96FB
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 7DA5DC5CCA7FBF8AF5B967658EF957D3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: 7923EAD778DCA46625041B0F474ED30E
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 66B2CB1040BE91AE5BAF8D2F5E6AD60E
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: 4CAE6D76FE9D1F746EEE2176BCEE5AAE
Requests: 1 HTTP requests in this frame

Frame: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6815EFE3AA2AA7CB9CA475F6BC9EFDCB
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 0B9436567392AB82D2587327F089B919
Requests: 17 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_pm-db5_ppt_n-vmg_n-baidu_n-Beeswax_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: EDCA508BA5E6D8CC743508F2E28EE518
Requests: 5 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: A8B642249E455CBDC332337B129E819A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: D22CC014978A27911A16781F0EB1993D
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: CC6A6D547373F4595B0C3AF4C305A6E9
Requests: 4 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=eS1DOG1saWVwRTJ1STNSLlNZY3JjTXJzdDVHaFJhbUtMRX5B&
Frame ID: 7B5722CC714354BE0034C7579C74919C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=7625412597159132983&gdpr=0&gdpr_consent=
Frame ID: 86C17AEBC919FE5F4FA2EF82C33E09D2
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Frame ID: 9E0BB190B7C9402FCD05BB8AB049CE51
Requests: 1 HTTP requests in this frame

Frame: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 681A93F72BEDAE141D42AD776071ACC0
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Frame ID: 8BA9594EBEDEC10B6287DE05374BA179
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Frame ID: 5A560FDA8FD7A4D826B1BB18FE1461FD
Requests: 3 HTTP requests in this frame

Frame: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 543F754A4F3ACC61EBD0A85614898FAE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_lSxCYtmoYsYGTgAIwAQ&v=APEucNWGKRMR6rY8V_ZzEzKOsNVNRFGwQF2gExvUU5-EYp5HOL5TWJ87JEsq1PUbD98ut_6yR-stbFSOgIe1v4XAfKg-RgN5RY0nTqOKJ4QQ_BbYl-AmI8c
Frame ID: 34287233345EE1BF701E517DA260D691
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 15E54C8F5A6F4DDEC8078EB7101CAA12
Requests: 23 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D21648002e00e80a7%26uid%3D
Frame ID: 75A0B50B7C0B95060E06B87B4E8705BD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Frame ID: 7B6C30A77631CE1AA8C721FEE7E3CBAB
Requests: 4 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D21648002e00e80a7%26uid%3D&s=190243&C=1
Frame ID: 1D9A0D43696436B67060BAF57D1791B7
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: DD5B6343DB8E4F09F99FEF2DA14B408E
Requests: 31 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Frame ID: 02221615CFCA3085FB8264B2DDE686A9
Requests: 12 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=eplanning&uid=AA7NNaOm5s-M4Czd
Frame ID: FA9611A885F88E6FBDC2D2A420BF330D
Requests: 1 HTTP requests in this frame

Frame: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7ED01135AB45FC285BB1163212404230
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_lSxCYtmoYsYGTgAIwAQ&v=APEucNV9mCp5iENgqe0CSEjUXNdKLRGYYLFwmblwEEv-lNw43m1p745ZtkjOCYAbV81mW2BoGnMXxVCgLBaPNRUgjnpuKHtfI7daERZ_1VBSXnohWXRyzuI
Frame ID: 20208F5BCBCF86A8C1BFFA20562B2AA6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: BC07448CB053A0FE41B2460A0E698D94
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_lSxCYtmoYsYGTgAIwAQ&v=APEucNX7Xv0acWc9GmsplqBPOYt6UJevuUEA1_uNVC_3uBYG8IAY8o78l2UVDjzlyoEid1M2bTIppnVdQb6PvRwyxraIhBg1JUiz0whTTOcUXjn-cVxAfEg
Frame ID: C5E9F7C86E3460DC547C92516DD160F4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: ACA588F26049C8D1A13B61B239EF8A6D
Requests: 22 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=5601850442688953787&gdpr=&gdpr_consent=
Frame ID: 8664A657FF5A499C15D9EC3CAF0C1957
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83YmRiY2IxOC03ZDUyLTRmM2UtYmUwNy05YmUzODVhOTE1ZWQ=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 39E1B64C9A13B82A54E3A8429F97B3B0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: B1E266647E6D6D9234FBBEBA6C628662
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 15FB54FBDCAC6F20EB65CE1A3E0DBF90
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZWtq3cCo8XkAACFF9JQAAAAA
Frame ID: 6A022F163123EF20A44CFF7C5C3ADD2E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=oEXCCcN2jo7_Fex7d7JdS6YgXe3QI3Iuca0aTj6OCoU&pi=gumgum&tc=1
Frame ID: E07EC308424B31DD23263429BC16DC70
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 4CC05E1D60909D60C775827BCDBD01F7
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 57DAAC80A4BE8DAA7FF6FB3A0CAB3FCC
Requests: 16 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 50351856CEDECA95BA6FEC599250CEC5
Requests: 1 HTTP requests in this frame

Frame: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A8C07CD1088ECD7422F13A68F93B9B04
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 62B8CFF501A43B8347CA2B3EBC185B95
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 3776A6A99D4794CEF2B3DDBFADB30CF1
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: EEA188B768973AC7BE7934902F4187ED
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 45F118AA71E7265140ACEE4E0F47E8D6
Requests: 3 HTTP requests in this frame

Frame: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 928D971D853F953B7537E7F35637BA31
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyntKMDEMPxn9gEGJyD-v4BMAE&v=APEucNXH2gjFJOCsHTMgUDLe_azb3sYwz0wVb7ki-RQIlDxXXI2XO9xhmIjE8CwLdY9AtfKwmYJuikIC-De1yNIEyX_eBtZ2Pg
Frame ID: 8562C9959CAC52E735C6A0613AE26707
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: F8ACD30AE5E9C5B95EE5C6FB516BC157
Requests: 1 HTTP requests in this frame

Frame: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D5B1793614EAA6F0B4CDFAAEF4C2CD52
Requests: 28 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 7E30513D0D5686934E5525B089A7857E
Requests: 15 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: D66A0F98CB1E3F1BFCF00F161EB1457B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 6E80F901E1A50FE8AA8D29E62B0450DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYhJGGvQEwAQ&v=APEucNUBsZlSSaKlxS31yOyEZRUQVWxzmNd4VscYugnq7xYTkygqQca014vOX9cI3qZVl0lINC_Evlt2-_YtVit79WTnv7qfHg
Frame ID: 532C75718670BCE72AEDD60930692953
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 515D5EDD93DF18589DE90CE5EB48CB13
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BCCA9E7567CB024219F26A69494085B3
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 73F41C8FE83210DE9966EAF3B3D07B1C
Requests: 9 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 67098AC0A1856426BEBC707DE8527835
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1B08C6AB87D7DFD2E00F0CC595760295
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6DF32880150D6A8EE0655148292DC379
Requests: 7 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 13B9064C778AA97026927E43C8D13B24
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Frame ID: 1C9CDF2DA8EA6A6C0E283CE44FDE7A3A
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4fd6bb8359078cf2%26uid%3D
Frame ID: B935EA4E755D3D6F600836987CF16EEE
Requests: 7 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4fd6bb8359078cf2%26uid%3D
Frame ID: 94CEDB10E0DD91F7578838BBBE426ACF
Requests: 10 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 31E413C32A5061E969C65B46221CCDB0
Requests: 3 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=eplanning&uid=AA7NNaOm5s-M4Czd
Frame ID: E7C0ECB5C23E2ED0D0C22C18562E09B5
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&gdpr=0&gdpr_consent=
Frame ID: 61D875B738FD8E9FA84B2A43FAD4B26A
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A96D88F4276BEFEC752C0B05B0F1CAE7
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 789B61CDE0B79F7CD11DAF6CA0D1FF26
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 418FF747FF0A5B47CA21D0F26C9C2937
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9F68658DE08F4C9D99328411EBF0F593&gdpr=0&gdpr_consent=
Frame ID: CC38E4738E58F003AA0A91F751BCB331
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2309410440
Frame ID: 7C39C01410F72AFC445184788FB1DD02
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=4fd6bb8359078cf2&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: EFC6E65AB99F5C31BBCB1D13F853DCEB
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=4fd6bb8359078cf2&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: 927461C6392D43F9D8B52CFED9753D82
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: D8FC24DC7D90FE0BFC4F12CD554D26F3
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 38FA66A9E3748551A34EEBDBB664EC00
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 4FAAE9EB5F7FEED459FE72ED59D08BD0
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Frame ID: A63AACA1C8E91C393C818BE1D8B073DB
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: D792FC87A53F58A506D3ADD6D5BE41FD
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 4F036B0337AA41F2AF77E679E831541D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3D58CDDC058E4D66E8653E1E6B668FA7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: F66A45FD589C3F6B2A75E8A53A64247F
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.apkshub.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 01D022CE9F0A4AD016916D57541CB677
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: FB00874331E2CFD0F4F19A1CB7B33A19
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 6AD36FEE57ECD46527328E94279774A1
Requests: 10 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: E6B206871D70D22AF25BE4433807E857
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: F51C75B26EEEADABE2A2DCDC69A42FBC
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Frame ID: 5ACFB23A95DE60B7E5F0602A23F5981F
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Frame ID: 1C2EB0AD57398C307AE2B5BDDEE1B92D
Requests: 11 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Frame ID: 0D5C050214027C9D91B13F89F94EE670
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 6CE51E2110856D766D38B4BC53AA3278
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 2C636B98699F74B84056D01F727B7E5F
Requests: 11 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: C99FE960F64090E66E5347300203AD1F
Requests: 5 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 24F803333E945685896A090549978DC6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/3589463590391086894
Frame ID: B6E283E94D54C0A29A29DD26035182C9
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: E71C038E458E3C54B8AA9BABAADD09BE
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UID0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: B22B2505E8A2743073313267301384A9
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/7476920855595883743
Frame ID: B32EC2CDCB79167011A12A65BC834F03
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LPOC3RIX-4-J7RK?gdpr=0
Frame ID: 5FB252D7E376C0C7080448CA3D8F81BD
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: 0E75D80266913E1AE6334BE5F37D1BFA
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UID0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: 6E747A3F967CBDD51F89FBF6863158C3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 85DA58D915D6A4620580CDDBD9B125BA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: 7802B774725D68D4A3D835E0C7FA86D5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/ba99305a-3117-49d4-ba16-96cae3c64a39&partner_id=1010
Frame ID: 01852D91DFE6AE68A188B2ADBBD1DD66
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/a6d9120a-65f5-414b-af26-c2b72408b1bf
Frame ID: 172379152F3E9C3DDEA9D273A884B2CB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: 841FFC4D84DAB6CCCC160E91F0417F2E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: D60A89CA7F07B02A55ED944CC6632DA3
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/5601850442688953787
Frame ID: 7BF1521975DE5019B2E113C66C9899A0
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: BD01BA959C6315DEA271C820FA189CB5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/oEXCCcN2jo7_Fex7d7JdS6YgXe3QI3Iuca0aTj6OCoU?pi=smilewanted
Frame ID: F78ABF50FACAAB9219721477E686883F
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=21648002e00e80a7&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: BB789F399F3EAE23BD7CC1593D154C1A
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=21648002e00e80a7&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: FE7C5343E67D7D65EA51C4D1E85CF3FA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: 0CDDFFBD4207D9114005DD1CE6C437A9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: 25DCC6BA8C8351480046FB90CFF29392
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: 628907A13E68202B709724EADDB5361B
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Frame ID: 6D64892103084EA3D6A5A0FE1886FA44
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Five Nights at Freddy's 2 (com.scottgames.fnaf2) 2.0.4 APK Download - Android APK - APKsHub

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

769
Requests

74 %
HTTPS

23 %
IPv6

141
Domains

222
Subdomains

134
IPs

16
Countries

4184 kB
Transfer

10236 kB
Size

191
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://undefined/?ref=www.apkshub.com
Title: Valueimpression

Search URL Search Domain Scan URL

URL: https://en.apkshub.com/app/com.scottgames.fnaf2

Search URL Search Domain Scan URL

URL: https://cn.apkshub.com/app/com.scottgames.fnaf2

Search URL Search Domain Scan URL

URL: https://ru.apkshub.com/app/com.scottgames.fnaf2

Search URL Search Domain Scan URL

URL: https://ja.apkshub.com/app/com.scottgames.fnaf2

Search URL Search Domain Scan URL

URL: https://ko.apkshub.com/app/com.scottgames.fnaf2

Search URL Search Domain Scan URL

URL: https://pt.apkshub.com/app/com.scottgames.fnaf2

Search URL Search Domain Scan URL

URL: https://it.apkshub.com/app/com.scottgames.fnaf2

Search URL Search Domain Scan URL

URL: https://nl.apkshub.com/app/com.scottgames.fnaf2

Search URL Search Domain Scan URL

URL: https://de.apkshub.com/app/com.scottgames.fnaf2

Search URL Search Domain Scan URL

URL: https://es.apkshub.com/app/com.scottgames.fnaf2

Search URL Search Domain Scan URL

URL: https://fr.apkshub.com/app/com.scottgames.fnaf2

Search URL Search Domain Scan URL

URL: https://tw.apkshub.com/app/com.scottgames.fnaf2

Search URL Search Domain Scan URL

URL: https://ar.apkshub.com/app/com.scottgames.fnaf2

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 121

https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y HTTP 302
https://redirector.googlevideo.com/videoplayback?expire=1701556018&ei=0lprZbaHDO6FsfIP0JyV8AE&ip=184.164.141.146&id=o-AMcR2dair95m7tRmV_W6Nm0SU4Vdf3nHy7TuNfP05Wms&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=d6&mm=31%2C29&mn=sn-2puupm-2pue%2Csn-p5qlsndk&ms=au%2Crdu&mv=u&mvi=1&pl=21&spc=UWF9f5cHXm5o5xxQ7DcX0DH0hGiNEOTjeilTfIZa1_CPMXb7u1ly&vprv=1&svpuc=1&mime=video%2Fmp4&ns=3dGCytTVK17PVwHnRJ9At60P&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&mt=1701533887&fvip=3&fexp=24007246&c=WEB&sefc=1&txp=6219224&n=opIKeMHdDmQzrmSAL2&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAJ_mngTv1aWhz3fXwxobLe6jD2dJz58QSldHYxgIEL-vAiABT96ZHH3SapGwxvVpAk7HWp-N9XzrdDFfy0-MlwxP4Q%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AM8Gb2swRQIgEqy2D9Z0bXnAWZ9iqR9YdcOWgUsRFgJBvnvcvU611f8CIQDnRSM586V1N2_fnZCkWI4_wov_zRbZGcduRzzQAGKYmQ%3D%3D HTTP 302
https://r2---sn-1gi7znek.googlevideo.com/videoplayback?expire=1701556018&ei=0lprZbaHDO6FsfIP0JyV8AE&ip=184.164.141.146&id=o-AMcR2dair95m7tRmV_W6Nm0SU4Vdf3nHy7TuNfP05Wms&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f5cHXm5o5xxQ7DcX0DH0hGiNEOTjeilTfIZa1_CPMXb7u1ly&vprv=1&svpuc=1&mime=video%2Fmp4&ns=3dGCytTVK17PVwHnRJ9At60P&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&sefc=1&txp=6219224&n=opIKeMHdDmQzrmSAL2&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAJ_mngTv1aWhz3fXwxobLe6jD2dJz58QSldHYxgIEL-vAiABT96ZHH3SapGwxvVpAk7HWp-N9XzrdDFfy0-MlwxP4Q%3D%3D&cms_redirect=yes&mh=d6&mip=2a05:ad00:b:0:129::1&mm=31&mn=sn-1gi7znek&ms=au&mt=1701538165&mv=m&mvi=2&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIhAOoK5a7Ek8-RevzCyinvZfJYccpS1TAhLJshv4T_Xan6AiBi3CnytArgL2tCrw4aO2PiWTyugUFqFm1j2_fG21yTHQ%3D%3D

Request Chain 123

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu

Request Chain 124

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu

Request Chain 125

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu

Request Chain 127

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_pm-db5_ppt_n-vmg_n-baidu_n-Beeswax_smrt_3lift HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_pm-db5_ppt_n-vmg_n-baidu_n-Beeswax_smrt_3lift&dcc=t

Request Chain 139

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CBk_BAhNbQQTTT8HCEkkUglNPFETGj9XDU7Ixhy_

Request Chain 140

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7476920855595883743&gdpr=0&gdpr_consent=

Request Chain 141

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7308052309189916812&gdpr=0&gdpr_consent=

Request Chain 142

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_f6a135e4-a0e0-478b-9274-f18e342a5f23&bsw_param=cc77a4b6-7e95-47ed-ba32-09569fa94366&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 143

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=w0SheZI2Xk5mBkU8GEz5-rnDR90&gdpr=0&gdpr_consent=

Request Chain 144

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDbktVN0sxdFlBQUJQNDN0ZU1uZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AADVBE7K1tYAABRxDUIUDA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3589463590391086894&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AADVBE7K1tYAABRxDUIUDA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3589463590391086894%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3589463590391086894&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADVBE7K1tYAABRxDUIUDA&pid=558502&do=add&gdpr=0 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADVBE7K1tYAABRxDUIUDA&gdpr=0&gdpr_consent=

Request Chain 145

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd60c7dc45aab4510b9137b80f9bd3457

Request Chain 146

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWtq2wAEAN3S7QBU

Request Chain 147

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 149

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=460297751196113367

Request Chain 150

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685631101846490

Request Chain 153

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=1eabccd56dee0d80/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbnghjjQVUQnnaQSa%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=3e4651007b929497695f86809be6efcb&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNOvcHvPGbnghjjQVUQnnaQSa%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbnghjjQVUQnnaQSa&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CrKgn5kxSlCdLLSYtcYtsA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CrKgn5kxSlCdLLSYtcYtsA%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 157

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&gdpr=0&gdpr_consent=&ct=y

Request Chain 158

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3842127081

Request Chain 159

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZTdidUtBTURVaVpSSU9ReC1aTWRkSVV1QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=5601850442688953787&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEFCMkEwOUYtOTkzMS00QTUwLTlEMkMtQjQ5OEI1QzYyREIw&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEFCMkEwOUYtOTkzMS00QTUwLTlEMkMtQjQ5OEI1QzYyREIw&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAyfX5PYo4jU8uhYVojPqjg&google_cver=1

Request Chain 163

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1679370238320300561

Request Chain 166

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-yuR0IzJE2uW9cCtqs4m1jYO9x5eVB7c-~A&gdpr=0

Request Chain 167

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=39848f0e-25d7-4e62-9bf6-4c502ae54504-656b6adb-4348&gdpr=0&gdpr_consent=

Request Chain 168

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3e02b1b3a15d18f9&is_secure=true&networkId=17100&version=1&nuid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIZtbDYCV83wNL98ZJAAAAAAA&expiration=1701624923&nuid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

Request Chain 169

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3426970496280146106&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

Request Chain 170

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:39505c59-85b8-41ed-9d88-2b270e17ad7d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

Request Chain 201

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LPOC3RIX-4-J7RK HTTP 302
https://u.4dex.io/setuid?bidder=rubicon&uid=LPOC3RIX-4-J7RK

Request Chain 206

https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=adagio&zcc=1&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D&cb=1701538523797 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=6444313528 HTTP 302
https://sync.1rx.io/usersync/turn/3210797714166362298?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-87f50603-7304-436c-a0d6-9713341d1547-003

Request Chain 212

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=429f70146d

Request Chain 213

https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=cc77a4b6-7e95-47ed-ba32-09569fa94366

Request Chain 214

https://trace-eu.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=baidu.com&id=9d9fcb00faa355bb2myzw400lpoc3rpb

Request Chain 215

https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
https://s.amazon-adsystem.com/ecm3?id=AADVBE7K1tYAABRxDUIUDA&ex=beeswax.com

Request Chain 218

https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1

Request Chain 219

https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=eS1DOG1saWVwRTJ1STNSLlNZY3JjTXJzdDVHaFJhbUtMRX5B&

Request Chain 220

https://ssbsync.smartadserver.com/api/sync?callerId=2 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=7625412597159132983&gdpr=0&gdpr_consent=

Request Chain 222

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=En2Ay5koQJqqk8WQKHgSzg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=En2Ay5koQJqqk8WQKHgSzg

Request Chain 223

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPOC3RIX-4-J7RK

Request Chain 225

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LPOC3RIX-4-J7RK&ex=d-rubiconproject.com&status=ok

Request Chain 226

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRhNGU0ZTdiOTVjNTM2ZjZkOTkwYTQ5NTkwODM2N2I1Yzk5YjEwNQ

Request Chain 227

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBPQzNSSVgtNC1KN1JL HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELWO4sqrFhNmsNBOcSkk8ec&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBPQzNSSVgtNC1KN1JL&google_push=

Request Chain 228

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7eTyeR6DRkeUG9oyuX1iOw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7eTyeR6DRkeUG9oyuX1iOw

Request Chain 229

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBOLnMLjtRwE5MZ5vk53b00&google_cver=1

Request Chain 230

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/PcHs7Aj-8u_LpVbIWfZhTA?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-77snHqtE2oK2rkxOVgl.eQTGbkabgilPALNN9w--~A

Request Chain 231

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACnKU7K1tYAABP43teMng&expires=30

Request Chain 232

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPOC3RIX-4-J7RK

Request Chain 233

https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPOC3RIX-4-J7RK

Request Chain 234

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LPOC3RIX-4-J7RK

Request Chain 235

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=73c56baa-ff6c-4dd2-9835-7afda27df592&expires=30

Request Chain 236

https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPOC3RIX-4-J7RK

Request Chain 237

https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPOC3RIX-4-J7RK HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPOC3RIX-4-J7RK

Request Chain 238

https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
https://capi.connatix.com/us/pixel?puid=LPOC3RIX-4-J7RK&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://capi.connatix.com/us/pixel?puid=LPOC3RIX-4-J7RK&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

Request Chain 239

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LPOC3RIX-4-J7RK

Request Chain 240

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPOC3RIX-4-J7RK&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPOC3RIX-4-J7RK&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS16QWtFMTZkRTJ1RWxNMER6MXJTX0hjRjB6XzNBWlhHSX5B&ovsid=LPOC3RIX-4-J7RK&dpid=58160

Request Chain 241

https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=w0SheZI2Xk5mBkU8GEz5-rnDR90

Request Chain 242

https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5601850442688953787

Request Chain 243

https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=a77d3f7e-ac3b-48f5-a8a6-953a11b916b7

Request Chain 245

https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag HTTP 302
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LPOC3RIX-4-J7RK

Request Chain 246

https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7476920855595883743&expires=30

Request Chain 247

https://ad.turn.com/r/cs?pid=6 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3354912902242218170&expires=60&gdpr=&gdpr_consent=

Request Chain 248

https://sync.1rx.io/usersync2/rubicon HTTP 302
https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1701538523820 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=6993363111 HTTP 302
https://sync.1rx.io/usersync/turn/3282855308204290234?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-87f50603-7304-436c-a0d6-9713341d1547-003

Request Chain 250

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13 HTTP 302
https://s2s.t13.io/setuid?bidder=rubicon&uid=LPOC3RIX-4-J7RK

Request Chain 252

https://pixel.rubiconproject.com/exchange/sync.php?p=17404 HTTP 302
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LPOC3RIX-4-J7RK

Request Chain 253

https://pixel.rubiconproject.com/exchange/sync.php?p=unruly HTTP 302
https://sync.1rx.io/usersync/rubicon/LPOC3RIX-4-J7RK HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-87f50603-7304-436c-a0d6-9713341d1547-003?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-87f50603-7304-436c-a0d6-9713341d1547-003%26expires%3D30 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-87f50603-7304-436c-a0d6-9713341d1547-003&expires=30

Request Chain 254

https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media HTTP 302
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LPOC3RIX-4-J7RK

Request Chain 255

https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain HTTP 302
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LPOC3RIX-4-J7RK&obUid=&initiator=

Request Chain 256

https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LPOC3RIX-4-J7RK&name=RUBICON

Request Chain 257

https://token.rubiconproject.com/token?pid=49096 HTTP 302
https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LPOC3RIX-4-J7RK HTTP 303
https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LPOC3RIX-4-J7RK&_li_chk=true&previous_uuid=4200375b68f2413ab31712775a432e8b HTTP 303
https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LPOC3RIX-4-J7RK

Request Chain 258

https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage HTTP 302
https://cs.yellowblue.io/cs?aid=11590&id=LPOC3RIX-4-J7RK

Request Chain 259

https://pixel.rubiconproject.com/exchange/sync.php?p=33across HTTP 302
https://ssc-cms.33across.com/ps/?xi=1&xu=LPOC3RIX-4-J7RK

Request Chain 260

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZWtq2wAEAN3S7QBU

Request Chain 261

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9F68658DE08F4C9D99328411EBF0F593&expires=365

Request Chain 264

https://token.rubiconproject.com/token?pid=2046&pt=n&a=1 HTTP 302
https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=h4Y-O8bHEUGfZj3iLco-sw HTTP 302
https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=5165c7de783217a6&is_secure=true&networkId=12783&version=1&nuid=h4Y-O8bHEUGfZj3iLco-sw HTTP 302
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAIIqB3HY551gNfTgjrAAAAAAA&expiration=1701624924&nuid=h4Y-O8bHEUGfZj3iLco-sw&is_secure=true

Request Chain 265

https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
https://ads.yieldmo.com/sync?pn_id=rc&id=LPOC3RIX-4-J7RK

Request Chain 266

https://a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180

Request Chain 267

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-medianet HTTP 302
https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LPOC3RIX-4-J7RK

Request Chain 268

https://dsp.adfarm1.adition.com/cookie/?ssp=7 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7308052309189916812&expires=730

Request Chain 269

https://pixel.rubiconproject.com/exchange/sync.php?p=17184 HTTP 302
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LPOC3RIX-4-J7RK

Request Chain 271

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LPOC3RIX-4-J7RK&gdpr=0

Request Chain 272

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7476920855595883743

Request Chain 273

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=84f5155833b72adc0b840d57bc3cc8d&gdpr_consent=&gdpr=0

Request Chain 276

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZatXz_K2z7Q0mxx8NfLAeQXy59sQx0w

Request Chain 277

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=6962760741807292268

Request Chain 279

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Tx0ADkrITnFBu9UNNJmJf4xYkAQixkBaofFW09ylYGU

Request Chain 280

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

Request Chain 281

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOPJXS8gbBJUICGddrqwsyQ&google_cver=1

Request Chain 282

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-KuInPo5E2uH5FkXlU86gwtKb8.kaWe.RTNUNfmc-~A

Request Chain 284

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-3317370914640937370 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=e5535dcc-f3db-5250-8c3c-4e97e957244b&ssp=onetag&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 286

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=RURNWlhmOG10Z3FhQ3NkLXV5RG56Zw&gdpr=0&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEDiTzIvlkJGnIQUvAlB0NC0&google_cver=1

Request Chain 287

https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=60b9992c590117a6&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAIP8JSS0KhngMP6n3EAAAAAAA&expiration=1701624924&nuid=&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 296

https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID

Request Chain 297

https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ice.360yield.com/ul_cb/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://u.4dex.io/setuid?bidder=improvedigital&uid=ba99305a-3117-49d4-ba16-96cae3c64a39

Request Chain 298

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu

Request Chain 315

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D21648002e00e80a7%26uid%3D%24UID HTTP 302
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=21648002e00e80a7&uid=7476920855595883743

Request Chain 316

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D21648002e00e80a7%26uid%3D%24UID&partner=eplanning HTTP 302
https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MjE2NDgwMDJlMDBlODBhNyZ1aWQ9dWEtMTZkM2YyODAtYmEzYS0zZTdmLWJlNDgtNmUyMDVlNDdhNWYzMgIOEjgB&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://ssp.disqus.com/match?bidder=14&buyeruid=7476920855595883743&r=Cid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MjE2NDgwMDJlMDBlODBhNyZ1aWQ9dWEtMTZkM2YyODAtYmEzYS0zZTdmLWJlNDgtNmUyMDVlNDdhNWYzMgIOEjgB&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MjE2NDgwMDJlMDBlODBhNyZ1aWQ9dWEtMTZkM2YyODAtYmEzYS0zZTdmLWJlNDgtNmUyMDVlNDdhNWYzMgIOEjgC HTTP 302
https://ssp.disqus.com/match?bidder=18&buyeruid=cd0b382c-a65f-4465-b1cd-9585907a0170&r=Cid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9MjE2NDgwMDJlMDBlODBhNyZ1aWQ9dWEtMTZkM2YyODAtYmEzYS0zZTdmLWJlNDgtNmUyMDVlNDdhNWYzMgIOEjgC HTTP 302
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=21648002e00e80a7&uid=ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3

Request Chain 317

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D21648002e00e80a7%26uid%3D%5BUID%5D HTTP 302
https://u-ams03.e-planning.net/um?dc=e52415579699e09f&fi=21648002e00e80a7&uid=cd0b382c-a65f-4465-b1cd-9585907a0170

Request Chain 318

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D21648002e00e80a7%26uid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D21648002e00e80a7%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://u-ams03.e-planning.net/um?dc=ff96d1aa62deeebd&fi=21648002e00e80a7&uid=dbbef681-1b7e-4be7-90ef-3aacc3b7bd28

Request Chain 319

https://x.bidswitch.net/sync?ssp=eplanning HTTP 302
https://cs.videowalldirect.com/81a66732ddece2b186cdce7b6a45cef8.gif?puid=cc77a4b6-7e95-47ed-ba32-09569fa94366&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D472%26user_id%3D${UID}%26ssp%3Deplanning%26bsw_param%3Dcc77a4b6-7e95-47ed-ba32-09569fa94366%26gdpr%3D%26gdpr_consent%3D%26gdpr_pd%3D

Request Chain 321

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu

Request Chain 322

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D21648002e00e80a7%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D21648002e00e80a7%26uid%3D&s=190243&C=1

Request Chain 345

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWtq3MY2JQc-5CL6qMuo0QAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELX2rNLMzFfY7DxZJ3NV2uY&google_cver=1

Request Chain 346

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEH3DDMtemtHQhvBbGguh7Y&google_cver=1

Request Chain 349

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=&gdpr_consent=&us_privacy=

Request Chain 350

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JBo77Qk51R9tTK5

Request Chain 351

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

Request Chain 356

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D273bb8a6-4099-483a-750f-05534654a0c0%26reqId%3D8a098ad8-9616-41ee-4a2a-578c66e1bc55%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=405b38aa-3058-4119-81e5-ae5bca179a45&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Request Chain 361

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D273bb8a6-4099-483a-750f-05534654a0c0%26reqId%3D8a098ad8-9616-41ee-4a2a-578c66e1bc55%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Request Chain 363

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=273bb8a6-4099-483a-750f-05534654a0c0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D273bb8a6-4099-483a-750f-05534654a0c0%26reqId%3D8a098ad8-9616-41ee-4a2a-578c66e1bc55%26zdid%3D1361 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=273bb8a6-4099-483a-750f-05534654a0c0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D273bb8a6-4099-483a-750f-05534654a0c0%26reqId%3D8a098ad8-9616-41ee-4a2a-578c66e1bc55%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=21955394203947692791556598419646193350&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Request Chain 365

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D273bb8a6-4099-483a-750f-05534654a0c0%26reqId%3D8a098ad8-9616-41ee-4a2a-578c66e1bc55%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=7308052309189916812&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Request Chain 367

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=273bb8a6-4099-483a-750f-05534654a0c0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D273bb8a6-4099-483a-750f-05534654a0c0%26reqId%3D8a098ad8-9616-41ee-4a2a-578c66e1bc55%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?webouuid=4AxG0ABYOTXS5hQBKw1mbO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Request Chain 368

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D273bb8a6-4099-483a-750f-05534654a0c0%26reqId%3D8a098ad8-9616-41ee-4a2a-578c66e1bc55%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=3589463590391086894&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Request Chain 369

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=273bb8a6-4099-483a-750f-05534654a0c0?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?pid=3e4651007b929497695f86809be6efcb&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Request Chain 370

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
https://mwzeom.zeotap.com/mw?cid=y-nu8510BE2oqeFhgW98NAX8Ly54dufLtFOw--~A&zpartnerid=570&env=mWeb

Request Chain 371

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=CHE&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CHE&zdid=1361&cid=U37HnBLYKocDjye%2Fs%2Bp4KB3%2FoQlQfel%2B%2BS41iYitP1U%3D

Request Chain 375

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D273bb8a6-4099-483a-750f-05534654a0c0%26reqId%3D8a098ad8-9616-41ee-4a2a-578c66e1bc55%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZWtq2wAEAN3S7QBU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Request Chain 377

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Request Chain 378

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=273bb8a6-4099-483a-750f-05534654a0c0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=273bb8a6-4099-483a-750f-05534654a0c0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361&dcc=t

Request Chain 380

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D273bb8a6-4099-483a-750f-05534654a0c0%26reqId%3D8a098ad8-9616-41ee-4a2a-578c66e1bc55%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Request Chain 381

https://pixel.rubiconproject.com/token?pid=41544&puid=273bb8a6-4099-483a-750f-05534654a0c0&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=LPOC3RIX-4-J7RK&env=mWeb&zpartnerid=1770&gdpr=0

Request Chain 383

https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=0&gdpr_consent=&partner_user_id=273bb8a6-4099-483a-750f-05534654a0c0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361 HTTP 302
https://mwzeom.zeotap.com/mw?cid=9_BJrPekG6zspEmv96BS-vakSvns80n_8qf6wMP7&env=mWeb&zpartnerid=1875&gdpr=0&gdpr_consent=&idmatch=0&initiator=zt&gdpr=0&gdpr_consent=&partner_user_id=273bb8a6-4099-483a-750f-05534654a0c0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Request Chain 384

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEPoPdWZiCXalQTm8bqUFs-I&google_cver=1 HTTP 302
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEPoPdWZiCXalQTm8bqUFs-I&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=5c4b1d4836243e37378eaeeb8bacebbe&uid=5c4b1d4836243e37378eaeeb8bacebbe&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

Request Chain 398

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBtpG7ikj5Fbzsq9Lu8qohU&gdpr=0&google_cver=1 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBtpG7ikj5Fbzsq9Lu8qohU&gdpr=0&google_cver=1&ang_testid=1

Request Chain 399

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0 HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEFDtxMX65i3jaEpw831e5kI&google_cver=1&gdpr=0

Request Chain 400

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=7476920855595883743

Request Chain 401

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_7bdbcb18-7d52-4f3e-be07-9be385a915ed&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=5ff53495-c341-4cbc-b412-cbfcda5e18bb&ssp=gumgum2&bsw_param=cc77a4b6-7e95-47ed-ba32-09569fa94366 HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 402

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=f4ae74ec-7d85-4783-8e28-15b692e4188b

Request Chain 403

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-c344a179-9236-5e4e-6606-453c184cf9fa$ip$185.195.71.221

Request Chain 404

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-qeo5tahE2pekAZY18lDhsvdWSdC7zabNaA5_~A

Request Chain 405

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=73c56baa-ff6c-4dd2-9835-7afda27df592

Request Chain 407

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_7bdbcb18-7d52-4f3e-be07-9be385a915ed&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=

Request Chain 408

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=qNYNIJZGIGkZ&ev=1&pid=558355

Request Chain 409

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=3589463590391086894

Request Chain 411

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
https://rtb.gumgum.com/usersync?b=adf&i=5601850442688953787&gdpr=&gdpr_consent=

Request Chain 415

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZWtq3cCo8XkAACFF9JQAAAAA

Request Chain 416

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=oEXCCcN2jo7_Fex7d7JdS6YgXe3QI3Iuca0aTj6OCoU&pi=gumgum&tc=1

Request Chain 417

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 418

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=eplanning_eu&khaos=LPOC3RIX-4-J7RK HTTP 302
https://sync.e-planning.net/um?uid=LPOC3RIX-4-J7RK&dc=9bcc91305985f0db&iss=1

Request Chain 423

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBtpG7ikj5Fbzsq9Lu8qohU&gdpr=0&google_cver=1 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBtpG7ikj5Fbzsq9Lu8qohU&gdpr=0&google_cver=1&ang_testid=1

Request Chain 424

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0 HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEFDtxMX65i3jaEpw831e5kI&google_cver=1&gdpr=0

Request Chain 445

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=a6e1656b-6adc-4600-9c10-55aaabba5f12&gdpr=0&gdpr_consent=

Request Chain 446

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LPOC3RIX-4-J7RK&gdpr=0

Request Chain 447

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=84f5155833b72adc0b840d57bc3cc8d&gdpr_consent=&gdpr=0

Request Chain 449

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZbwEjcUtHM_MQKHpwQhuJEwYvdkS33g

Request Chain 450

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=3589463590391086894

Request Chain 452

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Ot5T0Q2hRNAJT2WeZAcE-63L0ivngP9bVJ7MMzOPz6U

Request Chain 453

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

Request Chain 454

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAn6iFtsf6DnRBmq98MstFs&google_cver=1

Request Chain 455

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-KuInPo5E2uH5FkXlU86gwtKb8.kaWe.RTNUNfmc-~A

Request Chain 457

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=e5535dcc-f3db-5250-8c3c-4e97e957244b&ssp=onetag&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 459

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LPOC3RIX-4-J7RK HTTP 302
https://usersync.gumgum.com/usersync?b=mag&i=LPOC3RIX-4-J7RK

Request Chain 509

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELX2rNLMzFfY7DxZJ3NV2uY&google_cver=1

Request Chain 510

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWtq3MY2JQc-5CL6qMuo0QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELX2rNLMzFfY7DxZJ3NV2uY&google_cver=1

Request Chain 511

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHPTsg1oMvOtSoCHheuqdaU&google_cver=1

Request Chain 512

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3NjkyMDg1NTU5NTg4Mzc0Mw%3D%3D

Request Chain 525

https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://u.4dex.io/setuid?bidder=improvedigital&uid=ba99305a-3117-49d4-ba16-96cae3c64a39

Request Chain 540

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZcOQwpa985xmnDWuNea4W439C0CU83Q

Request Chain 541

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=YXpHpSb83ng3QZR3QifiksztwZU6G8Malu8ug4b3tdA

Request Chain 544

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=2&uid=LPOC3RIX-4-J7RK&gdpr=0

Request Chain 545

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=3&uid=84f5155833b72adc0b840d57bc3cc8d&gdpr_consent=&gdpr=0

Request Chain 547

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
https://onetag-sys.com/match/?int_id=107&uid=3589463590391086894

Request Chain 549

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

Request Chain 550

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAn6iFtsf6DnRBmq98MstFs&google_cver=1

Request Chain 551

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
https://ad.360yield.com/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=cc77a4b6-7e95-47ed-ba32-09569fa94366&r=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D446%26user_id%3D%7BPUB_USER_ID%7D%26ssp%3D{SSP}%26gdpr%3D{GDPR}%26gdpr_consent%3D{GDPR_CONSENT}%26ssp%3D{SSP}%26bsw_param%3D{BSW_PARAM} HTTP 302
https://x.bidswitch.net/sync?dsp_id=446&user_id=ba99305a-3117-49d4-ba16-96cae3c64a39&ssp=onetag&gdpr=0&gdpr_consent=&ssp=onetag&bsw_param=cc77a4b6-7e95-47ed-ba32-09569fa94366 HTTP 302
https://onetag-sys.com/match/?int_id=30&uid=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 554

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFpfaHcpeynWzYh4X2lWdPs&google_cver=1

Request Chain 555

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmZmYzAzNTYtOWNlNy0yMTcxLWZjYjMtNWZlMjkwNTZkN2Fk

Request Chain 556

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEMq-Wom92snkgYT1xY-tAms&google_cver=1

Request Chain 557

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDhmYmEwY2EtZGMwYi00YzE1LWEzZTgtNGQxM2FkOTYxYzY4

Request Chain 574

https://um.simpli.fi/gp_match?google_gid=CAESEIr8tkXS5Tr85NMviEYBgHQ&google_cver=1&google_push=AXcoOmTc2gtJKPbSgwrQdEcFXnHzXKJPekh9L-dKndRj63_p8rKqwUvMotvnxVFZMXtXYfNvHYx7eQYrhXlmqcEj9DQDd2MzimooANmw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9F68658DE08F4C9D99328411EBF0F593&google_push=AXcoOmTc2gtJKPbSgwrQdEcFXnHzXKJPekh9L-dKndRj63_p8rKqwUvMotvnxVFZMXtXYfNvHYx7eQYrhXlmqcEj9DQDd2MzimooANmw

Request Chain 575

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEKH0RmPxS0RgU-kxHAIgdD4&google_cver=1&google_push=AXcoOmQC6mH9LcPU3_yl0i7P3bVzB1vEPEcw4PTLp3U3_P88ZiWJG9etdY2psz0iyuGMQ3YmMsPiJwqZYAqA36_onJTezgnAKlU9LEc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=OYSPDiXXTmKb9kxQKuVFBGVrats

Request Chain 576

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOhSd4n7qFR5aQZCAJfC-o8&google_cver=1&google_push=AXcoOmQ9ewJTIUrk4kNx7-tmacl-7L_kbDBMgtli2M5wG4Mr02_2Hg-io1Zd5DmBiIHytt5X86Q6Xa-98x1IjAs0Gg39GBQibsKuk6r5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTYwMTg1MDQ0MjY4ODk1Mzc4Nw&google_push=AXcoOmQ9ewJTIUrk4kNx7-tmacl-7L_kbDBMgtli2M5wG4Mr02_2Hg-io1Zd5DmBiIHytt5X86Q6Xa-98x1IjAs0Gg39GBQibsKuk6r5

Request Chain 577

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELkSqx8H-qKpXgR7Pm6YIJw&google_cver=1&google_push=AXcoOmRwiTKmxYWlwX6pUsXxvAz5QiB_2-BIY4giAND4FZURNeZVIga4YycxabC1Gf0Dw8AuqtsGHly5OhSQSQpQu7NRunkr4VwzgiYB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZetkt6gYlmH3vEJVtLmjRuh5tjf63tA&google_push=AXcoOmRwiTKmxYWlwX6pUsXxvAz5QiB_2-BIY4giAND4FZURNeZVIga4YycxabC1Gf0Dw8AuqtsGHly5OhSQSQpQu7NRunkr4VwzgiYB

Request Chain 579

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHHw5rc62y2rnusSkVc01Bc&google_cver=1&google_push=AXcoOmRRsNoOkIV_BtOfJHhbqlNxcuLipatT3H1Fy_6uJOL_xb1Q2FOuDbVbGjs_6eBW7D4Gsm8QFz9khQMdMe4x7BYxHeiCYGd5xzyGfA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=OTJhMzU0YTUtNmZlNy00ZTcyLWE2NDUtNTI1NTUwYjRkNGVl&google_push=AXcoOmRRsNoOkIV_BtOfJHhbqlNxcuLipatT3H1Fy_6uJOL_xb1Q2FOuDbVbGjs_6eBW7D4Gsm8QFz9khQMdMe4x7BYxHeiCYGd5xzyGfA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 607

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEIkLTGMUQ0apo4sGlr7M0aw&google_cver=1&google_push=AXcoOmSHuK4ekQaiAAkfjAmpNUUUVtdwrh61YXO__tQ8ltD2_SvENsnG7b9va2o38Qrxyfee1_DaBZKhb1x2ju_B6AIoTz9wtHMRqJ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=859583548143&us_privacy=1---

Request Chain 608

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDLhdweFlX5H6JFbwQs2NqU&google_cver=1&google_push=AXcoOmSe4janqNRDoRQsqIxxBmLjgqhktaxkrYawqDkPkUH7xY5Y_8zxqfS1DJq-Ef6_5qQeXKUMUoCuY7WPp_CQt1pWaXzIwPix8lo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=w0SheZI2Xk5mBkU8GEz5-rnDR90&google_push=AXcoOmSe4janqNRDoRQsqIxxBmLjgqhktaxkrYawqDkPkUH7xY5Y_8zxqfS1DJq-Ef6_5qQeXKUMUoCuY7WPp_CQt1pWaXzIwPix8lo

Request Chain 609

https://trace.mediago.io/cs/google?google_gid=CAESEDoAI4K8E9TQm6gfavKJcxQ&google_cver=1&google_push=AXcoOmTBs6HrYQJJbtd01Wdb3Yy7HzTfKnmRJaCRMhG3-UjZwc-7T2mDDfuzR7pwQBvwrT0YuUiM1Ai2hjNciv9Giltb6T-uwLX7ED6j HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTBs6HrYQJJbtd01Wdb3Yy7HzTfKnmRJaCRMhG3-UjZwc-7T2mDDfuzR7pwQBvwrT0YuUiM1Ai2hjNciv9Giltb6T-uwLX7ED6j&google_hm=9d9fcb00faa355bb2myzw400lpoc3rpb

Request Chain 620

https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://u.4dex.io/setuid?bidder=improvedigital&uid=ba99305a-3117-49d4-ba16-96cae3c64a39

Request Chain 623

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4fd6bb8359078cf2%26uid%3D%24UID HTTP 302
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=4fd6bb8359078cf2&uid=7476920855595883743

Request Chain 624

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D4fd6bb8359078cf2%26uid%3D%24UID&partner=eplanning HTTP 302
https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NGZkNmJiODM1OTA3OGNmMiZ1aWQ9dWEtMTZkM2YyODAtYmEzYS0zZTdmLWJlNDgtNmUyMDVlNDdhNWYzMgIdIDgB%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://ssp.disqus.com/match?bidder=29&buyeruid=qNYNIJZGIGkZ&r=Cid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NGZkNmJiODM1OTA3OGNmMiZ1aWQ9dWEtMTZkM2YyODAtYmEzYS0zZTdmLWJlNDgtNmUyMDVlNDdhNWYzMgIdIDgB&gdpr=&gdpr_consent=&ev=1&us_privacy=&pid=562894 HTTP 302
https://ads.betweendigital.com/match?bidder_id=45188&callback_url=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D32%26buyeruid%3D%24%7BUSER_ID%7D%26r%3DCid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NGZkNmJiODM1OTA3OGNmMiZ1aWQ9dWEtMTZkM2YyODAtYmEzYS0zZTdmLWJlNDgtNmUyMDVlNDdhNWYzMgIdIDgC&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://ssp.disqus.com/match?bidder=32&buyeruid=e5535dcc-f3db-5250-8c3c-4e97e957244b&r=Cid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OGQyYjNjMzQmZmk9NGZkNmJiODM1OTA3OGNmMiZ1aWQ9dWEtMTZkM2YyODAtYmEzYS0zZTdmLWJlNDgtNmUyMDVlNDdhNWYzMgIdIDgC HTTP 302
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=4fd6bb8359078cf2&uid=ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3

Request Chain 625

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D4fd6bb8359078cf2%26uid%3D%5BUID%5D HTTP 302
https://u-ams03.e-planning.net/um?dc=e52415579699e09f&fi=4fd6bb8359078cf2&uid=cd0b382c-a65f-4465-b1cd-9585907a0170

Request Chain 626

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4fd6bb8359078cf2%26uid%3D%24%7BUID%7D HTTP 302
https://u-ams03.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4fd6bb8359078cf2&uid=3a4d5f53-ec0f-4c3c-82df-c54edbefdb40

Request Chain 627

https://x.bidswitch.net/sync?ssp=eplanning HTTP 302
https://cs.videowalldirect.com/81a66732ddece2b186cdce7b6a45cef8.gif?puid=cc77a4b6-7e95-47ed-ba32-09569fa94366&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D472%26user_id%3D${UID}%26ssp%3Deplanning%26bsw_param%3Dcc77a4b6-7e95-47ed-ba32-09569fa94366%26gdpr%3D%26gdpr_consent%3D%26gdpr_pd%3D

Request Chain 633

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWtq3MY2JQc-5CL6qMuo0QAA%265166&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-iUS8xd9IcCUlI_TFYhEPgCe0cFKeaagUgWD4WQ

Request Chain 634

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7476920855595883743

Request Chain 636

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB

Request Chain 639

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

Request Chain 640

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=3589463590391086894&gdpr=0&gdpr_consent=

Request Chain 642

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D273bb8a6-4099-483a-750f-05534654a0c0%26reqId%3Dbb3c3443-8175-48a0-701b-410725c52256%26zdid%3D1361 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=bb3c3443-8175-48a0-701b-410725c52256&zdid=1361

Request Chain 648

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9F68658DE08F4C9D99328411EBF0F593&gdpr=0&gdpr_consent=

Request Chain 649

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2309410440

Request Chain 652

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 653

https://pixel.onaudience.com/?partner=214&mapped=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 675

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtMTZkM2YyODAtYmEzYS0zZTdmLWJlNDgtNmUyMDVlNDdhNWYzMgIYBjgB&gdpr=&gdpr_consent=

Request Chain 677

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7476920855595883743

Request Chain 680

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=e5535dcc-f3db-5250-8c3c-4e97e957244b

Request Chain 681

https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=smaato&uid=429f70146d

Request Chain 683

https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=

Request Chain 688

https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1

Request Chain 695

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dSEpwnV1e8JudSnBdXEylHR1KpduIimRcHZsTPN_

Request Chain 696

https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=84f5155833b72adc0b840d57bc3cc8d&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo1a91_7309179327098850208&gdpr=0&gdpr_consent= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/84f5155833b72adc0b840d57bc3cc8d?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-J2kI1P5E2oMhBR.8K_vtBzsZachjorXJN6o1mYcm~A HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1

Request Chain 697

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADVBE7K1tYAABRxDUIUDA&expiration=1702748126

Request Chain 698

https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2a26c756cd8a4d1a9330ac946f062be5&expiration=1704130526

Request Chain 699

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=26e4b729-9c95-c5fd-e4893fcb

Request Chain 700

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685631101846490

Request Chain 701

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=2c891469-bd4a-4bb3-ab5b-efab3a251bf6

Request Chain 704

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/smart/3589463590391086894

Request Chain 705

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZdrANFj9lsi4Qri_QO5XSGFSzwerftQ

Request Chain 709

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3RuEIfZWE5pVkpzOahyCdiY4x5Kbueb5I_imtt2lVcs

Request Chain 711

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAn6iFtsf6DnRBmq98MstFs&google_cver=1

Request Chain 718

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717349727&external_user_id=5f46de92-5cf5-48b5-982e-e8ad5fc21f60

Request Chain 719

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://casale-match.dotomi.com/match/bounce/current?DotomiTest=4d7cccbdb7be160f&is_secure=true&networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI30aiSltglgMVomr_AAAAAAA&expiration=1701624926&is_secure=true

Request Chain 720

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWtq2wAEAN3S7QBU

Request Chain 721

https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2a26c756cd8a4d1a9330ac946f062be5&expiration=1704130526

Request Chain 722

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dSEpwnV1e8JudSnBdXEylHR1KpduIimRcHZsTPN_

Request Chain 723

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685631101846490

Request Chain 727

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzNDgyNjc1MzkzMDgxMTEwMDE5 HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 728

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGYs20n3y5dXqQeAqwL7AHw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 729

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzNDgyNjc1MzkzMDgxMTEwMDE5

Request Chain 731

https://pr-bh.ybp.yahoo.com/sync/triplelift/263482675393081110019?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-6C7.dwFE2oREoKYDRBAXDh4I.K9ZndBkVYFtLryflQ--~A&dongle=0883

Request Chain 732

https://x.bidswitch.net/sync?ssp=triplelift&user_id=263482675393081110019&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=cc77a4b6-7e95-47ed-ba32-09569fa94366 HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=8fa3e66d-b499-4ce2-a188-1252cb75862d&expires=10&ssp=triplelift&bsw_param=cc77a4b6-7e95-47ed-ba32-09569fa94366 HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=cc77a4b6-7e95-47ed-ba32-09569fa94366&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 733

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
https://eb2.3lift.com/xuid?mid=2711&xuid=a77d3f7e-ac3b-48f5-a8a6-953a11b916b7&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 734

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=7476920855595883743&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 736

https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7476920855595883743

Request Chain 737

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LPOC3RIX-4-J7RK?gdpr=0

Request Chain 742

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/improve/ba99305a-3117-49d4-ba16-96cae3c64a39&partner_id=1010

Request Chain 743

https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/openx/a6d9120a-65f5-414b-af26-c2b72408b1bf

Request Chain 751

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

Request Chain 752

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
https://cs.yellowblue.io/cs?aid=11601&id=84f5155833b72adc0b840d57bc3cc8d&gdpr_consent=&gdpr=0

Request Chain 760

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
https://csync.smilewanted.com/set_partner_userid_get/adform/5601850442688953787

Request Chain 761

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

Request Chain 762

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/oEXCCcN2jo7_Fex7d7JdS6YgXe3QI3Iuca0aTj6OCoU?pi=smilewanted

769 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request com.scottgames.fnaf2 Show response
www.apkshub.com/app/ 27 KB
6 KB 989ms
918ms Document
text/html 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d844175cdc7a949081c01bbbce67a099356ac79849bdb14940a55cfcc793b1a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82f5536cfbbe5a37-MXP
content-encoding: br
content-type: text/html;charset=utf-8
date: Sat, 02 Dec 2023 17:35:22 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVySt4eD9BEx%2BnI03fB8Bt5t7CuAbChHDp7%2FyqO175uZ%2BCYIKGPgVibYi45qr04wN5QA3kE5be6hDRLmXd8o8IRkcFUS65PKvU8zH5ai%2FDMv2N3hGkhUpKwyiVJUv7u0XIWVQtJ%2Bz9sD%2FTi2wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@3.3.5/dist/css/ 120 KB
21 KB 127ms
49ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@3.3.5/dist/css/bootstrap.min.css

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 209481
x-jsd-version: 3.3.5
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230040-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1deac-CN+alnUoUvLL0xDDD6zZNONIwsU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0a8MMydogyTQlpChZydCVdiPjhvfvNHQ%2BHOaUG0ngGfC0wcWeAVWd7J4rz2IGi%2FUezXqUNoKhkUgGJb3C%2FFxTH2DllRWUNw1U6WN9%2B%2B1b72KMn8xTDTQxYx5sGwhFBghhUfnKPyI1JBK1ExrFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82f553734ad4f0f4-CDG

GET
H2 200 style.css
data.apkshub.com/static/default/v2.0/css/ 8 KB
3 KB 47ms
36ms Stylesheet
text/css 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.apkshub.com/static/default/v2.0/css/style.css?v=7.26
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 272fb8e382ca42f5b11511636060e56efcb90c14988ad7e481bf2400b8315828

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 21 May 2022 14:22:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1598
etag: W/"6288f589-20ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1kSYsPYQLPfXiTWntvL0c9xlfR39jbdO%2BsHv1l0bjeWKD6IV4dYkAJCQR0UmpS99fBDriaiAe603LOen1ibDSHQj44YW8ITA7jbkKKrMBT9hKNN8q5S3EyuOa1eP28JG%2BJq%2FOEz3Lq1YcAwLEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82f55372dae55a37-MXP

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
85 KB 142ms
48ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8LBPJ6Z73J

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c54259592950ef92bdf8c614c72b79cbd4d8f856ba856c043dbfe9aa6b89d4aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86173
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 02 Dec 2023 17:35:22 GMT

GET
H2 200 / Show response
services.vlitag.com/adv1/ 577 KB
148 KB 146ms
51ms Script
application/javascript 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/adv1/?q=43a6dfe2491263fe039981440d2187da
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0421a13273e4583854901974b299337322cfed7fd0b7d57c89f5d7d2bbe6a614

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 650
cf-polished: origSize=590927
etag: W/"43a6dfe2491263fe039981440d2187da 2023-11-30T22:56:08 v1 default"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, stale-while-revalidate=3600
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f553742fdcbad0-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 404 us.png
www.apkshub.com/images//static/default/v2.0/images/ 561 B
561 B 702ms
702ms Image
text/html 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images//static/default/v2.0/images/us.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40eee74ab5df21b739864ab1ddaeb36db5064885f2c7a17fcc0e5dabf0fcf01

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8c8HsV4sqjv59CGYksLBgTq8cb4xv3UX5g6LROQB3%2F93eqPnhv%2BuDzWb3r9FgM9w1bebe1YUGIuiVnRYXjAALzH8V0SkscHH1Tk7J7iOH0XFW69e1L%2B%2FjJmBqQ04mIZyRpHKsEVwu0vgp3Radg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 82f55372cad15a37-MXP

GET
H2 404 cn.png
www.apkshub.com/images//static/default/v2.0/images/ 561 B
561 B 688ms
688ms Image
text/html 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images//static/default/v2.0/images/cn.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40eee74ab5df21b739864ab1ddaeb36db5064885f2c7a17fcc0e5dabf0fcf01

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYrVYiQa1rvrexgy%2FlqTbKdqHlA3TTUH3H%2F1iDxPKVMyPRaS5CjWZTJWzBvjU1nwwthHlK%2FRqZ67Q4oMK85ESC6U6klkIgCVMK0GwPEGAZ9cuKdypYRskUhxIv5nT04gPNpLL5KDQYkLT35vUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 82f55372cad25a37-MXP

GET
H2 404 ru.png
www.apkshub.com/images//static/default/v2.0/images/ 561 B
561 B 777ms
772ms Image
text/html 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images//static/default/v2.0/images/ru.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40eee74ab5df21b739864ab1ddaeb36db5064885f2c7a17fcc0e5dabf0fcf01

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxweVu%2F%2FrPLs71U8Iiw7XKX1J5GzZHWQs2DO6BZ0OyMJ2v95lc33AFsIDNL89QvcqLE3QT4INf1PFEirR7B2fRCND4cTWTMXodqHEDRNoX74sqTluHl8vTPvqkuuNYGwlzULh2e%2BtNFC5cCiqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 82f553739c155a37-MXP

GET
H2 404 jp.png
www.apkshub.com/images//static/default/v2.0/images/ 561 B
561 B 776ms
771ms Image
text/html 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images//static/default/v2.0/images/jp.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40eee74ab5df21b739864ab1ddaeb36db5064885f2c7a17fcc0e5dabf0fcf01

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=movA4ymT7%2Bl7spAs5a8tHgmwovtnn1JjKrYeAqy3uudrTgtpM9ToNG150m6GS%2FdCVkBCKl4uosmV6QZ7522NRXB9R1JGwCDGbPTeAdPxm6oBARIEAf8rEM1IWmVl37u3ypCcNAHLlxMzHXLAnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 82f553739c165a37-MXP

GET
H2 404 ko.png
www.apkshub.com/images//static/default/v2.0/images/ 561 B
561 B 712ms
707ms Image
text/html 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images//static/default/v2.0/images/ko.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40eee74ab5df21b739864ab1ddaeb36db5064885f2c7a17fcc0e5dabf0fcf01

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sa8TVJc9%2Bma2YCsA%2FIS4oEkEyqXL7fP3nr1nAKdhjtFpT6YqZS2ySyZYyLDia06pcMCQWVUv%2FQMIaUs%2Bc1EImP%2FpAm9LxYvhbPmrnOjsZkHnfiYHP8WhfCmL%2BeJcmTglOutqp4HeetpPpyhGUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 82f553739c175a37-MXP

GET
H2 404 br.png
www.apkshub.com/images//static/default/v2.0/images/ 561 B
561 B 764ms
760ms Image
text/html 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images//static/default/v2.0/images/br.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40eee74ab5df21b739864ab1ddaeb36db5064885f2c7a17fcc0e5dabf0fcf01

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFfwZf5HCwNiZAxczap2K3dwzTmseTk71HaZiifUxPqciuwFIgLpuOGSUfblHm0glebaCYDvW%2BP36gCwKb7iabTzr6KikZ5S4USC6FwIOVMm6Ry3gqmLr9y%2BkPW2vgl%2FWcOlS30eVRcgtDeaLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 82f553739c1c5a37-MXP

GET
H2 404 it.png
www.apkshub.com/images//static/default/v2.0/images/ 561 B
561 B 768ms
764ms Image
text/html 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images//static/default/v2.0/images/it.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40eee74ab5df21b739864ab1ddaeb36db5064885f2c7a17fcc0e5dabf0fcf01

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1vBdsK4NvuE%2F8J%2FANOs%2BzoQ6QL3xaqQSoMgohfhhQ8qnO4fDtsDWjGnrhMbuZg0RQSDucmF84ZLkRCy%2B6oykOzSPt%2Fty20Pxa%2F%2BS%2B0lvTTuMop%2B8A34t62RFG5HA6Mdw9J7nCT5giG3Gu5MnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 82f553739c1d5a37-MXP

GET
H2 404 nl.png
www.apkshub.com/images//static/default/v2.0/images/ 561 B
561 B 704ms
701ms Image
text/html 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images//static/default/v2.0/images/nl.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40eee74ab5df21b739864ab1ddaeb36db5064885f2c7a17fcc0e5dabf0fcf01

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SrLm4H6NGbwtooS9J5YvqfGA9u5E3Pogli%2F5Vfm%2B1Inzatarcto1QV%2F7BuBRdyK6pnyvWEb%2B1CnTFcQo6Cb3jECi3RMCQWkepcunb72KzCFGdr3cYvLcgsuXKzUUVnFeWOlsKy3TvzedBcLbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 82f553739c1e5a37-MXP

GET
H2 404 de.png
www.apkshub.com/images//static/default/v2.0/images/ 561 B
561 B 705ms
702ms Image
text/html 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images//static/default/v2.0/images/de.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40eee74ab5df21b739864ab1ddaeb36db5064885f2c7a17fcc0e5dabf0fcf01

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltnnpbFRCe5%2FuOwzLI34e%2BlaRoOepnb3ry8nWiO2eLyAc21HZ10crisVuK%2BeJb%2F3WKKdBaDHEKPHphYTe3EZM5SErFKssxH225DJFfMnyOlRb9GMhhCJ72UFbHVze6Urm2MDHPG7A3H5a%2F6UlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 82f553739c205a37-MXP

GET
H2 404 es.png
www.apkshub.com/images//static/default/v2.0/images/ 561 B
561 B 744ms
741ms Image
text/html 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images//static/default/v2.0/images/es.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40eee74ab5df21b739864ab1ddaeb36db5064885f2c7a17fcc0e5dabf0fcf01

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbybjW7Lo2E2UeeeI0vKzw1J0aIUgNiliSHkgUMdJpsGfjLqdVC1mx5gZUzuic1JyAswkpAy8uqMSr3mu36g6YKLM1jwipTDqbADY5BK2dRnC0sSfa8h2MVZewqmdIUzVOt8L%2BLDlwErzpJLHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 82f55373ec725a37-MXP

GET
H2 404 fr.png
www.apkshub.com/images//static/default/v2.0/images/ 561 B
561 B 1952ms
1949ms Image
text/html 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images//static/default/v2.0/images/fr.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40eee74ab5df21b739864ab1ddaeb36db5064885f2c7a17fcc0e5dabf0fcf01

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zH8nzqfFx270Y7OSRu3DeS5z6JvahgSb2qZtARZL8kRoI3Hrjn3TxUCLm%2BEeTS0SfjCks3yEZfz9zwLlViE5wSQG7613qICsoWiVV3zoFJjgcwy6TrGGId5vfgiXhygRjnJisrlgXK70mbChTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 82f55373ec745a37-MXP

GET
H2 404 tw.png
www.apkshub.com/images//static/default/v2.0/images/ 561 B
561 B 808ms
805ms Image
text/html 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images//static/default/v2.0/images/tw.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40eee74ab5df21b739864ab1ddaeb36db5064885f2c7a17fcc0e5dabf0fcf01

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZzioci%2BnfMsiI2p%2BF2s6zWyUnf93zzYTH7ZYNyqE90peCKq3CnMvVhUSY4v8IE3YUA8nY%2Ba%2BpO5mbEnLk0BLmE9StYlX09IvJfety%2FidEENASeC%2BjMYCSZVOwO2N9t2L1PaBoXfreFvqVQmhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 82f55373ec755a37-MXP

GET
H2 404 ar.png
www.apkshub.com/images//static/default/v2.0/images/ 561 B
561 B 1375ms
1372ms Image
text/html 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images//static/default/v2.0/images/ar.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40eee74ab5df21b739864ab1ddaeb36db5064885f2c7a17fcc0e5dabf0fcf01

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyiibZeF6xcx0cuQ%2FiPGLUkGbAcP5CPw5r7xDQIRRWQIrLNLY49cUC8h8ctE27u8n4mNBCE60m%2FblEuJHZfMEUKeMgSsdEJ9lykRt7tFdljpF3Qv%2FTBMOnpvHX%2Fx1P%2BdSlXebU4QZJhEM8po8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 82f55373ec785a37-MXP

GET
H2 200 lazy.png
data.apkshub.com/static/default/v2.0/images/ 679 B
1 KB 86ms
83ms Image
image/png 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.apkshub.com/static/default/v2.0/images/lazy.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b70160b597fbdb2090591ecf892f97e7d99f25dfa89157f4f1fe7e82b899e81

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Sep 2018 00:52:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 230342
etag: "5b9b0639-2a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBRGn2XkZSoTey3TbJx0QW5k%2Bh8S6kHq1NdXLeC9Aet2gHKWzsz8xNJ7rQC4db31s5eZV4zkkrhtycU6bNOSFx%2BEU2nGzI%2Bu9o5l7YsEcNE5yzVc0ZsCjZ2re9gUexD6ygbO6FxzOsREiWtHSH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 82f55373ec795a37-MXP
content-length: 679
expires: Sat, 30 Dec 2023 01:36:20 GMT

GET
H2 200 chart
chart.apis.google.com/ 819 B
1 KB 405ms
254ms Image
image/png 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.apis.google.com/chart?cht=qr&chs=100x100&choe=UTF-8&chld=L|1&chl=https://www.APKShub.com/down/com.scottgames.fnaf2_2.0.4_free

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GoogleChartAPI/1.0 /

Resource Hash

e55310cbf1550b028f86cfb856943f2f77c120c0ed66a00a29b8abe9de41afa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2018 18:35:04 GMT
server: GoogleChartAPI/1.0
age: 0
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 819
x-xss-protection: 1; mode=block
expires: Fri, 01 Dec 2023 07:40:13 GMT

GET
H2 200 icon.png
www.apkshub.com/images/71/com.scottgames.fnaf2/ 24 KB
24 KB 943ms
940ms Image
image/png 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images/71/com.scottgames.fnaf2/icon.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47dd2d1723b3ffee0626fb3014a0a683c300102cc9e575c9893f806a5b79fb05

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sun, 05 Nov 2023 12:18:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65478801-5e8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4n7uRMOGBO%2BJP1NeZSYlqzgrP9%2BX4MifDqn4IF5l%2BolTLK5m2t3EvPnqXanRn4jlZFot2RwO63o9QAvLPTcXvlcZJ%2Bt50zQiugp5clD5rQar07V0GSPYbHzlnr82nvIexOIanmgldJeQ%2BaPKyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55373ec7b5a37-MXP
content-length: 24206
expires: Mon, 01 Jan 2024 17:35:22 GMT

GET
H2 200 icon.png
www.apkshub.com/images/80/com.moonlab.unfold/ 4 KB
4 KB 748ms
745ms Image
image/png 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images/80/com.moonlab.unfold/icon.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 515a2fc6bcecf6176ec179fa5eccd0c5cbb6b399d02a8cee0309becb805c5298

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 01:05:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65498d59-fcf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BF4HxQYnMgyssLqsLdD9%2B5XdHwSnn%2BAGrvOBjMzrjCBs%2FCT6CHiXnM28DEbQNgewBcXa7ftLuPvTkLV%2BV2kCgndYKIRmS5YTa5mO1vXtINKX5muwlagHPU0PcpCgG%2FdKItpFMQrU0%2Fs72U7zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55373ec7d5a37-MXP
content-length: 4047
expires: Mon, 01 Jan 2024 17:35:22 GMT

GET
H2 200 icon.png
www.apkshub.com/images/94/com.loopsie.android/ 14 KB
15 KB 1804ms
1801ms Image
image/png 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images/94/com.loopsie.android/icon.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f4034612f472fae8295438cff564e7aa58b90d5d2e87ad9e4ce4515a3ca59b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sun, 05 Nov 2023 12:21:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654788cf-3978"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uf5QL1fnWTtc0U0%2Bu%2Ffimn9ZLMjPkUiU0W8O2lffZ8TOxcnSqJbBs9ih1quhEVmM18yE6%2FDozvqo8LiNqoUc%2BQxoa9I0HR4YHeVTVHhIvcbvhXamF63NJpNtokRs0atl9p%2FO4eKpGFcO%2BPfdig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55373ec7e5a37-MXP
content-length: 14712
expires: Mon, 01 Jan 2024 17:35:23 GMT

GET
H2 200 icon.png
www.apkshub.com/images/d3/in.tank.corp.smrpro/ 2 KB
2 KB 792ms
790ms Image
image/png 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images/d3/in.tank.corp.smrpro/icon.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce1240a47c8662b49addc7fc13128a5d24a3d626912b94196bd38f3bc0e7eec5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
cf-cache-status: MISS
last-modified: Sun, 05 Nov 2023 12:22:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6547890f-616"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Gq5XCAXjjkcUoIZm2qw%2F%2Fmgf9hfFRYsV3gr96U4r0z2duYzsPdhZ4kATzWIj5cdzFuQYtqrnTG8PERUWrEqea8rGIyBes%2FNzUiu2LUlN2qt%2BkE8%2FHADajB8NIH%2FtZeCX%2BpLsooCrqGSni4ltw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55373ec805a37-MXP
content-length: 1558
expires: Mon, 01 Jan 2024 17:35:22 GMT

GET
H2 200 icon.png
www.apkshub.com/images/c4/info.qdd/ 10 KB
10 KB 87ms
85ms Image
image/png 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images/c4/info.qdd/icon.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e50deea73239bac5e2eb32861eca1c7385ffaa92bb798e9ba5d6513185aa35d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Nov 2023 12:21:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 176549
etag: "654788de-278e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDfxjI36%2BwpkFa5mLn9pf8Ap72WKPm3smfAiz9f2pmBJGAbt%2FWGceMHXJZpn7GRJa2zKAVOwlOyISPFuRPZaSTLsdy16CHg3F5W4Z08hlsaRfxpJyDCj6nXrk61Cnn88NXPUnMjOptfMVEjeyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55373ec815a37-MXP
content-length: 10126
expires: Sat, 30 Dec 2023 16:32:53 GMT

GET
H2 200 icon.png
www.apkshub.com/images/94/com.vsco.cam/ 9 KB
9 KB 1149ms
1147ms Image
image/png 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images/94/com.vsco.cam/icon.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b852f9fdab8610a0ea94d7e9255cd720e15da0961937bd0c452ae8c48e71166

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 01:07:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65498dbb-2323"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldJb5XEfMv165jxjiaTzHlRpWEfH6u3t5CU%2FeghjZk59jHTkzQZggKsCGPk7z6DCQdWAudktkka%2FcLGmLLmHrf56B425MznfF%2Bh%2B0hs1%2FbkjJYyD1kgRQivVVRAqfwKwsdpn8ukZUba7KOWKgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55373ec835a37-MXP
content-length: 8995
expires: Mon, 01 Jan 2024 17:35:23 GMT

GET
H2 200 icon.png
www.apkshub.com/images/1c/com.instagram.android/ 8 KB
9 KB 953ms
951ms Image
image/png 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images/1c/com.instagram.android/icon.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2377f402666c690ef66b0ae49bfec0c1d3b5a9c6265ba292b50f2d8f1268a0cd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 10:32:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654e06a2-2132"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlIivfGNV%2FudKPZ%2F7jz1Ymx0Cjk8ZOqQslP0pE2N1t3pJHmPdc86V4XbYHCRPJLMDaSdQiPM3n48%2F%2BC953TxQL5jSzVxgc8B9lM3b1itPuR%2FxJ6X91YzOaHL2Eo5fa4%2BAyYUotOIBRC%2FxYtWPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55373ec845a37-MXP
content-length: 8498
expires: Mon, 01 Jan 2024 17:35:22 GMT

GET
H2 200 icon.png
www.apkshub.com/images/d4/com.filmic.filmicpro/ 5 KB
5 KB 771ms
769ms Image
image/png 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images/d4/com.filmic.filmicpro/icon.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c46bb1ec4812a02696c3967c5f7ff39f30ff48ffa83ecf0d677f80563ff5fee7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
cf-cache-status: MISS
last-modified: Sun, 05 Nov 2023 12:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654788d0-13cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X32lameyYZ0%2FidVGuvQNTC%2BiU40z1UPNFmqt9kYCLRI%2FIBe04%2B2kO8K%2BzDKZQbxiz6zSQLDLObVVfQYMHWD1jp7qGW4asr9XozSTRfeXAFaFyjFvTKzeO5hmvRx4CP631vOuSjMmBGCLLD%2FqJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55373ec865a37-MXP
content-length: 5071
expires: Mon, 01 Jan 2024 17:35:22 GMT

GET
H2 200 icon.png
www.apkshub.com/images/ff/com.ryzenrise.xefx/ 7 KB
7 KB 759ms
757ms Image
image/png 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images/ff/com.ryzenrise.xefx/icon.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b793aa31e681ee560790883d8d071caf4abbaecea91d923737a582e8a887b0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
cf-cache-status: MISS
last-modified: Sun, 05 Nov 2023 12:24:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65478980-1a62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLqrx6ixqvVJ4PK63Avfonu%2BnKuHAQhiynRarLTadH4sZJ2iX81eE%2BO4Z2IAhWHcOOb%2FjK7p4ubh5Oms0ObkGlMJqJeFqD%2B5O7Z7IryMM6FTgRWXWBlNDfA6kmzSglB16J3Dvks%2BoO3YD6rgXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55373ec885a37-MXP
content-length: 6754
expires: Mon, 01 Jan 2024 17:35:22 GMT

GET
H2 200 icon.png
www.apkshub.com/images/f6/com.ss.android.ugc.trill/ 5 KB
6 KB 869ms
867ms Image
image/png 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images/f6/com.ss.android.ugc.trill/icon.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32daf5ad34af15eb8ea853325ec1838574e3a6d572c204950d42471cc2ceba94

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 01:06:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65498d7e-156a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvTN8pKf3QVjp3hQ0C5eZuO49PGxOXMxTP3afE1boQXQXHAvHgLaM57iDxIgO9PGngUrZGNOVe%2FRK6ceQOeI0OqwB42iRxip2LQfkIzmoHZqMwX8YYblmqmi2%2FeOpdmp%2F73LH7Fb4G7vvJOThw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55373ec895a37-MXP
content-length: 5482
expires: Mon, 01 Jan 2024 17:35:22 GMT

GET
H2 200 icon.png
www.apkshub.com/images/7e/com.camerasideas.instashot/ 3 KB
3 KB 270ms
269ms Image
image/png 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images/7e/com.camerasideas.instashot/icon.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e52116b5057d12864fc92bbde6def84e8c8b3de81cd4fadc11c6fd2e6d871566

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 01:06:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65498d85-c78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2Bi7X0e50wOEzBYWy6vbgCwzxnkVRFv0iF5OlJPo0Rt4rHtWuzA6Bap4gHsEf0XQ60EYFnRYT5T2xlEi1ueR7XzNSQwvtSF5gMEuDBQLd2nVqDyX609HQQBY4dfCmhdNoQR9WbAqigVEASsWGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55373ec8b5a37-MXP
content-length: 3192
expires: Mon, 01 Jan 2024 17:35:22 GMT

GET
H2 200 icon.png
www.apkshub.com/images/c0/com.ginnypix.kujicam/ 7 KB
7 KB 808ms
807ms Image
image/png 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.apkshub.com/images/c0/com.ginnypix.kujicam/icon.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b1ea87e0ba0c85d0db4d575decb47db062879f816c932974e6cde76fa1b5d64

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/app/com.scottgames.fnaf2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
cf-cache-status: MISS
last-modified: Sun, 05 Nov 2023 12:20:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "654788a2-1b40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHs1Q9If9Sz72n2upfTp9ligzJCxBr7zrPCQ%2FS%2FJV2817gJWxDaw8BVai7arIdLhLb0Nu37NEG6e6IKawj5i9R5clVu3SQU%2FxoxbkefQGyTaYLyTdZ%2FSD%2BR%2BDDowdjZXfYmCxcLDostWgVRuog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 82f55373ec8d5a37-MXP
content-length: 6976
expires: Mon, 01 Jan 2024 17:35:22 GMT

GET
H2 200 jquery.min.js Show response
data.apkshub.com/static/default/v2.0/js/ 94 KB
34 KB 43ms
39ms Script
application/javascript 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.apkshub.com/static/default/v2.0/js/jquery.min.js
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3afe2506f4be133c507262befb28f5bf763bb5c0abbee031ed032f1877207a9c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Mar 2019 05:45:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5553
etag: W/"5c908203-17737"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xyCvPRcxq8k4dOAi9o0jF8XrUmAsQvARCHOAYpMB52kV2HHUUiSJ%2Bklh%2FW7qajvfj%2FmgHHYc3h70ZLWQR1FihPhuEe3eJD5w8yjm7NNA5tAkhhQc49XMQY922HT5EcatTDygr7AbZFBLh4nuzk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82f553739c0f5a37-MXP

GET
H2 200 bootstrap.min.js Show response
data.apkshub.com/static/default/v2.0/js/ 36 KB
10 KB 41ms
37ms Script
application/javascript 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.apkshub.com/static/default/v2.0/js/bootstrap.min.js?v=7.26
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Sep 2018 00:52:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1597
etag: W/"5b9b0639-8fd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xc%2BdR5NC6OtTZudDia96KNaHQXZJUAkAU7YEzd90PCUJZhdQIQk%2Fc0l7tfThxqrqOCQYefWHyOGmW1UebYAwAqNydBH%2FI4nUStWZReRcA4ia20iTT4PDt46%2F41TTSVnD8INHBX4EIlVmjvqh%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82f553739c195a37-MXP

GET
H2 200 jquery.lazyload.min.js Show response
data.apkshub.com/static/default/v2.0/js/ 3 KB
2 KB 40ms
36ms Script
application/javascript 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.apkshub.com/static/default/v2.0/js/jquery.lazyload.min.js?v=7.26
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93b47be8dc356454f920599dabd4ba6830e60776cae2f9b073b6c7732b4c8bcf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Sep 2018 00:52:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1597
etag: W/"5b9b0639-d36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXASjUgQn0GNcF9foib7AFRC2czznSFZ2nfDTAHVC%2F7zLVN4h3PjHLoMTC%2FYRxDhjsdlT%2FGJdycX4f65zjzWQ0r9jjip%2BSE%2BkicLw2ApkzsUr%2FR9j%2Fmup1p0XskDcDx5GWbv26FNKblD%2FArjLH4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82f553739c1a5a37-MXP

GET
H2 200 midstars.gif
data.apkshub.com/static/default/v2.0/images/ 2 KB
3 KB 87ms
86ms Image
image/gif 2606:4700:20::681a:f6e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.apkshub.com/static/default/v2.0/images/midstars.gif
Requested by: Host: data.apkshub.com
URL: https://data.apkshub.com/static/default/v2.0/css/style.css?v=7.26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f54e8d8a393619f067c4ce95451088f5c16b6cf2c1556e02da71421a131aa178

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://data.apkshub.com/static/default/v2.0/css/style.css?v=7.26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Sep 2018 00:52:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 962884
etag: "5b9b0639-8b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5bq7qCpEhHt%2BA6t4MmW6LyrGEXvIhqJ8F5jjnMtzWv7DMmIPSDbVo7o%2FxvYkXI6mOZ5HR57DgPsmUoL3gM5z%2FU02Ji0sFJS0q%2BEX%2BQkEPgtOOz8%2BDgJ7BxXofruk4XHQ3GXCa2kBTFz9XfMfPk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 82f55373ec8e5a37-MXP
content-length: 2229
expires: Thu, 21 Dec 2023 14:07:18 GMT

GET
H3 200 43a6dfe2491263fe039981440d2187da.json Show response
services.vlitag.com/cli/ 42 B
364 B 225ms
167ms XHR
application/json 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/cli/43a6dfe2491263fe039981440d2187da.json?hn=https://www.apkshub.com
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=43a6dfe2491263fe039981440d2187da
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a14ea17f2682304fed5de5dfbb6b722445882a6a6124f880cb64247815f3b79

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:22 GMT
cf-cache-status: BYPASS
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkshub.com
cache-control: private, no-cache, no-store, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f553754f11374a-MXP
content-length: 42
alt-svc: h3=":443"; ma=86400
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 116ms
44ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8LBPJ6Z73J&gtm=45je3bt0v882274045&_p=1701538522171&gcd=11l1l1l1l1&dma=0&cid=1865362612.1701538522&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701538522&sct=1&seg=0&dl=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&dt=Five%20Nights%20at%20Freddy%27s%202%20(com.scottgames.fnaf2)%202.0.4%20APK%20Download%20-%20Android%20APK%20-%20APKsHub&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1385
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8LBPJ6Z73J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vl.json Show response
services.vlitag.com/vld/1701537836/ 13 B
273 B 183ms
183ms XHR
application/json 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/vld/1701537836/vl.json?page_url=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=43a6dfe2491263fe039981440d2187da
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Dec 2023 17:35:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkshub.com
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537658ad374a-MXP
content-length: 13
alt-svc: h3=":443"; ma=86400

GET
H3 200 43a6dfe2491263fe039981440d2187da.json Show response
services.vlitag.com/obj/1701537836/ 47 KB
5 KB 177ms
177ms XHR
application/json 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/obj/1701537836/43a6dfe2491263fe039981440d2187da.json?cc=CH&hn=https://www.apkshub.com
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=43a6dfe2491263fe039981440d2187da
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c94adda0352d0a652a04a8266449bce9cdfce65353d5e97883cd8873fd32b05e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 02 Dec 2023 17:35:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkshub.com
cache-control: public, immutable, max-age=31536000
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537658ae374a-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 prebid-8.21.0.js Show response
assets.vlitag.com/prebid/default/ 615 KB
187 KB 59ms
49ms Script
application/javascript 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=43a6dfe2491263fe039981440d2187da
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 03 Nov 2023 08:25:02 GMT
server: cloudflare
age: 2132997
cf-polished: origSize=630565
etag: W/"6544ae5e-99f25"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 82f553779c16bad0-MXP
alt-svc: h3=":443"; ma=86400
expires: Fri, 03 Nov 2023 08:55:08 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
30 KB 179ms
111ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=43a6dfe2491263fe039981440d2187da

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3796e007a655cc496ddef6cc9580bde9921ae0233da542e95a72d437ded1acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30017
x-xss-protection: 0
server: cafe
etag: 55 / 19693 / m202311150101 / config-hash: 11152387477177976423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:22 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 141ms
69ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=43a6dfe2491263fe039981440d2187da

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128095
x-xss-protection: 0
expires: Sat, 02 Dec 2023 17:35:22 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
17 KB 49ms
39ms Script
application/javascript 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=43a6dfe2491263fe039981440d2187da
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
age: 394090
etag: W/"5dbbbcf2-9806"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 82f553779c17bad0-MXP
alt-svc: h3=":443"; ma=86400
expires: Thu, 09 Nov 2023 16:40:48 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 132ms
44ms Script
application/javascript 18.66.23.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=43a6dfe2491263fe039981440d2187da
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-147.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:09:48 GMT
content-encoding: gzip
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 c172ad3d6658cab7ff64a4a64dca4822.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, VIE50-P1
age: 1535
x-amz-server-side-encryption: AES256
etag: W/"08899ab5b5f986f64974630ad47b39a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 4rNf3ISgp2H9Q4stWyXHGX-S63vYyXMDJex_VTnZlnKB0erOyJmlcQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 116ms
39ms XHR
application/javascript 18.66.23.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-147.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 06:32:11 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 39793
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: flpxT5TRdOPomVo23fgJ4JsFFdfLSNncX3JMgWLkGyxPljZ99N6y2w==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 431 KB
135 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 10:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25248
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138149
x-xss-protection: 0
server: cafe
etag: 11558412289700915514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 01 Dec 2024 10:34:35 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 145ms
33ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.apkshub.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.apkshub.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sat, 02 Dec 2023 17:35:23 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 145ms
34ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.apkshub.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.apkshub.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sat, 02 Dec 2023 17:35:23 GMT

GET
H2 200 9cf0c4f1-7630-476b-9141-f4472e005192 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
803 B 104ms
30ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/9cf0c4f1-7630-476b-9141-f4472e005192
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 5d2d23253a5abf5ea87aa42d7c92c8fbbabb768cd742b28c90357a7aa7c1a01b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:09:52 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1531
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: rGADNlH8rdbnHddaHrThlN4FynS1X32hkUa7IQMKsy9i3xY9JqVVYg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 54ms
53ms XHR
text/plain 18.66.23.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.apkshub.com&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-147.vie50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:43:44 GMT
via: 1.1 c172ad3d6658cab7ff64a4a64dca4822.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 21099
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.apkshub.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: If3t93ZJEnVKQEcw01IwoS5CwLXw2IynmbYBOCvDFUhUECNZmTiDtg==

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 78ms
43ms Fetch
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231202

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a787d539cf38c44227edae3b32f9baffcccf721d2ada015b732e11bac0db170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5675
x-jsd-version: 1.0.1892
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230027-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"642-maGbSK4k2X9erGcOaUhCqMYsf3g"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvnOEgxl0ClYfW6W97GmnIr7EouhWdqQ72JUFjbQ1szodCYfBTZWgEN%2FVbNEwGYBzag0ppatswcsQekTkd%2Bq8VVEgpQvlxmr4fXjRZy9UBDfZ0m5j58%2BJN9X8WRuN%2F8Odo4lHACOudGmr6k%2B43w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82f5537949dbf108-CDG

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1020 B 101ms
34ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:23 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 384026
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VA2615zAQwM9ol0ckE0SJu9QOzTYIFMRVorfYOp6Lm%2B2rtiH3%2FokgcLvs%2BWw3rKz9RgspkIkeGWfSngz4UAp8lu7LkeRRe6flkXOTTOuqsiAFpPcCk7uYHEAbFMDoSYpH%2B4IZjGVvfS25dUm"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 82f553798c630e21-MXP

POST
H2 200 prebid Show response
mp.4dex.io/ 1 KB
1 KB 161ms
93ms Fetch
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc5869a8fcf8b8c1dfcc5bb3b3e8b9a8fc0b63eaf01526dc00ce7d43b97baefc

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Sat, 02 Dec 2023 17:35:23 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: vi_1638168752_1
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82f55379af7d2373-ZRH
expires: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
177 B 543ms
167ms Fetch 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 143ms
53ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:21 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
232 B 153ms
56ms Fetch 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 cdb Show response
bidder.criteo.com/ 23 KB
12 KB 363ms
290ms Fetch
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=1358062611&lsavail=1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0f6e082af52cd3f351fad18293ea3605b457b208d9fd0434dde112434c9b577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.apkshub.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
177 B 485ms
116ms Fetch 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-627DAB43EB48B629C7393DEE8BB6797&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=865eb601-bd05-4141-b1e8-28c13b0a23e2&u=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&host=www.apkshub.com&ucfUid=e7570e4a-9c64-4ccc-b687-d08c3592f5b7&w=728&h=90
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:22 GMT
access-control-allow-credentials: true
connection: close

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
314 B 137ms
76ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=705383
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be93d78fd0a8b4e87678f1fa28296b549f0d4e52d10304cdc69b4f0159dbe23

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgqN4%2FlU5ozjyHv%2F2%2Bjxoe%2FP%2BoRMKMTibJYruElObbOg%2FOUWVod4Z3J8aZbG1xWcGi25hHy5qUCsPcL5NvpQU88ij9oVTJ2l4%2FVaTItwJnyOiiB5Bfzroo3GvLI2uIPCcx1OpefX"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 82f5537999e001e7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
526 B 195ms
130ms Fetch
application/json 18.198.161.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.21.0&referrer=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&tmax=1000

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.198.161.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-161-106.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
accept-ch: sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
133 B 355ms
285ms Fetch 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f55379a9154c44-MXP
access-control-allow-methods: POST, GET

POST /
prebid.smilewanted.com/ 0
0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 183 B
623 B 292ms
204ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&pid=65qGvxp4PmMYS&cb=0&ws=1600x1200&v=23.1108.2350&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1638168752_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A68752%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&bb=[%221ny9kw%22]&schain=1.0%2C1!pubpower.io%2C2297%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

57bb55a201c0efe8bb9b3fed5fdde94f8e0abf66c6cd8d55032727998d15d670

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 3C4MVCNW5QYCHNJWXABJ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.apkshub.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 183
x-amz-cf-id: 0dAN5Aso30mpco9Dx7KiDdY0_R7_WScO0zI2YNQL_XSIjnmnSKQ4bg==

POST
H2 200 prebid Show response
mp.4dex.io/ 1 KB
1 KB 149ms
96ms Fetch
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc0ac44ac2fa8d93f1657e78b565718261fa8b48fcc7e3ec725586eadef53772

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Sat, 02 Dec 2023 17:35:23 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: vi_1638168752_2
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82f55379af942373-ZRH
expires: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
546 B 127ms
76ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=705383
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ebef1dfcd3e2dacac7ac9315e03fbfae2dbab02b370d7ae367a90ecaafce4d1

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQFAjb8gYae7qDiodrpomurMaZOHM3yDR0hgeNGKJxsTGrRD%2B6qobLx85C45UXoT7vKQaeUC28sSNBfjPm6PlkZjs2Nlw%2F%2F3N0dwf89t%2BgNrT8J618azcjNSyreBhUSw4nXtcvgE"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 82f5537999e101e7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
177 B 476ms
117ms Fetch 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-627DAB43EB48B629C7393DEE8BB6797&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=865eb601-bd05-4141-b1e8-28c13b0a23e2&u=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&host=www.apkshub.com&ucfUid=e7570e4a-9c64-4ccc-b687-d08c3592f5b7&w=728&h=90
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:22 GMT
access-control-allow-credentials: true
connection: close

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
178 B 526ms
167ms Fetch 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST /
prebid.smilewanted.com/ 0
0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
212 B 171ms
88ms Fetch 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
543 B 85ms
31ms Fetch
application/json 18.198.161.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.21.0&referrer=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&tmax=1000

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.198.161.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-161-106.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
accept-ch: sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 127ms
54ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
133 B 688ms
628ms Fetch 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f55379a9164c44-MXP
access-control-allow-methods: POST, GET

POST
H2 200 cdb Show response
bidder.criteo.com/ 23 KB
12 KB 369ms
310ms Fetch
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=7284735262&lsavail=1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

58cb117532703109026cca8786f7bdd5b9d44870d8ce924fe9845b9c9f37265e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.apkshub.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 183 B
624 B 263ms
183ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&pid=65qGvxp4PmMYS&cb=1&ws=1600x1200&v=23.1108.2350&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1638168752_2%22%2C%22s%22%3A%5B%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A68752%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&bb=[%221ny9kw%22]&schain=1.0%2C1!pubpower.io%2C2297%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

958ea6d77aa0b400f673c3f0f6256bc2103f0c8c00b51f2475119e76014eb30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 9BM8YAPN3MCVCAFT2ECQ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.apkshub.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 183
x-amz-cf-id: SLV2bDrIKnXVpE6flbEgt4Dc9wBxcDReLy9hK-TCn2w25_eMvCA95g==

POST
H2 200 cdb Show response
bidder.criteo.com/ 23 KB
12 KB 355ms
300ms Fetch
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=37078844268&lsavail=1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

919d2a5a9ed234abc2b32bc53a2091cf923e3bef9c58a476352657d245c0625b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.apkshub.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 200 prebid Show response
mp.4dex.io/ 1 KB
1 KB 172ms
129ms Fetch
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72d425d8b440a049d9ceb61677bdb488c637da6ae84870d40ce30d10cbc45424

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Sat, 02 Dec 2023 17:35:23 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: vi_1638168752_3
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82f55379af9f2373-ZRH
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
354 B 131ms
55ms Fetch 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:22 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 155ms
88ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
542 B 132ms
84ms Fetch
application/json 18.198.161.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.21.0&referrer=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&tmax=1000

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.198.161.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-161-106.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
accept-ch: sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST /
prebid.smilewanted.com/ 0
0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
311 B 133ms
91ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=705383
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16d8cf19a62001b2988e15cfe55a15e667cfa209ce107e734d64012cb3024e9b

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fBhkK3G6YbYD1ZT8Rnywp31pGo15ffCCLW9UYpzVtk6%2B3b5W4an0ARhNank%2F4NiN%2BCaZ%2FlrkZJnYg6pYOwNflYqjjhpw1igcdMn22MhLVrwiymwbv3NEUPc812%2BA3WRsZSoaSNQ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 82f5537999e501e7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
265 B 260ms
208ms Fetch 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f55379a91a4c44-MXP
access-control-allow-methods: POST, GET

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
177 B 517ms
167ms Fetch 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
177 B 477ms
119ms Fetch 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-627DAB43EB48B629C7393DEE8BB6797&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=865eb601-bd05-4141-b1e8-28c13b0a23e2&u=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&host=www.apkshub.com&ucfUid=e7570e4a-9c64-4ccc-b687-d08c3592f5b7&w=728&h=90
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:22 GMT
access-control-allow-credentials: true
connection: close

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 183 B
624 B 375ms
303ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&pid=65qGvxp4PmMYS&cb=2&ws=1600x1200&v=23.1108.2350&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1638168752_3%22%2C%22s%22%3A%5B%22728x90%22%2C%22468x60%22%5D%2C%22sn%22%3A68752%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&bb=[%221ny9kw%22]&schain=1.0%2C1!pubpower.io%2C2297%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

cfcd89ceca91c746a779064f2a809e513caeda737b53666be1e1e5be87c9f61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: X7KJZ1X2P2D6772XD4M9
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.apkshub.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 183
x-amz-cf-id: y4fDSaHrNGFIdH2RdAxuLnUHpqHA_N3tKaiG6YffzzlHIxZAYN6YUw==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 113ms
54ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
209 B 155ms
88ms Fetch 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:22 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST /
prebid.smilewanted.com/ 0
0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
542 B 160ms
121ms Fetch
application/json 18.198.161.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.21.0&referrer=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&tmax=1000

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.198.161.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-161-106.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
accept-ch: sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
177 B 511ms
158ms Fetch 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-627DAB43ED3733780E9A73E8BD682E49&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=865eb601-bd05-4141-b1e8-28c13b0a23e2&u=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&host=www.apkshub.com&ucfUid=e7570e4a-9c64-4ccc-b687-d08c3592f5b7&w=320&h=480
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
access-control-allow-credentials: true
connection: close

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
316 B 120ms
87ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=705383
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e918390f909399afd415f7bd3d4828e2a791fe71bcbdf0a049c37e0361d4b0

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhmhGxrH%2BGBI6Kx%2B%2FZx17KHbnFhfFu104iQ1OcdnUizz%2Fwl2FhY2I90vmA3auf0i3KlQA%2B4RQV49oD8wbc1G1%2Br3qICH%2BwVEtkh8IE39cu4QePGFlJRVU3Geij%2FgV7d%2BySYPPiVz"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 82f5537999e301e7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 21 KB
10 KB 304ms
262ms Fetch
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=75224595535&lsavail=1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

316c244584015517110aed8a71e2fddf9740b1f206b1e8ece2455eb226de84f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.apkshub.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 200 prebid Show response
mp.4dex.io/ 1 KB
1 KB 138ms
106ms Fetch
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f90f6ad870fda6e359ba3396e5cac842321401b6c3ad833c69a601d9c322512

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82f55379af9b2373-ZRH
expires: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
177 B 507ms
168ms Fetch 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 pbjs Show response
useast.quantumdex.io/auction/ 748 B
597 B 257ms
215ms Fetch
application/json 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbee9f4eade871d11f26e0f4b8ec19c38c1c573090378d9964d22e897c7f5604

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: https://www.apkshub.com
access-control-allow-credentials: true
cf-ray: 82f55379a9174c44-MXP

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
163 B 105ms
36ms Fetch 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://www.apkshub.com
pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
162 B 142ms
74ms Fetch 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://www.apkshub.com
pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 183 B
623 B 291ms
231ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&pid=65qGvxp4PmMYS&cb=3&ws=1600x1200&v=23.1108.2350&t=1000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A1%2C%22id%22%3A%22Interdog_Media_RON_Instream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22640x480%22%5D%7D%2C%7B%22sd%22%3A%22vi_1638194124_banner%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A94124%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&bb=[%221ny9kw%22]&schain=1.0%2C1!pubpower.io%2C2297%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d1ee92cbc114465fcb32954c60bde76c76ade62d03582f93ec18b622b0df29fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: FNJJ4D4XKY20CN55BDSZ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.apkshub.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 183
x-amz-cf-id: IZlf6EF6ahf8Xat8-2tdEtFPDnUdckBt1drXXSQ0qXNdQ6Im2E1ZMg==

GET
H2 200 tf-v1.jpeg
px.vliplatform.com/ 0
269 B 235ms
165ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/tf-v1.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNytqZarMK-rUUY-PqBU-qwyK-aeyZyyAATAMYRzyzNhqut_cotvRws0NA
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B243fc9XwpbaATz1pUd5pevpHdP3NLfrAGgxEUsfshhJP1Ta%2FH62%2Fmaqj6JHyh4VMnFufkbuix9ajFLZaCWTyfdYrkUk32ACEADH%2BuFhhVTcNPxG40sqMEYv%2Fe9nB2ap6RsP2tBFecWHx35tgpa25A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55379d99483a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
272 B 234ms
165ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNUMKZYRzdNYaqtUtKU-aTMU-PwPP-wqUU-qrtytreTAeqPRlmNKYMbaARdzNwqfftkRqxeNco_TUBMTUMKZY_TRwkjNAR_yszuNzkxtRkjmNKYMbaA,PUMbUARwlNqrquog,kzwigxlt,hxwdqzoe,qdb,ekoztg,ekoztg,xeyxffts,ob,zkohstsoyz,jxqfzxdrtb,ldostvqfztrRleNpl
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6WTyPzS6stWR081PvBCLIPLUdec%2BngUvJHigdoh7BgVhH7AiAV6BmEm5jtK%2B3QeIs1oYnXbmNz7DMqGBFWPNoKNpjcAcy5NYaQCXvAxZwyur%2FqMS4tkdKtACZvmC7isWdxMIICTdHFKiab%2Fy0YHkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55379d99983a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
269 B 241ms
171ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNaKZUZAZt-tyBy-PAUU-aZTM-MYZUATwwMMBMRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaA,PUMbUARrdzNqdqmgfRwkjNTRmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeA7prq0txUbwF175nTzAlhARbFD%2FSTEnbQ1Mtrc6zNbHQSMaT06bFIaBfpRXBPQtQ4%2BdBIWTm3mrWdym0gU4X0T9%2BjT0rzHkrfEgsIx9VtCi%2FHhHrJGJg7ckAJQEY0Rypun6EfhgAKIsfB1Si1xVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55379d9a183a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
273 B 242ms
173ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNUMKZYRzdNYaayPwtK-KwYP-PtTA-atZr-TKyrKMKAaaBPRlmNKYMbaARdzNwqfftkRqxeNco_TUBMTUMKZY_YRwkjNAR_yszuNzkxtRkjmNKYMbaA,PUMbUARwlNqrquog,ob,xeyxffts,kzwigxlt,ldostvqfztr,qdb,zkohstsoyz,hxwdqzoe,jxqfzxdrtb,ekoztg,ekoztgRleNpl
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Qe2CyNezuF0Vlk2OrY30Ewne%2FYDMX%2Fk%2BHJrUdh19ENCzbL%2F3%2BkZWHl3bkciJd33zAGKGNt63Hu0z4iil5Zx3PVJOD1re9lryvVw5ikqUAv4yJa5wRt%2BznibOEqw2g43rNo74rs3h9oghQ3vUmSPsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55379d99d83a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
528 B 232ms
163ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNaPMwAwAy-yqPY-PrtT-aUPt-PrrtMyyYtAPeRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaA,PUMbUARrdzNqdqmgfRwkjNTRmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2ixzomX1lsvZAVub0znTpah93ENF9%2FvbXQCCB5sAIQant%2FXzoFUZ6U7meelYgK%2FNGyP62BhLaLCx%2FfYb5a0ThgUmhh2%2FM4aeYDyuHDhYFBILziIMoHcKsBlt5Fka%2BzBsA8UY3XMbm82NFCG5RQpzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55379d9a083a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
272 B 234ms
165ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNUMKZYRzdNUrqeaeBy-rwrK-PttK-aZKy-eyyyyAqrqPwqRlmNKYMbaARdzNwqfftkRqxeNco_TUBMTUMKZY_BRwkjNAR_yszuNzkxtRkjmNKYMbaA,PUMbUARwlNekoztg,ekoztg,qrquog,qdb,hxwdqzoe,zkohstsoyz,ldostvqfztr,ob,jxqfzxdrtb,kzwigxlt,xeyxfftsRleNpl
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4dERCEJWDcOM15KxuOPpp%2FpBED3WzPLyK61wnBR%2FXhgwFYwBIaILYAYQmIMk8SS7nNw79sboHDdRJDk06D6HvTsuOlaCfId1YBkQBQducJj7N4oKYdgZ6rdRcfhKLCFBKNHFqr4z%2FQga6t9NHtTuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55379d99b83a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
278 B 167ms
166ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNwZUTaqZq-UKPZ-Ptaa-aYPa-qBBtAwyTYweKRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaA,PUMbUARrdzNqdqmgfRwkjNTRmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5Q55qGzPXXUw%2BvjqyTrcZdQ%2BdZdp7ltNkba4uR9F%2FnKtSpFZjyQN7aGNJErkltQNo8T2Ua6TzT2IloXPB4lC8qH%2B4GHL63xDquJ5tQSRcuFAIIMwMhEdIrtfPGMjM2%2BMl5hsvfsj6%2B%2BUfLtN%2BeODQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55379e9ac83a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
271 B 162ms
161ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNaPTYPRzdNqaBTrTTK-YKBr-PrBY-aZqq-AtywrwytMKAYRlmNPTAbYBTRdzNcortg%20gxzlzktqdRqxeNco_TUBMTaPTYP_gxzlzktqdRwkjNAR_yszuNzkxtRkjmNPTAbYBTRwlNhxwdqzoe,qdb,ekoztg,jxqfzxdrtb,xfkxsnRleNpl
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04O013wcbQx14W0CSBiWM%2BitvAYaH7hnSp47HZm3rWT%2BtNi1u8k6%2FcAgMr6zvpRBbljqlHJ9kLILwRqRmLhsuGojCFbBBiH3rsQG9fkyFgTIXUuyw3rOG7vvAqP8uJPIXItXtXek0z7P35V%2Fy4bCuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55379e9ae83a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
274 B 238ms
237ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNaPTYPRzdNZBUZeeYK-qZtw-PByM-MwZM-UwZPwaKMKTqARlmNUPAbPMARdzNcortg%20oflzktqdRqxeNco_TUBMTaPTYP_oflzktqdRwkjNAR_yszuNzkxtRkjmNUPAbPMARwlNhxwdqzoe,qdb,zkohstsoyz,ekoztg,jxqfzxdrtb,xfkxsnRleNpl
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iffsxvud6fp8JI4bixZtdmW1HuUgT10TwaB4V%2FlckNwPMo3Vev2M%2BWQVg%2BxwOUaH%2FrYYmEEHpZJ5KYadb2WzxzvzOUsn9Lq0UyhXLxYD0ynGTOxap14%2Fa6P9XyfdW7r92UPNoHw%2ByqofcAWMDj3dRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537a4a4a83a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
508 B 231ms
231ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNaPTYPRzdNKMBywqea-rATq-PAet-qyMY-ZAyPPyBrYwAPRlmNBBUbPMARdzNwqfftkRqxeNco_TUBMTaPTYP_wqfftkRwkjNAR_yszuNzkxtRkjmNBYAbPMA,BBUbYMA,BAAbYZARwlNhxwdqzoe,qdb,ldostvqfztr,zkohstsoyz,xeyxffts,ob,ekoztg,qrquog,kzwigxlt,jxqfzxdrtbRleNpl
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmiSr759pP8lnfraDfHuzpuONu4rjDiRRbDimqJiZZh4WiFRoorLmULJymlv3IqxRwXNXmELUePYyIrh3KIY%2F2jljIvYMt2Lf%2F8znqAsKiElsSpMTX4RKWawN5pm5GGlmeKU9jVnfjuERj203kkSCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537a4a4c83a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
273 B 231ms
230ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNwYKreUYY-qTUr-PPUY-MtPe-ereZKMKaKwwtRdzNcortg%20oflzktqdRlmNUPAbPMARwlNqdqmgfRkjmNUPAbPMARrdzNqdqmgfRwkjNTRmNaPTYPRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOT67ptVr7X9JvCas7d9nEcY9V8cFelfEfZwWEQxCnEMnjR2eWWxv8zSZg7jRh7LcSkvyF7JL41UzohBsp878VFcZjII%2FLuFRJuZ7DUHOJqWcnvxtReykXPFvNdrY%2BwLeDcJfnni%2F3HH8wKL%2F%2F5nig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537a4a4f83a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
266 B 232ms
231ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNaAUtPqwU-wtTP-PyAY-aYBa-ZtKqwerratUtRdzNwqfftkRlmNBBUbPMARwlNqdqmgfRkjmNBBUbYMA,BAAbYZARrdzNqdqmgfRwkjNTRmNaPTYPRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3QyyRYKXYBhQPK4otNHx9afn1TXfMz4T49q40jHeEQVuzmxFmkNFzstucJpBXRrrCP5lWrMoenvxHqljJ73U82zI7NdGVaBc9qN78vPczYfCeZCHxO3x9lDY8TdDuHDbvVy0dw6n0dezMCrqk7wbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537a4a5183a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 183 B
624 B 363ms
309ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&pid=65qGvxp4PmMYS&cb=4&ws=1600x1200&v=23.1108.2350&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1638169094_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A69094%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_1638169094_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A69094%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&bb=[%221ny9kw%22]&schain=1.0%2C1!pubpower.io%2C2297%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

b188b2173c0c0016773fdfbef0e1598c3df19bb165b913727973701727d57cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: MNYF6PNTEP9MXPYX2K5R
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.apkshub.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 183
x-amz-cf-id: ECoH0rm9Zq9Aq1_b2csBJKZiQDSGNxfK5r3qcG1txxpiPeUf-W4QQw==

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
273 B 228ms
228ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNYqyArPwU-YtrZ-PeeZ-MeTa-eaBwMtBKUBPPRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNUaAaPRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCwN0pPCnYr7UCE%2FGmbxPWXb8Q8enaqe0jBst1C3PFFOuR4r%2FSfOE3DmwM%2BGOwyjEaUMOhEq%2BFiVKTrTMJN49GxpZQCuAqSpzJSvJnhaOsxeOWTczC19n4HkYOJnD5vcSBKFY2w9k309us%2F7uUC9qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537a4a5283a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
272 B 233ms
233ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNUyYAMwYB-eZAt-PqTt-aTta-UZPqAUqBKKZURdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNUaAaPRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbRY0nr0yBstIya9vupzikD6NZAN0UdelhFGHXs9DcG6P8zXupJ1YUkam%2FTIvEn8uUTnwjoP5Yz5abFhG238cSUY0g%2BWYWBCJCejRm77AQRjXVQZg8bS9SrJRDihQKFU%2BcvEvyMGFP0%2BXdQV5RpS5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537a4a5583a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 183 B
623 B 225ms
187ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&pid=65qGvxp4PmMYS&cb=5&ws=1600x1200&v=23.1108.2350&t=1000&slots=%5B%7B%22sd%22%3A%22vi_1638168755_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A68755%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&bb=[%221ny9kw%22]&schain=1.0%2C1!pubpower.io%2C2297%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

b6b1f400a460e1553f71dc48b6ea2d87e05d1d4b59bac4586f664da64ababbc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: QXKDH6F8DRBJXV3CG385
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.apkshub.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 183
x-amz-cf-id: nTb13NRWJYi1xXv6n8smzy1BmudDEgZWQhK1oIUtH-SoKJ_PX2radQ==

GET
H2 200 1679645040.png
assets.vlitag.com/widget/2023/03/24/ 98 KB
99 KB 51ms
47ms Image
image/webp 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2023/03/24/1679645040.png
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: HIT
age: 222788
cf-polished: origFmt=png, origSize=323185
content-disposition: inline; filename="1679645040.webp"
alt-svc: h3=":443"; ma=86400
content-length: 100856
cf-bgj: imgq:85,h2pri
last-modified: Fri, 24 Mar 2023 08:04:00 GMT
server: cloudflare
etag: "641d5970-4ee71"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82f553799ed4bad0-MXP
expires: Tue, 21 Nov 2023 21:34:52 GMT

GET
H2 200 1648753545.jpg
assets.vlitag.com/widget/2022/03/31/ 97 KB
97 KB 84ms
81ms Image
image/webp 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2022/03/31/1648753545.jpg
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 191a98003e98b429276e8f3daefd3849a1603a4ddee78efc0168ba41a131a5bb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: HIT
age: 303291
cf-polished: qual=85, origFmt=jpeg, origSize=133932
content-disposition: inline; filename="1648753545.webp"
alt-svc: h3=":443"; ma=86400
content-length: 99048
cf-bgj: imgq:85,h2pri
last-modified: Thu, 31 Mar 2022 19:05:45 GMT
server: cloudflare
etag: "6245fb89-20b2c"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82f553799ed6bad0-MXP
expires: Tue, 21 Nov 2023 21:34:24 GMT

GET
H2 200 1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 170 KB
171 KB 52ms
49ms Image
image/jpeg 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: HIT
age: 402591
cf-polished: degrade=85, origSize=227959, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 174276
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Nov 2019 14:07:11 GMT
server: cloudflare
etag: "5dc1820f-37a77"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82f553799ed7bad0-MXP
expires: Wed, 01 Nov 2023 15:47:05 GMT

GET
H2 200 1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 74 KB
74 KB 43ms
41ms Image
image/webp 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: HIT
age: 308697
cf-polished: qual=85, origFmt=jpeg, origSize=103053
content-disposition: inline; filename="1592801729.webp"
alt-svc: h3=":443"; ma=86400
content-length: 75514
cf-bgj: imgq:85,h2pri
last-modified: Mon, 22 Jun 2020 04:55:29 GMT
server: cloudflare
etag: "5ef039c1-1928d"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82f553799edabad0-MXP
expires: Tue, 28 Nov 2023 14:54:15 GMT

GET
H2 200 1572962870.jpg
assets.vlitag.com/widget/2019/11/05/ 107 KB
107 KB 74ms
71ms Image
image/webp 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: HIT
age: 135756
cf-polished: qual=85, origFmt=jpeg, origSize=151033
content-disposition: inline; filename="1572962870.webp"
alt-svc: h3=":443"; ma=86400
content-length: 109336
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Nov 2019 14:07:50 GMT
server: cloudflare
etag: "5dc18236-24df9"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82f553799edbbad0-MXP
expires: Thu, 30 Nov 2023 10:06:37 GMT

GET
H2 200 1596163502.jpg
assets.vlitag.com/widget/2020/07/30/ 104 KB
105 KB 37ms
35ms Image
image/webp 2606:4700:10::6816:3bc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: HIT
age: 396051
cf-polished: qual=85, origFmt=jpeg, origSize=140376
content-disposition: inline; filename="1596163502.webp"
alt-svc: h3=":443"; ma=86400
content-length: 106784
cf-bgj: imgq:85,h2pri
last-modified: Fri, 31 Jul 2020 02:45:02 GMT
server: cloudflare
etag: "5f2385ae-22458"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 82f553799edcbad0-MXP
expires: Tue, 21 Nov 2023 18:35:53 GMT

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
272 B 234ms
234ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNreePrywy-BqMy-PPAq-wPPB-AwPyUArMMMaMRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZARrdzNqdqmgfRwkjNARmNUMKZZRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xbi3EGj8lb1yFUWTzDZNZjH7X0DnKzFFDujCm8VLqqf9QRGsrMp8lyzz9cCmODuZoNH06mKsv227Q8tzBA%2FHuut6os5eFBN8mwW%2BgZOZ5fSmwmSHME6xmQyE9pH6%2Bas4%2BdxqoLX7Ej9chQiJW2%2Bu0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537a4a5683a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3

206

videoplayback
r2---sn-1gi7znek.googlevideo.com/
Redirect Chain

https://media.vlitag.com/vid/?id=6Fk_i-JDmbY&t=y
https://redirector.googlevideo.com/videoplayback?expire=1701556018&ei=0lprZbaHDO6FsfIP0JyV8AE&ip=184.164.141.146&id=o-AMcR2dair95m7tRmV_W6Nm0SU4Vdf3nHy7TuNfP05Wms&itag=18&source=youtube&requiressl=...
https://r2---sn-1gi7znek.googlevideo.com/videoplayback?expire=1701556018&ei=0lprZbaHDO6FsfIP0JyV8AE&ip=184.164.141.146&id=o-AMcR2dair95m7tRmV_W6Nm0SU4Vdf3nHy7TuNfP05Wms&itag=18&source=youtube&requi...

609 KB
0

104ms
23ms

Media
video/mp4

2a00:1450:400a::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-1gi7znek.googlevideo.com/videoplayback?expire=1701556018&ei=0lprZbaHDO6FsfIP0JyV8AE&ip=184.164.141.146&id=o-AMcR2dair95m7tRmV_W6Nm0SU4Vdf3nHy7TuNfP05Wms&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f5cHXm5o5xxQ7DcX0DH0hGiNEOTjeilTfIZa1_CPMXb7u1ly&vprv=1&svpuc=1&mime=video%2Fmp4&ns=3dGCytTVK17PVwHnRJ9At60P&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&sefc=1&txp=6219224&n=opIKeMHdDmQzrmSAL2&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAJ_mngTv1aWhz3fXwxobLe6jD2dJz58QSldHYxgIEL-vAiABT96ZHH3SapGwxvVpAk7HWp-N9XzrdDFfy0-MlwxP4Q%3D%3D&cms_redirect=yes&mh=d6&mip=2a05:ad00:b:0:129::1&mm=31&mn=sn-1gi7znek&ms=au&mt=1701538165&mv=m&mvi=2&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIhAOoK5a7Ek8-RevzCyinvZfJYccpS1TAhLJshv4T_Xan6AiBi3CnytArgL2tCrw4aO2PiWTyugUFqFm1j2_fG21yTHQ%3D%3D

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Server

2a00:1450:400a::7 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

client-protocol: quic
date: Sat, 02 Dec 2023 17:35:23 GMT
x-content-type-options: nosniff
last-modified: Sat, 03 Jun 2023 08:32:55 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-14185952/14185953
cache-control: private, max-age=17195
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 14185953
expires: Sat, 02 Dec 2023 17:35:23 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-1gi7znek.googlevideo.com/videoplayback?expire=1701556018&ei=0lprZbaHDO6FsfIP0JyV8AE&ip=184.164.141.146&id=o-AMcR2dair95m7tRmV_W6Nm0SU4Vdf3nHy7TuNfP05Wms&itag=18&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&spc=UWF9f5cHXm5o5xxQ7DcX0DH0hGiNEOTjeilTfIZa1_CPMXb7u1ly&vprv=1&svpuc=1&mime=video%2Fmp4&ns=3dGCytTVK17PVwHnRJ9At60P&cnr=14&ratebypass=yes&dur=200.968&lmt=1685781175523295&fexp=24007246&c=WEB&sefc=1&txp=6219224&n=opIKeMHdDmQzrmSAL2&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Ccnr%2Cratebypass%2Cdur%2Clmt&sig=ANLwegAwRQIhAJ_mngTv1aWhz3fXwxobLe6jD2dJz58QSldHYxgIEL-vAiABT96ZHH3SapGwxvVpAk7HWp-N9XzrdDFfy0-MlwxP4Q%3D%3D&cms_redirect=yes&mh=d6&mip=2a05:ad00:b:0:129::1&mm=31&mn=sn-1gi7znek&ms=au&mt=1701538165&mv=m&mvi=2&pl=29&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRQIhAOoK5a7Ek8-RevzCyinvZfJYccpS1TAhLJshv4T_Xan6AiBi3CnytArgL2tCrw4aO2PiWTyugUFqFm1j2_fG21yTHQ%3D%3D
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1293
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 168ms
86ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:23 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 288092
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDIHwwuUvzkzcjZiDxOotw57LHrgp9oN6%2BI4JBouruYFCdUtC98qTSezy%2BccAvQSWSk3UTDb5uPHP%2Fefbn%2BThXNGJrPVXvlNuULKrvxLhRxaAEFBvnfjcdg%2Fok%2Btzhkihc3x53C8V14lhgCy"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 82f5537a4e6cbb1d-MXP

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame F5B8
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu

281 B
555 B

94ms
30ms

Document
text/html

69.192.162.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-162-113.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 02 Dec 2023 17:35:23 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 02 Dec 2023 17:35:23 GMT
location: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
server: AkamaiGHost

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0D51
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu

281 B
555 B

86ms
30ms

Document
text/html

69.192.162.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-162-113.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 02 Dec 2023 17:35:23 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 02 Dec 2023 17:35:23 GMT
location: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
server: AkamaiGHost

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 2057
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu

281 B
555 B

87ms
31ms

Document
text/html

69.192.162.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-162-113.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 02 Dec 2023 17:35:23 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 02 Dec 2023 17:35:23 GMT
location: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B9E7 16 KB
6 KB 113ms
36ms Document
text/html 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=92588
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sat, 02 Dec 2023 17:35:23 GMT
expires: Sun, 03 Dec 2023 19:18:31 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 3207
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_pm-db5_ppt_n-vmg_n-baidu_n-Beeswax_smrt_3lift
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_pm-db5_ppt_n-vmg_n-baidu_n-Beeswax_smrt_3lift&dcc=t

353 B
1 KB

213ms
213ms

Document
text/html

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_pm-db5_ppt_n-vmg_n-baidu_n-Beeswax_smrt_3lift&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

b116fb57493f4eed13c6c17be5f9bfacf4e924f933ef8bd0d4532fe9534c136f

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 353
Content-Type: text/html;charset=ISO-8859-1
Date: Sat, 02 Dec 2023 17:35:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 65E56HA08ZK3WMQK35CT

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 02 Dec 2023 17:35:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_pm-db5_ppt_n-vmg_n-baidu_n-Beeswax_smrt_3lift&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: XNKPSMCVSTQKBDGKWWNZ

POST
H2 200 cache Show response
pbc.vliplatform.com/ 63 B
427 B 171ms
162ms Fetch
application/json 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pbc.vliplatform.com/cache
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbfefe1ad4213599d5ad05738a1064355401abdb611819316ee6add9e256e017

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhOjWLiK32%2BJ0%2BQ8sqFHdhGfNiRsxGjLLCF6rakOgj0NGOulbf9N5jTBDBEeYbpEJHAgpr%2FQnAHo%2BoM87oqazLpMkMr0djxc0ov%2BCvnPUi6Xi%2Fwf0rBR4mzWDf9zHQnDNSY%2Fpc3i%2B%2FlepWGpt0YwGLc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.apkshub.com
access-control-allow-credentials: true
cf-ray: 82f5537b6caf83a0-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B9E7 5 KB
6 KB 110ms
34ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51067775&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 208ff19a24c75168ceba107d726fe0872a975413123c11b5420efe9f14a23f82

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:35:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F5B8 46 KB
13 KB 30ms
30ms Script
text/html 69.192.162.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-162-113.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 3ad05fd574b9bf64fb99c4e673f0bdcd6a889d5cffb763dd8829b2abf45d9702

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 21:14:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13192
Connection: keep-alive
Content-Length: 13236
Expires: Sat, 02 Dec 2023 21:15:15 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2057 46 KB
13 KB 30ms
30ms Script
text/html 69.192.162.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-162-113.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 3ad05fd574b9bf64fb99c4e673f0bdcd6a889d5cffb763dd8829b2abf45d9702

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 21:14:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13192
Connection: keep-alive
Content-Length: 13236
Expires: Sat, 02 Dec 2023 21:15:15 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0D51 46 KB
13 KB 30ms
30ms Script
text/html 69.192.162.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-162-113.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 3ad05fd574b9bf64fb99c4e673f0bdcd6a889d5cffb763dd8829b2abf45d9702

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 21:14:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13192
Connection: keep-alive
Content-Length: 13236
Expires: Sat, 02 Dec 2023 21:15:15 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame F5B8 7 B
775 B 128ms
34ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: b71bced807741b20dd93dce6c2d26405
Expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 2057 7 B
775 B 120ms
30ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 1f4afaf10c6b5898421df1cdca3fc7f5
Expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 0D51 7 B
776 B 122ms
32ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

GET
H/1.1 200
OK img Show response
sync.mathtag.com/sync/ Frame C7F1 43 B
443 B 128ms
38ms Document
image/gif 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1143 599e619 master cdg cdg-pixel-x29 config_version:"2120" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 02 Dec 2023 17:35:23 GMT
Expires: Sat, 02 Dec 2023 17:35:22 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1143 599e619 master cdg cdg-pixel-x29 config_version:"2120"

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 7875 43 B
363 B 105ms
34ms Document
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:35:22 GMT
expires: Sat, 02 Dec 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 198472
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1 200
OK dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 4CEE 43 B
855 B 172ms
58ms Document
image/gif 67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 02 Dec 2023 17:35:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: YES2TKS28RT6Z4QE36RT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3F5E
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CBk_BAhNbQQTTT8HCEkkUglNPFETGj9XDU7Ixhy_

42 B
425 B

148ms
43ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CBk_BAhNbQQTTT8HCEkkUglNPFETGj9XDU7Ixhy_
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:35:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Sat, 02 Dec 2023 17:35:23 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=CBk_BAhNbQQTTT8HCEkkUglNPFETGj9XDU7Ixhy_
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 42CF
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7476920855595883743&gdpr=0&gdpr_consent=

42 B
298 B

131ms
43ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7476920855595883743&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:35:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 8ad3301e-f732-4a7c-b6ac-9e7593db3d44
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 17:35:23 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7476920855595883743&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 185.195.71.221; 185.195.71.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F5C7
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7308052309189916812&gdpr=0&gdpr_consent=

42 B
447 B

156ms
42ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7308052309189916812&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:35:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Sat, 02 Dec 2023 17:35:23 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7308052309189916812&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B985
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_f6a135e4-a0e0-478b-9274-f18e342a5f23&bsw_param=cc77a4b6-7e95-47ed-ba32-09569fa94366&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

1 B
166 B

43ms
43ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 17:35:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 02 Dec 2023 17:35:23 GMT
location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame FF72
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=w0SheZI2Xk5mBkU8GEz5-rnDR90&gdpr=0&gdpr_consent=

42 B
299 B

42ms
42ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=w0SheZI2Xk5mBkU8GEz5-rnDR90&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:35:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Dec 2023 17:35:23 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=w0SheZI2Xk5mBkU8GEz5-rnDR90&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame C6F5
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDbktVN0sxdFlBQUJQNDN0ZU1uZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partneruserid=AADVBE7K1tYAABRxDUIUDA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3589463590391086894&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?ev=AADVBE7K1tYAABRxDUIUDA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3589463590391086894%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3589463590391086894&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADVBE7...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADVBE7K1tYAABRxDUIUDA&gdpr=0&gdpr_consent=

42 B
279 B

43ms
43ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADVBE7K1tYAABRxDUIUDA&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:35:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 02 Dec 2023 17:35:24 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADVBE7K1tYAABRxDUIUDA&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame F78D
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd60c7dc45aab4510b9137b80f9bd3457

42 B
280 B

45ms
45ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd60c7dc45aab4510b9137b80f9bd3457
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:35:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 166
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 17:35:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd60c7dc45aab4510b9137b80f9bd3457
pragma: no-cache
server: Tengine

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 4671
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
236 B

123ms
123ms

Document
image/png

151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWtq2wAEAN3S7QBU
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Sat, 02 Dec 2023 17:35:23 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mxp6957-MXP
x-timer: S1701538524.814888,VS0,VE93

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Sat, 02 Dec 2023 17:35:23 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZWtq2wAEAN3S7QBU
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mxp6957-MXP
x-timer: S1701538524.689784,VS0,VE97

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame CA99
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
93 B

137ms
42ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 17:35:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Sat, 02 Dec 2023 17:35:23 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 70E9 43 B
282 B 116ms
39ms Document
image/gif 173.231.180.197
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: ams-delivery-4.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Sat, 02 Dec 2023 17:35:23 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-1

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 5C42
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=460297751196113367

42 B
194 B

57ms
46ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=460297751196113367
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:35:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=460297751196113367
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 360F
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685631101846490

42 B
273 B

113ms
44ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685631101846490
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:35:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Sat, 02 Dec 2023 17:35:23 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685631101846490
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 0CFB 43 B
360 B 94ms
38ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Sat, 02 Dec 2023 17:35:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 7DA5 43 B
277 B 216ms
55ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Sat, 02 Dec 2023 17:35:23 GMT
Vary: Accept-Encoding
X-adserver-worker: avatar-d3a8660d1bf8@version_1.578
X-core-time: 0ms
X-server-arch: v2

GET
H2

200

/ Show response
onetag-sys.com/match/ Frame 7923
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=1eabccd56dee0d80/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=3e4651007b929497695f86809be6efcb&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbnghjjQVUQnnaQSa&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

0
340 B

29ms
29ms

Document
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

Redirect headers

cache-control: private,max-age=86400
content-length: 157
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 17:35:24 GMT
location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 66B2 0
0

GET
H2 200 setuid Show response
u.4dex.io/ Frame 4CAE 0
716 B 98ms
41ms Document
text/plain 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 02 Dec 2023 17:35:23 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B9E7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CrKgn5kxSlCdLLSYtcYtsA%3D%3D&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=CrKgn5kxSlCdLLSYtcYtsA%3D%3D&gdpr=0&gdpr_consent=&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

126ms
125ms

Image
text/html

2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=92588
accept-ranges: bytes
content-length: 5622
expires: Sun, 03 Dec 2023 19:18:31 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame B9E7
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&gdpr=0&gdpr_consent=&ct=y

49 B
545 B

82ms
81ms

Image
image/gif

54.216.8.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 54.216.8.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-8-15.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.44
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.45.27.91
content-length: 0
expires: 0

GET
H2

204

cr
cr.frontend.weborama.fr/ Frame B9E7
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3842127081

0
45 B

41ms
36ms

Image
text/plain

34.111.129.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3842127081
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.129.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
via: 1.1 google
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
via: 1.1 google
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3842127081
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1

200

p
a.audrte.com/ Frame B9E7
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZTdidUtBTURVaVpSSU9ReC1aTWRkSVV1QQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=5601850442688953787&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

52ms
52ms

Image
image/png

34.247.205.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: HTTP/1.1
Server: 34.247.205.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-158.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:24 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sat, 02 Dec 2023 17:35:23 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B9E7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEFCMkEwOUYtOTkzMS00QTUwLTlEMkMtQjQ5OEI1QzYyREIw&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEFCMkEwOUYtOTkzMS00QTUwLTlEMkMtQjQ5OEI1QzYyREIw&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

91ms
42ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:35:22 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B9E7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAyfX5PYo4jU8uhYVojPqjg&google_cver=1

42 B
268 B

93ms
45ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAyfX5PYo4jU8uhYVojPqjg&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:35:23 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAyfX5PYo4jU8uhYVojPqjg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame B9E7 43 B
611 B 123ms
44ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 01 Dec 2023 17:35:23 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B9E7
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1679370238320300561

42 B
242 B

46ms
46ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1679370238320300561
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:35:23 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1679370238320300561
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B9E7 70 B
149 B 159ms
50ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B9E7 43 B
602 B 158ms
51ms Image
image/gif 2a05:d018:d29:3601:357b:9971:3f66:201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/0AB2A09F-9931-4A50-9D2C-B498B5C62DB0?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:357b:9971:3f66:201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame B9E7
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-yuR0IzJE2uW9cCtqs4m1jYO9x5eVB7c-~A&gdpr=0

0
260 B

142ms
35ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-yuR0IzJE2uW9cCtqs4m1jYO9x5eVB7c-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-yuR0IzJE2uW9cCtqs4m1jYO9x5eVB7c-~A&gdpr=0
date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B9E7
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=39848f0e-25d7-4e62-9bf6-4c502ae54504-656b6adb-4348&gdpr=0&gdpr_consent=

42 B
264 B

42ms
42ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=39848f0e-25d7-4e62-9bf6-4c502ae54504-656b6adb-4348&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:35:22 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=39848f0e-25d7-4e62-9bf6-4c502ae54504-656b6adb-4348&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame B9E7
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3e02b1b3a15d18f9&is_secure=true&networkId=17100&version=1&nuid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIZtbDYCV83wNL98ZJAAAAAAA&expiration=1701624923&nuid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

0
220 B

34ms
33ms

Image
text/plain

198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date: Sat, 02 Dec 2023 17:35:24 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame B9E7
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3426970496280146106&gdpr=0&gdpr_consent=&us_privacy=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

0
159 B

34ms
34ms

Image
text/plain

198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date: Sat, 02 Dec 2023 17:35:22 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

/
onetag-sys.com/match/ Frame B9E7
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:39505c59-85b8-41ed-9d88-2b270e17ad7d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

0
340 B

29ms
29ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
date: Sat, 02 Dec 2023 17:35:22 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 39ms
39ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:21 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
209 B 37ms
36ms Fetch 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
59 B 624ms
624ms Fetch 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:24 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f5537c9d894c44-MXP
access-control-allow-methods: POST, GET

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
177 B 166ms
166ms Fetch 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 prebid Show response
mp.4dex.io/ 1 KB
1 KB 51ms
50ms Fetch
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7dbbc4c7ccaf37bc7e078493103e81d499be9fcf74fbaed44d3931af8d713c

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82f5537c9c992373-ZRH
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
542 B 111ms
111ms Fetch
application/json 18.198.161.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.21.0&referrer=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&tmax=1000

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.198.161.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-161-106.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
accept-ch: sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 17 KB
9 KB 132ms
132ms Fetch
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=54246712463&lsavail=1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e988c27e167cb98f5879b1b4ebff3de7e0dd3ff2dd105214225face422069b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 02 Dec 2023 17:35:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.apkshub.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 38 B
310 B 50ms
49ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=705383
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65b4210c4e65a13fee851711a86f57ce18cfa871d3f698552c1ad32cfbfe0c1e

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CIte2iiySCEiPmBWBrrz16bdy9eiRQX2SjH5Hl7wMiH83%2Fd64QmWqmfRFiGNWnoNcN0J0OlTudGtN2vAzx2XTqPUOLriNRt4sMfAoBXUhzheCftR5YE1eEXsSaswGdqOOcy%2BzS0"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 82f5537cdfbc01e7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 38
expires: 0

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
274 B 165ms
164ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNUaAaPRzdNAKKeYBKY-yYMA-PUAM-qMyY-ZZKttweTUKweRlmNaKAbaARdzNwqfftkRqxeNco_TUBMTUaAaP_KRwkjNTR_yszuNzkxtRkjmNaKAbaARwlNhxwdqzoe,qdb,jxqfzxdrtb,kzwigxlt,qrquog,zkohstsoyz,obRleNpl
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zahRsF5uWtrVB%2B6k62oR%2B9w6WLVmWhjOg4h%2BNQA2rI7Xf7RC0THUWPzolSr5z%2Buv8xXb1QAAZ%2F%2BDjb2bNHG%2FHe7cOJmGv13mdPIbqDxAg0e210dAsKbDzRPbz4K3JcxkPSUl8wMupodLlN8zXFfg7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537cd88383a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
277 B 175ms
174ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNUaAaPRzdNMBYBMKKt-ayMB-PYqZ-wBqM-TPreATZPeYTBRlmNKYMbaARdzNwqfftkRqxeNco_TUBMTUaAaP_MRwkjNTR_yszuNzkxtRkjmNKYMbaARwlNhxwdqzoe,qdb,jxqfzxdrtb,kzwigxlt,qrquog,zkohstsoyz,ekoztg,obRleNpl
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qg7opk%2BAtgrGs3YW9uc5y4nd4Q3Q2HWTbiWx4iJx%2BefbOL7KfwvSiFMobz%2B0z6tkMXUGh0Bz%2Bl6dgih2Gu2dE4j8AdRZSZ6IrirXkbiX%2BBktDPzbT%2FYJM2k4%2F9bLys%2FU64wm9F%2Fx5rCWGOWfUO46nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537cd88a83a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
57 B 47ms
47ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:21 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
mp.4dex.io/ 1 KB
1 KB 59ms
59ms Fetch
application/json 2606:4700:4400::ac40:994e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f13b9218a20927be2ea775f729679b2883390df264a87fd86cf1aebe87be2c1

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 82f5537cdd052373-ZRH
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 352ms
352ms Fetch 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.21.0&cb=56257744826&lsavail=1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
177 B 166ms
166ms Fetch 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
35 B 586ms
586ms Fetch 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:24 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f5537cedda4c44-MXP
access-control-allow-methods: POST, GET

POST /
prebid.smilewanted.com/ 0
0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
177 B 352ms
128ms Fetch 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-627DAB43ED3733780E9A73E8BD682E49&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=865eb601-bd05-4141-b1e8-28c13b0a23e2&u=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&host=www.apkshub.com&ucfUid=e7570e4a-9c64-4ccc-b687-d08c3592f5b7&w=300&h=250
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
access-control-allow-credentials: true
connection: close

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
526 B 123ms
123ms Fetch
application/json 18.198.161.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.21.0&referrer=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&tmax=1000

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.198.161.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-161-106.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
accept-ch: sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
209 B 39ms
39ms Fetch 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:23 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 38 B
314 B 47ms
46ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=705383
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e70f4e809edfa34239ae9a8f125511042041222cc1341807c5d325169cb14f

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDDsfkjJZENcMibA%2B%2FPh%2BL0mWf2gPPngm3x%2BGNoSxdEttioRoH7CrLKCkAb3zEP13HpKBsTIVKhszgxXdj2i%2FmZGzTfdH7PtntkF%2B2PfOOoQIIRFZl186vJAbRSoFYk7E48tlW2k"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 82f5537cefc901e7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 38
expires: 0

GET
H2 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
271 B 173ms
172ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRmNUMKZZRzdNrqyYZZKw-MyBA-PBrY-wAwa-KPMUrAKyBwBMRlmNBAAbYZARdzNwqfftkRqxeNco_TUBMTUMKZZ_TRwkjNTR_yszuNzkxtRkjmNBAAbYZARwlNhxwdqzoe,qrquog,ekoztg,kzwigxlt,jxqfzxdrtb,ldostvqfztr,xeyxffts,zkohstsoyz,qdb,obRleNpl
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1i4QScxgxPmLqve8SJY%2B%2B6yk36M%2B6YTyU7y6qnvEjHTQgJdSDu1N9ulvRx1zLr9JI1tXIxpoj5VF5E2avBujeQnrnjY%2BbaiBb7HIQOxGKrXekn25a4B8ecWkvKv8YT8DFpNribprvHXPnZFhHcdKaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537ce8a683a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 cc.jpeg
px.vliplatform.com/br-v4/ 0
500 B 171ms
170ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/br-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNayUZYKKP-KweA-PtPy-MwYe-wKqqZPBaayePRlmNKYMbaARdzNwqfftkRqxeNco_TUBMTUMKZY_BRysggkNAGATRwkNekoztg|TGPBTZMaPKYYaBMZBM|KYMbaA|wqfftk|BZU|RmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaZndNjHT0dGnk%2B%2Btirc9sJwsMUqMXwlfYOnBaZ2Qg2NGxCJz1HBljrUbX3THN1hpzEaS6s%2BvsQYZAuaEPJ7gsZkiADsyL7yYm4wepXfzXUbwoMDgaesCy6rmnsTul5qMZ3%2BaZP9PLAgtYTHYLCrig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537cf8e183a0-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 cc.jpeg
px.vliplatform.com/br-v4/ 0
539 B 176ms
175ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/br-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNUUUZTZaq-ATPr-PUyT-wUeT-wMqertMrTBtyRlmNKYMbaARdzNwqfftkRqxeNco_TUBMTUMKZY_TRysggkNAGATRwkNekoztg|TGYBYUaABKAAMYMZZB|KYMbaA|wqfftk|BUU|RmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VDPESXsX9e2JkX%2B3CgUQVlWd%2FQOckuXDvUTLXPFTs6wtLEMryFYuN7C%2FgUEYeQvg1VsHdHD7Q4sfscP6EsYK%2FNyqdAoJM7nHpXqg8dVoiKM6QRQOK3yT4oIzbin8kAv%2BlgvI86%2FPijRJLtk48MiOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537d1eb1ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 cc.jpeg
px.vliplatform.com/br-v4/ 0
494 B 170ms
166ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/br-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNqwABeTYt-tPKZ-Pwww-MMYU-aKMyMKYUrTUyRlmNPTAbYBTRdzNcortg%20gxzlzktqdRqxeNco_TUBMTaPTYP_gxzlzktqdRysggkNAGATRwkNjxqfzxdrtb|AGTBTPZTY|PTAbYBT|cortg%20gxzlzktqd|YUA|,ekoztg|AGBKaZUZaaZaBTUYZP|PTAbYBT|cortg%20gxzlzktqd|BAK|RmNaPTYPRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEGokbFBGWAk%2B3v9S%2F8WLI8tiRA3YvW697BUS3aY1FGe8LE7DlEBsINZf1Pm11hq3Qx9EpeyooQIalqt99I6nypAQ7mBqRopbDiNmGWEH1cOTL6WfbP3fq4nU2IymkNJw75aXnSTiQepcu956zAjBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537d2ed5ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 cc.jpeg
px.vliplatform.com/br-v4/ 0
494 B 189ms
184ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/br-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNYeMBTZBr-wwPM-PwBA-qerA-qPAKUUZMMaTARlmNBBUbPMARdzNwqfftkRqxeNco_TUBMTaPTYP_wqfftkRysggkNAGATRwkNekoztg|TGUPBPAMaMaaAUBTTT|BAAbYZA|wqfftk|BAa|RmNaPTYPRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2X9m9Duyf5pCiBD1zWvx1RVvbMTjyl2BaaTCgWIqOUQVd9Lm1PzmzmDKl51l19G5ClmcAY60SyUfmb2L6DC06nEh2VWciYSgawFt7Y%2Fsim7mWslX5w6FrdsB%2BkUItfAM1CNzT4laDmSUS3kqRtebA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537d2ed6ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 cc.jpeg
px.vliplatform.com/br-v4/ 0
502 B 172ms
167ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/br-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNZMwBayBM-yPBK-PqZB-wBPY-qrtMKeBeUteMRlmNUPAbPMARdzNcortg%20oflzktqdRqxeNco_TUBMTaPTYP_oflzktqdRysggkNAGATRwkNekoztg|AGUaYBAKAAKBTYKKPK|UPAbPMA|cortg%20oflzktqd|BAM|RmNaPTYPRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BWNjB6s8DtQVH%2BE3xYrvFf%2BlY1ZLRSRGVwYz0Umry%2FXi5404dMOezGB45dJ%2FMcn9yDfYGFgmX1PoNWgJXncho3g3HS9rSP9ChQxSgJDl8GB%2F4XDKYQr40CfAK%2BFa85khisgO0jOkHeftILWgwgj8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537d2ed7ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 184 KB
51 KB 1201ms
1201ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2981851881987093&correlator=497176644130988&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=22651645586%2Capkshub.com_vli94124&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&fsfs=1&ists=1&fas=8&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701538523710&lmt=1701538523&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1865362612.1701538522&ga_sid=1701538524&ga_hid=1059934213&ga_fc=true&dlt=1701538522035&idt=1115&prev_scp=vli_adslot%3D94124%26vli_acc%3Dvli_22%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26vli_sf%3D1%26vli_slot%3Dvi_1638194124_banner%26pw_tagid%3D94124%26pw_network%3Dtrue%26floor_key%3D37%26hb_bidder%3Dcriteo%26pw_pb%3D1.86%26hb_size%3D300x250%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_domain%3Dapkshub.com%26real_cpm%3D1.6434089899063111&cust_params=hb_domain%3Dapkshub.com&adks=2566097950&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f3087354a2d14a87953c298d77afb40188d5206e6cd9c1976232a34d27ae039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51857
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
499 B 176ms
173ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNMPPZTyea-eTKZ-PZPt-qwTM-MayyAqrMeqTwRdzNwqfftkRwlNcso_YYRkjmNBYAbPMA,BBUbYMA,BAAbYZARrdzNuggustRwkjNTRmNaPTYPRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2Bv8ZekuaqEi306wyV6Vn14Qa7OEvwnHKKuSzMb4pjBJWfFH8ZvRinX%2FwaktUoO3E8AGXEEL%2FvBxg5cJN6u2eIbEeMH6PFSX9g2SPIcNrcWTGJixt%2BeAX9FNIr3LWchAjErf1NCgtiTYfjpydYX3Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537d4ee8ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 container.html Show response
f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6815 6 KB
3 KB 157ms
64ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:35:23 GMT
expires: Sun, 01 Dec 2024 17:35:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 39 KB
13 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2428653048a13d41cc7aedcb47c0a8398d77a4d4a1cc3f999f9695d5e6d3d528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20814
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13736
x-xss-protection: 0
server: cafe
etag: 9658267497644244280
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 01 Dec 2024 11:48:29 GMT

GET
H2

200

setuid
u.4dex.io/ Frame 2057
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LPOC3RIX-4-J7RK
https://u.4dex.io/setuid?bidder=rubicon&uid=LPOC3RIX-4-J7RK

0
755 B

38ms
38ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=rubicon&uid=LPOC3RIX-4-J7RK
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://u.4dex.io/setuid?bidder=rubicon&uid=LPOC3RIX-4-J7RK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 579d6dd278f76ae39d067788043e4297
Expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
12 KB 586ms
586ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2981851881987093&correlator=1782259224063710&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=22651645586%2Capkshub.com_vli68752&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=2&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701538523730&lmt=1701538523&adxs=436&adys=1113&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&vis=1&psz=728x-1&msz=728x-1&fws=0&ohw=0&ga_vid=1865362612.1701538522&ga_sid=1701538524&ga_hid=1059934213&ga_fc=true&dlt=1701538522035&idt=1115&prev_scp=vli_adslot%3D68752%26vli_acc%3Dvli_22%26vli_adtype%3Ddisplay%26hb_width%3D728%26hb_height%3D90%26pw_tagid%3D68752%26vli_sf%3D1%26pw_network%3Dtrue%26floor_key%3D37%26hb_bidder%3Dcriteo%26hb_adid%3D144f5c0d5d3edd69%26pw_pb%3D1.62%26hb_size%3D728x90%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_domain%3Dapkshub.com%26real_cpm%3D1.4315894722938538&cust_params=hb_domain%3Dapkshub.com&adks=4224078187&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f678dbc5dc5f107e7cee1733b5cfcffc619cd79cd3486711af90931f43877791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12693
x-xss-protection: 0
google-lineitem-id: 5891950688
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138378401684
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
500 B 172ms
172ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNAYZMYZew-aPer-PKwr-wTTA-BKZYyPKeAPZqRdzNwqfftkRwlNcso_YYRkjmNKYMbaA,PUMbUARrdzNuggustRwkjNTRmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuBNpZrMHnGQVx6ZshB58exxFT4oxLI5BJalREhygmFXH3kOg%2B0mpmWVRqjmhn89che6J8tHHU7Z%2BHS9DDvdfrwP2D%2BM%2F0oGpsEsXyOrdd8Wn4BPlPESCMJFxcEJnU4WVLZm6JQQB5sDEP2udL42jA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537d5f00ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
12 KB 723ms
723ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2981851881987093&correlator=3544818919983235&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=22651645586%2Capkshub.com_vli68752&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=3&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701538523733&lmt=1701538523&adxs=436&adys=598&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&vis=1&psz=728x-1&msz=728x-1&fws=0&ohw=0&ga_vid=1865362612.1701538522&ga_sid=1701538524&ga_hid=1059934213&ga_fc=true&dlt=1701538522035&idt=1115&prev_scp=vli_adslot%3D68752%26vli_acc%3Dvli_22%26vli_adtype%3Ddisplay%26hb_width%3D728%26hb_height%3D90%26pw_tagid%3D68752%26vli_sf%3D1%26pw_network%3Dtrue%26floor_key%3D37%26hb_bidder%3Dcriteo%26hb_adid%3D14396a9e35022c5e%26pw_pb%3D1.39%26hb_size%3D728x90%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_domain%3Dapkshub.com%26real_cpm%3D1.2326903700828553&cust_params=hb_domain%3Dapkshub.com&adks=4224078185&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd5a43a1c893aa37b1370311b83752106eaffbf29ffc3f57bcb89db2269c155b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12703
x-xss-protection: 0
google-lineitem-id: 5999914785
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138390635722
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
497 B 164ms
163ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNBaTePBPw-rwaY-PPUY-MePt-AAMPPKyYeqYtRdzNwqfftkRwlNcso_YYRkjmNKYMbaA,PUMbUARrdzNuggustRwkjNTRmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWmqQdkOcvNhEhyvOgS4QEfSYLuz1MiDM66LxtnbmuF1TqvCt05396D7Xe4inA%2BF3fe2XZFPOPDHtuJjmr2jpsvLX7yWDbfp29Qtf4gSVtInzLsq49vr5Yg7a6VGrGBcTMGxm%2Fc0HK%2FlO2Z26jIu6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537d5f03ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2

200

RX-87f50603-7304-436c-a0d6-9713341d1547-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=adagio&zcc=1&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D&cb=1701538523797
https://ad.turn.com/r/cs?pid=45&rndcb=6444313528
https://sync.1rx.io/usersync/turn/3210797714166362298?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-87f50603-7304-436c-a0d6-9713341d1547-003

43 B
377 B

34ms
33ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-87f50603-7304-436c-a0d6-9713341d1547-003
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-87f50603-7304-436c-a0d6-9713341d1547-003
pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 0B94 4 KB
2 KB 101ms
31ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

b848cbb1a099c88b275101fc625b69f74caaf1e71787a8378066fb8355112c5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1537
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK pr Show response
aax-eu.amazon-adsystem.com/s/v3/ Frame EDCA 2 KB
3 KB 56ms
56ms Document
text/html 67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_pm-db5_ppt_n-vmg_n-baidu_n-Beeswax_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Requested by

Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_pm-db5_ppt_n-vmg_n-baidu_n-Beeswax_smrt_3lift&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

a8406e2a77bae17ac5008dcd02912bbf87dac3bf136651a4f23ec53f7372ee8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-sharethrough_pm-db5_ppt_n-vmg_n-baidu_n-Beeswax_smrt_3lift&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 2388
Content-Type: text/html;charset=ISO-8859-1
Date: Sat, 02 Dec 2023 17:35:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 3VPP7FZEQYTJYGZEKNEA

GET
H3 200 cc.jpeg
px.vliplatform.com/br-v4/ 0
501 B 169ms
169ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/br-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNZPYewUTa-aZTr-Pqaa-aATr-UyBwMqtUMrMTRlmNKYMbaARdzNwqfftkRqxeNco_TUBMTUMKZY_YRysggkNAGATRwkNekoztg|TGPBTZMaPKYYaBMZBM|KYMbaA|wqfftk|BKT|RmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qZsOCDA9ug4HKf%2FuO%2BQGkWRIh%2BJurlOGuDxGZEpfcQkDHFcBF88GT10ddutsY1Aq9dUyK13SMzyaRQE1LHklfv%2BDBlcI2h9F8E5L9gBtJABOvLc%2BTgxcuexPGMXyDds9YVs086Djfa61XZQTIhEnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537daf64ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
12 KB 738ms
737ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2981851881987093&correlator=4401927268959102&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=22651645586%2Capkshub.com_vli68752&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60&ifi=4&sfv=1-0-40&fsfs=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701538523780&lmt=1701538523&adxs=436&adys=880&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&vis=1&psz=728x-1&msz=728x-1&fws=0&ohw=0&ga_vid=1865362612.1701538522&ga_sid=1701538524&ga_hid=1059934213&ga_fc=true&dlt=1701538522035&idt=1115&prev_scp=vli_adslot%3D68752%26vli_acc%3Dvli_22%26vli_adtype%3Ddisplay%26hb_width%3D728%26hb_height%3D90%26pw_tagid%3D68752%26vli_sf%3D1%26pw_network%3Dtrue%26floor_key%3D37%26hb_bidder%3Dcriteo%26hb_adid%3D1452285d683d9a31%26pw_pb%3D1.62%26hb_size%3D728x90%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_domain%3Dapkshub.com%26real_cpm%3D1.4315894722938538&cust_params=hb_domain%3Dapkshub.com&adks=4224078184&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bc1bdcaa43ae440358699d88341bd7d5280808579a969bd0cef5d20c6e0f8e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12677
x-xss-protection: 0
google-lineitem-id: 5999914974
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138390635704
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
498 B 161ms
160ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNaZyyqtBq-ZZUZ-PeAM-Mwyq-AAMYryUYqYPURdzNwqfftkRwlNcso_YYRkjmNKYMbaA,PUMbUARrdzNuggustRwkjNTRmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lc3Mepb1wk7lmKD9xyGt0RKFa1fjxMxbxgoITNmXeVrQncou5TqsRGF6Zy8%2BM6BbulryLe5SNpRkzTu0ZFncGdjMA1XuEPvyduuXVOl9yM5e%2BKEPtrUwte3wlCOyXWj6NbpUUYI%2FQzaP95HQnJxTig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5537daf71ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame EDCA
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=429f70146d

43 B
479 B

57ms
57ms

Image
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=429f70146d

Requested by

Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_pm-db5_ppt_n-vmg_n-baidu_n-Beeswax_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MMN6QB35WCQ8EMX93H2P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 02 Dec 2023 17:35:23 GMT
via: 1.1 a6a1a17bbe377bf7c4423397c71959da.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR50-P1
x-cache: Miss from cloudfront
location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=429f70146d
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: UuJisMSh9UQwlXUcYNc9awDLsxN9y1HVQimuJ8eucEU4RNrYAnjpEQ==

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame EDCA
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=cc77a4b6-7e95-47ed-ba32-09569fa94366

43 B
479 B

59ms
57ms

Image
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=cc77a4b6-7e95-47ed-ba32-09569fa94366

Requested by

Protocol

HTTP/1.1

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T5TXWDTD85BPZR6WSZPQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=cc77a4b6-7e95-47ed-ba32-09569fa94366
date: Sat, 02 Dec 2023 17:35:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame EDCA
Redirect Chain

https://trace-eu.mediago.io/ju/cs/amazon?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbaidu.com%26id%3D%24UID
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=baidu.com&id=9d9fcb00faa355bb2myzw400lpoc3rpb

43 B
479 B

60ms
59ms

Image
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=baidu.com&id=9d9fcb00faa355bb2myzw400lpoc3rpb

Requested by

Protocol

HTTP/1.1

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:23 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: S2XFN62N2G6GR6J1JT37
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 02 Dec 2023 17:35:23 GMT
via: 1.1 google
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=baidu.com&id=9d9fcb00faa355bb2myzw400lpoc3rpb
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame EDCA
Redirect Chain

https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
https://s.amazon-adsystem.com/ecm3?id=AADVBE7K1tYAABRxDUIUDA&ex=beeswax.com

43 B
479 B

346ms
121ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=AADVBE7K1tYAABRxDUIUDA&ex=beeswax.com

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3JYR0BB0N7YB1G5RTB56
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=AADVBE7K1tYAABRxDUIUDA&ex=beeswax.com
Date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 204 /
match.sharethrough.com/jwumXNuB/v1/ Frame A8B6 0
0 134ms
28ms Document
text/plain 3.68.140.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_pm-db5_ppt_n-vmg_n-baidu_n-Beeswax_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.140.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-140-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D22C 16 KB
6 KB 84ms
83ms Document
text/html 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_pm-db5_ppt_n-vmg_n-baidu_n-Beeswax_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=92588
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sat, 02 Dec 2023 17:35:23 GMT
expires: Sun, 03 Dec 2023 19:18:31 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

visitormatch Show response
bh.contextweb.com/ Frame CC6A
Redirect Chain

https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1

849 B
2 KB

35ms
35ms

Document
text/html

208.93.169.131
WEBMD-IDC1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

1e6ef4248f524878d497de076ba9be75b80b930959e9cdd7f4ac93ae2865be9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control: private, max-age=0, no-cache, no-store
content-language: de-CH
content-length: 849
content-type: text/html;charset=iso-8859-1
cw-server: bh-deployment-74c7cffc45-7pcmw
expires: -1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(10.0.14)
strict-transport-security: max-age=15768000

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control: private, max-age=0, no-cache, no-store
content-language: de-CH
cw-server: bh-deployment-74c7cffc45-7pcmw
expires: -1
location: /visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(10.0.14)
strict-transport-security: max-age=15768000

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 7B57
Redirect Chain

https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=eS1DOG1saWVwRTJ1STNSLlNZY3JjTXJzdDVHaFJhbUtMRX5B&

43 B
479 B

75ms
61ms

Document
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=eS1DOG1saWVwRTJ1STNSLlNZY3JjTXJzdDVHaFJhbUtMRX5B&

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 02 Dec 2023 17:35:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 3DZMQ6EBVSYES1KVW7ZR

Redirect headers

age: 0
content-length: 0
date: Sat, 02 Dec 2023 17:35:23 GMT
location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=eS1DOG1saWVwRTJ1STNSLlNZY3JjTXJzdDVHaFJhbUtMRX5B&
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.87
strict-transport-security: max-age=31536000

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 86C1
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=2
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=7625412597159132983&gdpr=0&gdpr_consent=

43 B
479 B

59ms
59ms

Document
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=7625412597159132983&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 02 Dec 2023 17:35:24 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: CNT5JZHJSY0TDV5BHRH9

Redirect headers

content-length: 0
date: Sat, 02 Dec 2023 17:35:23 GMT
location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=7625412597159132983&gdpr=0&gdpr_consent=

GET
H2 200 getuid Show response
eb2.3lift.com/ Frame 9E0B 37 B
140 B 115ms
30ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-sharethrough_pm-db5_ppt_n-vmg_n-baidu_n-Beeswax_smrt_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 02 Dec 2023 17:35:23 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2057
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=En2Ay5koQJqqk8WQKHgSzg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=En2Ay5koQJqqk8WQKHgSzg

43 B
479 B

61ms
61ms

Image
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=En2Ay5koQJqqk8WQKHgSzg

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

HTTP/1.1

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BWB2XFSHTVXTE5DD1BP9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=En2Ay5koQJqqk8WQKHgSzg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 2057
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPOC3RIX-4-J7RK

0
864 B

272ms
209ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPOC3RIX-4-J7RK
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D0737C3B6B4141659F0016068A24AED8 Ref B: ZRHEDGE1020 Ref C: 2023-12-02T17:35:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLik9LpiURIMQx1BMtNg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPOC3RIX-4-J7RK
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b71bced807741b20dd93dce6c2d26405
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 2057 70 B
148 B 52ms
42ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2057
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=LPOC3RIX-4-J7RK&ex=d-rubiconproject.com&status=ok

43 B
479 B

346ms
121ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LPOC3RIX-4-J7RK&ex=d-rubiconproject.com&status=ok

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NQSD54XMZ0BV6YV4V56E
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LPOC3RIX-4-J7RK&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2057
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRhNGU0ZTdiOTVjNTM2ZjZkOTkwYTQ5NTkwODM2N2I1Yzk5YjEwNQ

170 B
188 B

62ms
61ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRhNGU0ZTdiOTVjNTM2ZjZkOTkwYTQ5NTkwODM2N2I1Yzk5YjEwNQ

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmRhNGU0ZTdiOTVjNTM2ZjZkOTkwYTQ5NTkwODM2N2I1Yzk5YjEwNQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ef823186f233724f4775c0c4b9549d14
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2057
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBPQzNSSVgtNC1KN1JL
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELWO4sqrFhNmsNBOcSkk8ec&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBPQzNSSVgtNC1KN1JL&google_push=

170 B
188 B

61ms
61ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBPQzNSSVgtNC1KN1JL&google_push=

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBPQzNSSVgtNC1KN1JL&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2057
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7eTyeR6DRkeUG9oyuX1iOw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7eTyeR6DRkeUG9oyuX1iOw

43 B
479 B

116ms
116ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7eTyeR6DRkeUG9oyuX1iOw

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 80K4VMK0X4HGN07D8363
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7eTyeR6DRkeUG9oyuX1iOw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2057
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBOLnMLjtRwE5MZ5vk53b00&google_cver=1

42 B
840 B

138ms
30ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBOLnMLjtRwE5MZ5vk53b00&google_cver=1
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBOLnMLjtRwE5MZ5vk53b00&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2057
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/PcHs7Aj-8u_LpVbIWfZhTA?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-77snHqtE2oK2rkxOVgl.eQTGbkabgilPALNN9w--~A

42 B
840 B

92ms
30ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-77snHqtE2oK2rkxOVgl.eQTGbkabgilPALNN9w--~A
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-77snHqtE2oK2rkxOVgl.eQTGbkabgilPALNN9w--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2057
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACnKU7K1tYAABP43teMng&expires=30

42 B
840 B

69ms
30ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACnKU7K1tYAABP43teMng&expires=30
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AACnKU7K1tYAABP43teMng&expires=30
Date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame 2057
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPOC3RIX-4-J7RK

43 B
1 KB

31ms
31ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPOC3RIX-4-J7RK

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
an-x-request-uuid: afa2e73d-e271-441f-881c-5a0b7a762690
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.195.71.221; 185.195.71.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPOC3RIX-4-J7RK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: aca6c52e983509e86b136a052e19be23
Expires: 0

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame 2057
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPOC3RIX-4-J7RK

0
524 B

140ms
62ms

Image
text/html

2600:9000:2251:5200:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPOC3RIX-4-J7RK
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 2600:9000:2251:5200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
content-encoding: gzip
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gKfz0WMPmx_UmedXsJfq1gmOTu6Y_PkV_CQqNbJMrC5y0Y6pO9oR9w==

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPOC3RIX-4-J7RK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 2057
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
https://prebid.a-mo.net/setuid/magnite?uid=LPOC3RIX-4-J7RK

0
107 B

35ms
34ms

Image
text/plain

145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LPOC3RIX-4-J7RK
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LPOC3RIX-4-J7RK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2057
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=73c56baa-ff6c-4dd2-9835-7afda27df592&expires=30

42 B
840 B

30ms
30ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=73c56baa-ff6c-4dd2-9835-7afda27df592&expires=30
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=73c56baa-ff6c-4dd2-9835-7afda27df592&expires=30
Date: Sat, 02 Dec 2023 17:35:24 GMT
Connection: keep-alive
X-CI-RTID: 3dddab01-991e-4a34-8f97-b0d38a44e37d
Content-Length: 144
Content-Type: text/html; charset=utf-8

GET
H2

204

v1
match.sharethrough.com/sync/ Frame 2057
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPOC3RIX-4-J7RK

0
34 B

30ms
30ms

Image
text/plain

3.68.140.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPOC3RIX-4-J7RK
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 3.68.140.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-140-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPOC3RIX-4-J7RK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 2057
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPOC3RIX-4-J7RK
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPOC3RIX-4-J7RK

95 B
437 B

41ms
41ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPOC3RIX-4-J7RK

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPOC3RIX-4-J7RK
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
capi.connatix.com/us/ Frame 0D51
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564
https://capi.connatix.com/us/pixel?puid=LPOC3RIX-4-J7RK&pId=11&gdpr=&gdpr_consent=&us_privacy=
https://capi.connatix.com/us/pixel?puid=LPOC3RIX-4-J7RK&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

82 B
82 B

67ms
67ms

Image
image/gif

172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LPOC3RIX-4-J7RK&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 82f5537f8d0b23df-ZRH
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://capi.connatix.com/us/pixel?puid=LPOC3RIX-4-J7RK&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 82f5537f1c4c23df-ZRH
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 0D51
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
https://ce.lijit.com/merge?pid=80&3pid=LPOC3RIX-4-J7RK

0
311 B

125ms
39ms

Image
text/plain

216.52.2.86
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LPOC3RIX-4-J7RK
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Server: 216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LPOC3RIX-4-J7RK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H2

200

cksync
hb.yahoo.net/ Frame 0D51
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPOC3RIX-4-J7RK&redir=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPOC3RIX-4-J7RK&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS16QWtFMTZkRTJ1RWxNMER6MXJTX0hjRjB6XzNBWlhHSX5B&ovsid=LPOC3RIX-4-J7RK&dpid=58160

52 B
315 B

145ms
53ms

Image
image/gif

2.19.126.96
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS16QWtFMTZkRTJ1RWxNMER6MXJTX0hjRjB6XzNBWlhHSX5B&ovsid=LPOC3RIX-4-J7RK&dpid=58160

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Server

2.19.126.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-96.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sat, 02 Dec 2023 17:35:24 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 52
x-mnet-hl2: E
expires: Sat, 02 Dec 2023 17:35:24 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS16QWtFMTZkRTJ1RWxNMER6MXJTX0hjRjB6XzNBWlhHSX5B&ovsid=LPOC3RIX-4-J7RK&dpid=58160
date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0D51
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=14
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=w0SheZI2Xk5mBkU8GEz5-rnDR90

42 B
840 B

31ms
31ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=w0SheZI2Xk5mBkU8GEz5-rnDR90
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=w0SheZI2Xk5mBkU8GEz5-rnDR90
Date: Sat, 02 Dec 2023 17:35:24 GMT
Connection: keep-alive
Content-Length: 121
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0D51
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1164
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5601850442688953787

42 B
840 B

154ms
31ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5601850442688953787
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: aca6c52e983509e86b136a052e19be23
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5601850442688953787
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0D51
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=a77d3f7e-ac3b-48f5-a8a6-953a11b916b7

42 B
840 B

137ms
31ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=a77d3f7e-ac3b-48f5-a8a6-953a11b916b7
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=a77d3f7e-ac3b-48f5-a8a6-953a11b916b7
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 798679
content-length: 0
expires: Sat, 02 Dec 2023 00:00:00 GMT

GET
H2 200 cookiesync
bttrack.com/pixel/ Frame 0D51 35 B
163 B 351ms
116ms Image
image/gif 192.132.33.67
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.132.33.67 , United States, ASN18568 (BIDTELLECT, US),

Reverse DNS

67.bidtellect.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-servername: Track002-iad
pragma: no-cache
date: Sat, 02 Dec 2023 17:34:30 GMT
strict-transport-security: max-age=31536000;
content-type: image/gif
cache-control: private,no-cache
content-length: 35
expires: -1

GET
H2

204

Rubicon
s.seedtag.com/cs/cookiesync/ Frame 0D51
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LPOC3RIX-4-J7RK

0
284 B

100ms
43ms

Image
text/plain

34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LPOC3RIX-4-J7RK
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
access-control-allow-credentials: true
server: openresty
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LPOC3RIX-4-J7RK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0D51
Redirect Chain

https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7476920855595883743&expires=30

42 B
840 B

136ms
30ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7476920855595883743&expires=30
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
an-x-request-uuid: 7a6e3083-9c8f-42b4-93aa-022a9a354f91
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7476920855595883743&expires=30
x-proxy-origin: 185.195.71.221; 185.195.71.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0D51
Redirect Chain

https://ad.turn.com/r/cs?pid=6
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3354912902242218170&expires=60&gdpr=&gdpr_consent=

42 B
840 B

30ms
30ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3354912902242218170&expires=60&gdpr=&gdpr_consent=
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3354912902242218170&expires=60&gdpr=&gdpr_consent=
pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

RX-87f50603-7304-436c-a0d6-9713341d1547-003
sync.targeting.unrulymedia.com/csync/ Frame 0D51
Redirect Chain

https://sync.1rx.io/usersync2/rubicon
https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1701538523820
https://ad.turn.com/r/cs?pid=45&rndcb=6993363111
https://sync.1rx.io/usersync/turn/3282855308204290234?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-87f50603-7304-436c-a0d6-9713341d1547-003

43 B
377 B

34ms
34ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-87f50603-7304-436c-a0d6-9713341d1547-003
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-87f50603-7304-436c-a0d6-9713341d1547-003
pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 0D51 0
0 101ms
38ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2

200

setuid
s2s.t13.io/ Frame 0D51
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13
https://s2s.t13.io/setuid?bidder=rubicon&uid=LPOC3RIX-4-J7RK

86 B
440 B

101ms
45ms

Image
image/png

34.107.140.113
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2s.t13.io/setuid?bidder=rubicon&uid=LPOC3RIX-4-J7RK
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 113.140.107.34.bc.googleusercontent.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: gzip
via: 1.1 google
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s2s.t13.io/setuid?bidder=rubicon&uid=LPOC3RIX-4-J7RK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H2 200 143
match.deepintent.com/usersync/ Frame 0D51 0
44 B 369ms
115ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/143
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
content-length: 0
server: a

GET
H2

200

redirect
exchange.mediavine.com/usersync/ Frame 0D51
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=17404
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LPOC3RIX-4-J7RK

0
186 B

207ms
139ms

Image
text/html

18.157.198.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LPOC3RIX-4-J7RK
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 18.157.198.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-198-8.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LPOC3RIX-4-J7RK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0D51
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=unruly
https://sync.1rx.io/usersync/rubicon/LPOC3RIX-4-J7RK
https://sync.targeting.unrulymedia.com/csync/RX-87f50603-7304-436c-a0d6-9713341d1547-003?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-87f50603-7304-43...
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-87f50603-7304-436c-a0d6-9713341d1547-003&expires=30

42 B
840 B

31ms
30ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-87f50603-7304-436c-a0d6-9713341d1547-003&expires=30
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-87f50603-7304-436c-a0d6-9713341d1547-003&expires=30
date: Sat, 02 Dec 2023 17:35:24 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX87f506037304436ca0d69713341d1547003
content-type: text/html

GET
H2

200

cs
cs.minutemedia-prebid.com/ Frame F5B8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LPOC3RIX-4-J7RK

0
326 B

188ms
52ms

Image
application/javascript

54.216.109.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.minutemedia-prebid.com/cs?aid=21479&id=LPOC3RIX-4-J7RK
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 54.216.109.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-109-54.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://eus.rubiconproject.com/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cs.minutemedia-prebid.com/cs?aid=21479&id=LPOC3RIX-4-J7RK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame F5B8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LPOC3RIX-4-J7RK&obUid=&initiator=

0
145 B

470ms
111ms

Image
text/plain

64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LPOC3RIX-4-J7RK&obUid=&initiator=
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Server: 64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:24 GMT
Cache-Control: no-cache
X-TraceId: 0a58b6455e522521fc23aead1bfcc2de
Content-Length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LPOC3RIX-4-J7RK&obUid=&initiator=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: aca6c52e983509e86b136a052e19be23
Expires: 0

GET
H2

200

sync
visitor.omnitagjs.com/visitor/ Frame F5B8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LPOC3RIX-4-J7RK&name=RUBICON

49 B
384 B

208ms
58ms

Image
image/gif

52.50.121.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LPOC3RIX-4-J7RK&name=RUBICON

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Server

52.50.121.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-121-249.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 7
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LPOC3RIX-4-J7RK&name=RUBICON
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H/1.1

200
OK

60909
i6.liadm.com/s/ Frame F5B8
Redirect Chain

https://token.rubiconproject.com/token?pid=49096
https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LPOC3RIX-4-J7RK
https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LPOC3RIX-4-J7RK&_li_chk=true&previous_uuid=4200375b68f2413ab31712775a432e8b
https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LPOC3RIX-4-J7RK

43 B
548 B

445ms
112ms

Image
image/gif

2600:1f18:ed:550f:766a:43f2:fc20:ff8d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LPOC3RIX-4-J7RK

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

HTTP/1.1

Server

2600:1f18:ed:550f:766a:43f2:fc20:ff8d Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:24 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LPOC3RIX-4-J7RK
Date: Sat, 02 Dec 2023 17:35:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2

200

cs
cs.yellowblue.io/ Frame F5B8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage
https://cs.yellowblue.io/cs?aid=11590&id=LPOC3RIX-4-J7RK

0
326 B

172ms
54ms

Image
application/javascript

54.216.109.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11590&id=LPOC3RIX-4-J7RK
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 54.216.109.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-109-54.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://eus.rubiconproject.com/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cs.yellowblue.io/cs?aid=11590&id=LPOC3RIX-4-J7RK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H2

204

/
ssc-cms.33across.com/ps/ Frame F5B8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=33across
https://ssc-cms.33across.com/ps/?xi=1&xu=LPOC3RIX-4-J7RK

0
73 B

396ms
127ms

Image
text/plain

67.202.105.22
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?xi=1&xu=LPOC3RIX-4-J7RK
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-105.static.steadfastdns.net
Software: 33XP008 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-33x-status: 2020008
date: Sat, 02 Dec 2023 17:35:23 GMT
server: 33XP008

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ssc-cms.33across.com/ps/?xi=1&xu=LPOC3RIX-4-J7RK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F5B8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZWtq2wAEAN3S7QBU

42 B
840 B

134ms
30ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZWtq2wAEAN3S7QBU
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-mxp6957-MXP
pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1701538524.855689,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZWtq2wAEAN3S7QBU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F5B8
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9F68658DE08F4C9D99328411EBF0F593&expires=365

42 B
840 B

134ms
31ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9F68658DE08F4C9D99328411EBF0F593&expires=365
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9F68658DE08F4C9D99328411EBF0F593&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 01 Dec 2023 17:35:23 GMT

GET
H2 200 bridge
cm.adgrx.com/ Frame F5B8 43 B
281 B 42ms
38ms Image
image/gif 173.231.180.197
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: ams-delivery-4.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: ams-delivery-1
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 204 rubicon
tr.blismedia.com/v1/api/sync/ Frame F5B8 0
173 B 95ms
37ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/rubicon
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F5B8
Redirect Chain

https://token.rubiconproject.com/token?pid=2046&pt=n&a=1
https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=h4Y-O8bHEUGfZj3iLco-sw
https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=5165c7de783217a6&is_secure=true&networkId=12783&version=1&nuid=h4Y-O8bHEUGfZj3iLco-sw
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAIIqB3HY551gNfTgjrAAAAAAA&expiration=1701624924&nuid=h4Y-O8bHEUGfZj3iLco-sw&is_secure=true

42 B
840 B

31ms
31ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAIIqB3HY551gNfTgjrAAAAAAA&expiration=1701624924&nuid=h4Y-O8bHEUGfZj3iLco-sw&is_secure=true
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAIIqB3HY551gNfTgjrAAAAAAA&expiration=1701624924&nuid=h4Y-O8bHEUGfZj3iLco-sw&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

sync
ads.yieldmo.com/ Frame F5B8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo
https://ads.yieldmo.com/sync?pn_id=rc&id=LPOC3RIX-4-J7RK

43 B
599 B

177ms
53ms

Image
image/gif

52.30.73.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/sync?pn_id=rc&id=LPOC3RIX-4-J7RK
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 52.30.73.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-73-115.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ads.yieldmo.com/sync?pn_id=rc&id=LPOC3RIX-4-J7RK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame F5B8
Redirect Chain

https://a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180

43 B
404 B

375ms
365ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82f5537fdc4af0cb-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 10
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82f5537e78eef0cb-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

setuid
prebid-s2s.media.net/ Frame F5B8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-medianet
https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LPOC3RIX-4-J7RK

86 B
518 B

102ms
38ms

Image
image/png

34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LPOC3RIX-4-J7RK
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
via: 1.1 google
server: envoy
content-type: image/png
access-control-allow-origin
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: clear
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LPOC3RIX-4-J7RK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame F5B8
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=7
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7308052309189916812&expires=730

42 B
840 B

102ms
31ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7308052309189916812&expires=730
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: aca6c52e983509e86b136a052e19be23
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7308052309189916812&expires=730
Date: Sat, 02 Dec 2023 17:35:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

cookiesyncendpoint
sync.aniview.com/ Frame F5B8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=17184
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LPOC3RIX-4-J7RK

0
251 B

370ms
117ms

Image
text/plain

96.46.186.182
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LPOC3RIX-4-J7RK
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LPOC3RIX-4-J7RK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 0B94 43 B
443 B 41ms
39ms Image
image/gif 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1143 599e619 master cdg cdg-pixel-x27 config_version:"2120" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:23 GMT
Server: MT3 1143 599e619 master cdg cdg-pixel-x27 config_version:"2120"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Sat, 02 Dec 2023 17:35:22 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 0B94
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LPOC3RIX-4-J7RK&gdpr=0

0
340 B

29ms
29ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LPOC3RIX-4-J7RK&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LPOC3RIX-4-J7RK&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 579d6dd278f76ae39d067788043e4297
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 0B94
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7476920855595883743

0
340 B

29ms
29ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7476920855595883743

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
an-x-request-uuid: ed89dd93-a150-4d00-8110-f892dacb1f6d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7476920855595883743
x-proxy-origin: 185.195.71.221; 185.195.71.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 0B94
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=84f5155833b72adc0b840d57bc3cc8d&gdpr_consent=&gdpr=0

0
340 B

29ms
29ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=84f5155833b72adc0b840d57bc3cc8d&gdpr_consent=&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:23 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=84f5155833b72adc0b840d57bc3cc8d&gdpr_consent=&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1701538523936008-525

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 0B94 42 B
840 B 159ms
31ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=Tx0ADkrITnFBu9UNNJmJf4xYkAQixkBaofFW09ylYGU
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: aca6c52e983509e86b136a052e19be23
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content 73c1e1bfc3bde354d60b80e601ae3914.gif
cs.admanmedia.com/ Frame 0B94 0
176 B 6330ms
867ms Image
text/plain 80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cs.admanmedia.com/73c1e1bfc3bde354d60b80e601ae3914.gif?puid=[UID]&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D164%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=&coppa=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B94
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZatXz_K2z7Q0mxx8NfLAeQXy59sQx0w

170 B
188 B

65ms
62ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZatXz_K2z7Q0mxx8NfLAeQXy59sQx0w

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZatXz_K2z7Q0mxx8NfLAeQXy59sQx0w
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 0B94
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=6962760741807292268

0
340 B

30ms
30ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=6962760741807292268

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=6962760741807292268
date: Sat, 02 Dec 2023 17:35:23 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 0B94 0
0 85ms
39ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0B94
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Tx0ADkrITnFBu9UNNJmJf4xYkAQixkBaofFW09ylYGU

43 B
479 B

430ms
125ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Tx0ADkrITnFBu9UNNJmJf4xYkAQixkBaofFW09ylYGU

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BJ992F965Y3ACNQEZGDW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Tx0ADkrITnFBu9UNNJmJf4xYkAQixkBaofFW09ylYGU
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 0B94
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

0
340 B

29ms
29ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
date: Sat, 02 Dec 2023 17:35:22 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame 0B94
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOPJXS8gbBJUICGddrqwsyQ&google_cver=1

0
340 B

30ms
30ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOPJXS8gbBJUICGddrqwsyQ&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOPJXS8gbBJUICGddrqwsyQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 0B94
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=92&uid=y-KuInPo5E2uH5FkXlU86gwtKb8.kaWe.RTNUNfmc-~A

0
340 B

31ms
31ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-KuInPo5E2uH5FkXlU86gwtKb8.kaWe.RTNUNfmc-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-KuInPo5E2uH5FkXlU86gwtKb8.kaWe.RTNUNfmc-~A
date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0B94 70 B
148 B 51ms
50ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
onetag-sys.com/match/ Frame 0B94
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26us...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26us...
https://x.bidswitch.net/sync?dsp_id=429&user_id=e5535dcc-f3db-5250-8c3c-4e97e957244b&ssp=onetag&expires=30&user_group=1&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=30&uid=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&us_privacy=

0
340 B

30ms
29ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&us_privacy=
date: Sat, 02 Dec 2023 17:35:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 setuid
u.4dex.io/ Frame 0B94 0
787 B 41ms
40ms Image
text/plain 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=onetag&uid=Tx0ADkrITnFBu9UNNJmJf4xYkAQixkBaofFW09ylYGU&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame CC6A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=RURNWlhmOG10Z3FhQ3NkLXV5RG56Zw&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEDiTzIvlkJGnIQUvAlB0NC0&google_cver=1

49 B
805 B

35ms
34ms

Image
image/gif

208.93.169.131
WEBMD-IDC1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEDiTzIvlkJGnIQUvAlB0NC0&google_cver=1

Requested by

Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1

Protocol

Server

208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-CH
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-74c7cffc45-7pcmw
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEDiTzIvlkJGnIQUvAlB0NC0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 335
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame CC6A
Redirect Chain

https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=60b9992c590117a6&is_secure=true&networkId=14200&version=1&nuid=&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAIP8JSS0KhngMP6n3EAAAAAAA&expiration=1701624924&nuid=&is_secure=true&gdpr_consent=&gdpr=0

49 B
833 B

35ms
35ms

Image
image/gif

208.93.169.131
WEBMD-IDC1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAIP8JSS0KhngMP6n3EAAAAAAA&expiration=1701624924&nuid=&is_secure=true&gdpr_consent=&gdpr=0

Requested by

Protocol

Server

208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-CH
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-74c7cffc45-7pcmw
expires: -1

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAIP8JSS0KhngMP6n3EAAAAAAA&expiration=1701624924&nuid=&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame CC6A 43 B
479 B 173ms
121ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=qNYNIJZGIGkZ&ex=Pulsepoint

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://bh.contextweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H4XD4CH571VA2AWSE473
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 138ms
67ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Dec 2023 17:35:24 GMT

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 136ms
68ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Dec 2023 17:35:24 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/br-v4/ 0
494 B 168ms
168ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/br-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNKtKKTUPM-BPZq-PqUY-wPtY-qKqPqMBeUqKtRlmNKYMbaARdzNwqfftkRqxeNco_TUBMTUaAaP_MRysggkNAGATRwkNekoztg|AGPABBKaaMMUKABPaTB|KYMbaA|wqfftk|TKP|RmNUaAaPRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctyIHGrY%2BFScKAyB32DuWUxvnUxmpYaefhE4jYQLgoeqnV52XspLs9eADrXKczkNtfqBsBFubEUlVOEsvumh%2F4jrh2loX9wN8bS4BsGbfn0XW3Po5plNqXYaI8fsWREXyP1PVpT5kOrNV6Kli2cogA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f553808b16ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 container.html Show response
f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 681A 6 KB
3 KB 30ms
29ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:35:23 GMT
expires: Sun, 01 Dec 2024 17:35:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cc.jpeg
px.vliplatform.com/bw-v4/ 0
502 B 165ms
165ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bw-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNPyBrYZKt-wrKM-PMwY-arYa-PwByKAeUwtyrRqxeNco_TUBMTUMKZY_BRwNekoztgRhNTGPBTZMaPKYYaBMZBMRlmNKYMbaARdzNwqfftkRmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yflOUhkL7gT0W9kM%2BYLerDtgm65GgU%2B%2FIUcJPla6r6ByrufOlHTHH1LFMnSoJPsviwm1LryCpu5hzd79%2F25qAOsnHA64uHBdNiA1WUkFaQe36GVfZZmxqYqMEBygoCFCS%2Bg7k60DXFbfpp%2BNWJqDCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f553812c29ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 697ms
697ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2981851881987093&correlator=3538871412208564&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=22651645586%2Capkshub.com_vli69094&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=5&sfv=1-0-40&fsfs=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Defa9c07de3b830da%3AT%3D1701538523%3ART%3D1701538523%3AS%3DALNI_MbaN14SFGZTS8zYx4q1yl1WemPUQw&gpic=UID%3D00000d019f25bebc%3AT%3D1701538523%3ART%3D1701538523%3AS%3DALNI_MaEz6YwAE3BvyerI03x1RvBlSrNqw&abxe=1&dt=1701538524340&lmt=1701538524&adxs=436&adys=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&psts=AOrYGskWSc9PD_RDYt7z09uaA9aIsOyFEzU89arcG8a3pJEJGp7AIeomKH_TaCjDjy-2e-83OSCVtx2z7JR1FI2BeA&ga_vid=1865362612.1701538522&ga_sid=1701538524&ga_hid=1059934213&ga_fc=true&dlt=1701538522035&idt=1115&prev_scp=vli_adslot%3D69094%26vli_acc%3Dvli_22%26vli_adtype%3Ddisplay%26hb_width%3D90%26hb_height%3D90%26pw_tagid%3D69094%26vli_sf%3D1%26pw_network%3Dtrue%26floor_key%3D37%26hb_bidder%3Dcriteo%26hb_adid%3D150411c53b1ec9df%26pw_pb%3D0.45%26hb_size%3D728x90%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_domain%3Dapkshub.com%26real_cpm%3D0.40337998867034913&cust_params=hb_domain%3Dapkshub.com&adks=1640917815&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee334a4e7cab76567143a50f7cfd19d34517a9f38a0ff9ffca145e139647d336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13113
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
502 B 167ms
167ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNyZTwqwqK-ZKPq-PKUT-MrTy-ewtAwePetUyKRdzNwqfftkRwlNcso_YYRkjmNKYMbaA,aKAbaARrdzNuggustRwkjNTRmNUaAaPRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=855DcxKObIMufWh5WZj%2Bw8mhjJsYsC31Yf2wvKVMUHXw%2Bmy%2FvGeuTSa5yGaPVw%2FVwWsLDzWhpeYkMCB9VGbMoSHvcJiOflu7cUvMMdA5vT2KP8Tf9QbYv4qA3%2FNlfJtyln5%2BFwr5Ni6fLAgqUweoZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f553812c2eba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2

200

be96b820e5daac93 Show response
ads.us.e-planning.net/uspd/1/ Frame 8BA9
Redirect Chain

https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID

2 KB
971 B

38ms
38ms

Document
text/html

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 10faec7d8eebee9fc2777a17cd9ef8b5373bcff820c78d246475b12d79841107

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Sat, 02 Dec 2023 17:35:24 GMT
expires: Sat, 02 Dec 2023 17:35:24 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-937

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Sat, 02 Dec 2023 17:35:24 GMT
location: /uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-937

GET
H3

200

setuid
u.4dex.io/
Redirect Chain

https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
https://ice.360yield.com/ul_cb/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
https://u.4dex.io/setuid?bidder=improvedigital&uid=ba99305a-3117-49d4-ba16-96cae3c64a39

0
15 B

41ms
41ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=improvedigital&uid=ba99305a-3117-49d4-ba16-96cae3c64a39
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

location: https://u.4dex.io/setuid?bidder=improvedigital&uid=ba99305a-3117-49d4-ba16-96cae3c64a39
access-control-allow-origin: *
date: Sat, 02 Dec 2023 17:35:24 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5A56
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu

281 B
555 B

40ms
40ms

Document
text/html

69.192.162.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-162-113.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 02 Dec 2023 17:35:24 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 02 Dec 2023 17:35:24 GMT
location: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
server: AkamaiGHost

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 681A 24 KB
7 KB 95ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Nov 2024 11:55:52 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 681A 26 KB
9 KB 43ms
42ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5908
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220028-FRA, cache-lcy-eglc8600068-LCY
x-jsd-version-type: version
server: cloudflare
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yCUwh1yhLG7bXaLS%2B7QeSzKKs5ZBnryw2xSJV9K8Uy8Yk%2BgBj2qKkhnb3R%2FTqbu%2FtM2OxRe%2BkYrpXTd1ZpLJVs9ZlwHxNYzcBXAsFk4asFwtD9NQ4etSpSaeTyA1bPBdBQCAqOmb6Qu%2Bk0UpBc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82f553815ef4f0f4-CDG

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 681A 202 KB
64 KB 210ms
100ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:24 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5A56 46 KB
13 KB 41ms
41ms Script
text/html 69.192.162.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-162-113.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 3ad05fd574b9bf64fb99c4e673f0bdcd6a889d5cffb763dd8829b2abf45d9702

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 21:14:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13191
Connection: keep-alive
Content-Length: 13236
Expires: Sat, 02 Dec 2023 21:15:15 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 5A56 7 B
775 B 31ms
30ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LPOC3RIX-4-J7RK
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 681A 0
0 68ms
68ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrYBFp2dNX4__gUhg5ddIei00s_ohgwv_LihFY0HwfR7k7a_u6UQ8ymSpctT_Jrbkb26FRFAPTait_x_CS8zwsSFvFQcAx4RNLHuuXuyTTyVO1jg0SbJNWCRh3IMLVNaNZihAziJAK0b8Gr_j8_t3CVvboQt8liE--TR8wOFMdfgXos0cZ6I0ZY5cC-kQKoVpEpRK-BoAsjPH-Y0qY4StJ33h4blBvnXbWhsijg0h-dLPZh0H74VOvi-6gxlQqm9Vj94-jI_UnX9aYr1otBz0SvOjL_piN3whBATWjoizWryI_hKq6Ljb5xyRbDTVwFxFUeyRUU4GQ8aGo6uJvxWdOTOO4qWLvT4ivyLnM_8SmJ1gMtVZend1h&sai=AMfl-YRquJ72otBOXOpjK_5bzAXYZ77qYg7fYR4Y2ljQ_OeCL3qUuxHvu2YjxjZ44dq4HkSC3_Jl-iovHey-m34Zab_Q9KoJUkznuxqibRFGEb3FEvFOx2UMJuCfQ_bAVWwpNCNay95L23NWbg&sig=Cg0ArKJSzJJUsU4Ts50LEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 543F 6 KB
3 KB 51ms
51ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:35:23 GMT
expires: Sun, 01 Dec 2024 17:35:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cc.jpeg
px.vliplatform.com/bw-v4/ 0
498 B 177ms
177ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bw-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNerqqTteM-BqyM-PwTA-wTyw-ZYrMYeUUtTUMRqxeNco_TUBMTUMKZY_TRwNekoztgRhNTGYBYUaABKAAMYMZZBRlmNKYMbaARdzNwqfftkRmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyBV%2F5xKhucDkCxkvKOgA%2Fs%2BQKH3qktSH8AYgl7Iov20swfH1DatuOA0e8NhYiSZGjkn2IOixjJx94VjpkVNPoi3Cy8Olox8CqAHrYsj9ioSsPRYSUXJO5D0ApLdBiiN9vVtnLwY0TcU%2B6Tqi2AFxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f553820d2aba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3428 281 B
459 B 134ms
69ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_lSxCYtmoYsYGTgAIwAQ&v=APEucNWGKRMR6rY8V_ZzEzKOsNVNRFGwQF2gExvUU5-EYp5HOL5TWJ87JEsq1PUbD98ut_6yR-stbFSOgIe1v4XAfKg-RgN5RY0nTqOKJ4QQ_BbYl-AmI8c

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 104
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:35:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 15E5 89 KB
31 KB 183ms
115ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31498
x-xss-protection: 0
server: cafe
etag: 4296746511219988724
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:24 GMT

GET
H/1.1 200
OK https_A_B_Bpdc.bidswitch.net_Btracking__burl_BEBYXd__UiIbnwVRNmRLEsE28fTOEZkSTFa5KdoXuBqRvh8D__Jj1__cqBOQjRxbExem72MfYCSPd-FixVk7Xe1tJkGifxj0NlJak9EXwDnVYokhlFPDP2UEdDNohbnQK7XIbPB__8__6GyxxG2FFWS1...
media.grid.bidswitch.net/imp/omv6p0_6m1h5zSnZ6Gss-k08GfC2fobkMKaMxTI0lPF3cOWjYzXbaiN8bqlWfQoo1bULySDUZy7eGyvOqqPwBhX16zIyMb5d5T1dCFyCU2WebSPY7gs5IhMqNjUxcQOw0ZW-SMD7VxILwrHnOUmfmC7Mik5_GFqvTI6zshIl... Frame 15E5 43 B
196 B 195ms
37ms Image
image/gif 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.grid.bidswitch.net/imp/omv6p0_6m1h5zSnZ6Gss-k08GfC2fobkMKaMxTI0lPF3cOWjYzXbaiN8bqlWfQoo1bULySDUZy7eGyvOqqPwBhX16zIyMb5d5T1dCFyCU2WebSPY7gs5IhMqNjUxcQOw0ZW-SMD7VxILwrHnOUmfmC7Mik5_GFqvTI6zshIlIbly9YpKjMhB-k77s8dBc31jobi28Zkbxb3McVIoDmwZiZokfgMhVCps_hYCqtu6hg_GPeAsgSwxZEsRYZU50yTuysf1rG8RbDA88XZsZRPiPOZuWZdKMpQ5v2c6dn6BeCerIgOUbDs9stCAJ9ONAxb6SLhbNwku_O7e_-KHFNyFNkPyTz1ZgEr1NkXTze-GRrh7o5Zf9AzWAD7G4kfljI5dvbA/billingQWsEozZsBWdlluYELXby00c516ZN_Q/https_A_B_Bpdc.bidswitch.net_Btracking__burl_BEBYXd__UiIbnwVRNmRLEsE28fTOEZkSTFa5KdoXuBqRvh8D__Jj1__cqBOQjRxbExem72MfYCSPd-FixVk7Xe1tJkGifxj0NlJak9EXwDnVYokhlFPDP2UEdDNohbnQK7XIbPB__8__6GyxxG2FFWS19VLB4KoUqPAXfBEApLM3wS2WORFj4__jiGUqMdJD-4zVWtvD5fxy____j__FTppoXyednY409yeQjBFZcAbFBXZmsh3LxqIG89Ox383rHQE0__LkDyzm__EwMqzp6BNp8WIstsuHIE8wUN9pRXllNWDeVjR__B8HvXgxhW8YzLVwmf__D6__0NQfsnH6xVaaVPsUtLJYo6NacaUgpF0d7yaAoWly35dwUJb1K3H7tnyVD9fQSXE-fhqepRpJDJRCuoqr1zTel3Q99xRMx__aiSIL-XyTECvjRzbMpKDQXu9TYkFUHyggnjba8klPlUc-kvA2VWIaOdTfKBzcMPsVo3EoY4Q_B_I_WAUCTION__PRICE_X_Bhttps_U3A_U2F_U2Fghent-aws-fr.bidswitch.net_U2Fimp__s2s_U2F_U24_U7BCLEARING__PRICE_U7D_U2FBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCEs2T22prZfzQEIeqkdUPzea6qA3OybGHdN-i____rzcEujKz5msKhABIIP95h9g9YWAgPwDoAHy6siWA8gBCakC6Dim5QBNsz6oAwHIA5sEqgTqAU____Qm2YXxEQOQdz9ErU4zGExjZvUXWhNrYAgGrke7cUlNYZF4Or78-cVo9yqFQYpZ3tZ____rusPtFm3MYDMjKElBFz____zW____Tq63bqVM7TGEJzqX9LKx3CnqsNXhIu87wsbLBI4IJRaI2bLuj9hS18ag7tsqsnNdUw____jMeWHvSgi5MGVGkTRZWMGEIEpZyStQAB0mEF76PRKD8KYwGKLFqz0ehJvYWTwhGW2GhqHe5uXbMZPNM9DxXbPMweH6sEL4ax8fROE3dSmYpPCg2BVXunzTGFDy7vyATLI3iFTcKeP-3KKyTjM74xkoI2QzsAEjbXi2rsE4AQDiAWqxN2YTZIFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTIAH9pS3aagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB____6esQKoB9XJG6gHpr4b2AcA8gcNENO16AQYsYGTgAIgBNIIHQiAYRABGF8yAooCOgKAQEi9____cE6WNL8gPqk8YID8ggaYmlkZGVyLXRoZW1lZGlhZ3JpZF83ZTRhMzCACgTICwGiDBAqDgoM5LSxAu61sQK1uLEC2gwRCgsQ4K3DobDLy____XoARICAQOwE____Lh3xXIE86I--MD0BMA2BMNiBQB2BQB0BUBgBcBshcICgYIABIAGAA__Jsigh__Rxm____jovhX1Eg__Juach____m__R__U5BUACH__U5D__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSMgDICaaNOGra8ZPcqyyujXVuGCyJAvOJ1gKEI9GsnwpPFz40HYc5VOa9swrhrM4wTNgnGAE_U2FBkhKzsnd7nBloI9JAm5H1C__fNZlrm0VYN-tpQdZd3waJrN39LSYl8MnZ1kCaDF__XzTHvV7NXIYcIMn7uZLNekIDMS5Vb36me-P17lY8x4Q9e3X0XUHXVqXkN9MH7HGXmbl3pMURnYoBeCu7kcKU4tpBF9dDRdQnzdc5pDXfFUzgbuwkFnExTYVKBIzSRLsw4WRCuKFM3aHUsQfLtWFAUeW7XGw36sFoLDAa-GIwYM7D4TF8nQvfqr__H5pCgdoEPOWeZI__87EhA4A9MHD9h__rZPsaIxZZcQJbH6KWok6sw0NC6mRfXbxx5NwyRo-z4l0IVxY1kGNMrLV__ilRWaE4zHGc772DTOQ24I5blvU5FQJcF0B4oEr9fI5Ruum0OrkQ__WDJZG4tzVmHUVLt7vKTAsGA3SJF1K0e4VbV0h1JykCSGYuuI3o-ADjHdLQytP3qGMrKYkWsW2RrjQTylWM0Sb-DI90yZX6LP2cmLz2wbVwaLU45HYdU8OkPlCLjp8wazEmscf41BDokAwmnUiC4WIM3VaRURiiI-P9Hs-lR23yf1yr7h3hiV2d5CdUSq-Tuawv28jMVDIDbssDSus7Kp4B077iIZt__zhqPONhm51EPZbLj4cc6POvQCrdMUVbCFENY7dSPjEwwpRjO5B0H5ZKrihJ9s3JXrL0Kgkrl8TE0UYn2Q4lb3syzefm01Ia9j4g4Lo0EAznVX__VlLK__nd__vQ2W-lkkD97Sogtut0WXj9fnjcDKUuTC2__H2o0AbSZU447EI2NYB5THEgmV15ThrK1PnhDxtD9RvNMFwd-7XQ09yQxH7rswBEqGjunNZIDW2IQE__BRCIaRIGohFdwnL2eYGtOuG4noUL0BCPyRlODFtFJXWfqCqFchQfIm-mBF2ExjLQNGW9ZMqs7F4KsnC027jOnSJkGwOLQufv24HEXzToL3O-8dE-h8asHzv5vvHfPAGZMAJ2PMVq8-9HmKrcGtXPoo7LCUVAfcOudukOOo7Dqy__e2P5Mv3FQNgLL7G06GUxdzXfW4k8X__o8P-__smA0EtFZnQ2K-Q0krq8D9-ovVGE__673NcEWOFKdWL58gBNMRVDVpcEf5iEFYLOn5fAkE5ZG1KQdsBLTzr__jo0s9QVpSwfcmcUuihaMtBiEDFlgiQT7tWX6IRPgounoaiFXbuFy7tUAkb7OGsIjJttNJX3YSFcPFQi-7vy__EK83IFhMtfnWvlK8NGU5VzcDEn8AROPJAtQI3c6o9gnc2RbbeRFKjzBFUphbCoJng0cnjT3iS4T0YcC3Vy1WGZkhtgN9UqVOdM76AU9Cfm-1z4DCZRmSrKas13Yfon6yPd8W3hhkf3tYNpADTqMvC3G-D8gN6l-7NyuvlKj8PPRnVyZQw146Y2TiyrM5T2RIf54naEQiJv7QP5uZpbqcNO5d__IrqEz__jLAnz0fd0B0I0bVY-MCw5WpTalCsY1V7S1LwOV9__fS__TdemSWBv4c__LbbC9mVaKZYxuStd0ODUeItigrT-OWu__nfMH0OqYsWMHXpAem6LOqDDwnzveEVgBmOFIGhw3HWmVD935LHdlLyHFc9qYGaXFClndMFfh424cv4bSZeLqAXOpvTOC8i16Peh8U__OtGEM1OCHW9vovxCK46mekNUMkzVmGjfgxmEvxL8tvPNyiRQKbsF2K2kisr5VCvIopwQ__10sAdtECy1izP6vdh8q2bu0CLt8Y2F7bpRwKNxut576HigwpM268XmlnIcyi5WvKWUoxT4krDYj9DZCE5nJ4Siox8ixfchlZBNxm4BsH9QfJJedf__N14gRvQymZz4urtwxaLCwlIWkJfb1ylvMQM7r1-7R-W46WHf1X2sHdpbJedqlp__1m43VbkT0A2KKJeUEo__bkSHNqrfUaeSR__1ZvOaIWCWB2__GCHvM5CMpBN-4LL4TH7SEVdhqAZCfi6xZtHAfqk-rdUE__Ob39SB2XtQEev1Jwe4pIwOA-ogTk-ciYEfmeHjO1797cYGuh7X__w2YrwLeDsQPwYK3iY__5DkCxzHg64A3YcVyMUBLP7lyuojcXTd3ibbFfu5VNcdQKb6oK0ognMZCWV3JcLBCKCyWd8f__RFxya3X5b8-1b__3gspnxV4I7dgdT6HxDt0NLNpK-qi6bMqx4rbtBOeUAc5rUrAx38IuQ6l8y0E6v__CH56SaSpS3hYJqjjVtomC0j__7sSNcsQeDsyLAcwrVwZdleRUoj3y7YExBD6nDBbsPj5fnerwRutyoZLnJIQSfr0otGD8QXvzsEvi4WyGyWDJDHwM5IatYeNu5Q4SLpqPBxQrNYgm4kz__TiDLV417IVv7xjh972gCDXtx7a-x3psatIGWImBxSG1GU9F2OeV8Y8DELXN7ZHTszzsy6tM-fzyv3hb4BfqdbNtsirOllx__4dMiI0IAq2KIhaiNPNzZaRD9VnXThRI1aeS5BwyUy74ffTVLcxhysEwIio6QJvCeu-7p55KRV6sgWL7g6DjZvzY5lNWT6__ThFA74ek3D2FwLFMTlArVkLNftlwWlhCOE__DY7yOpS2ye6hcsoqgMowQvU53VzoYRfb10sfwqj__UrIIb8LNgonGM3JOU0Tz3jXyjgWAkaVdVJx3rkwXKfQVzPh-drHvPZRsQkKXwmz1gIT0eFms5GgNhx8rs3ce0oir777G8YBZH799Jx6X67v4NvoYoolTdouJkSTunFP6LyuwENOOZBiVxAKY2ep9JZLXjt6llFF__8aDTXmQjSeRHRPovRwtHnZ9LzUjgzuJ3qT-PJo3hCFCAKvZpv8Jid4HfgnHoFeRk-akahpVIoI__QDCclE7XDkG-BsKhT4kSXqAWElJMR8EHH8y7KIGpsj9VlomYB__71KTkRBA__NrtjgpXv3qexdr__A-z8UWv1UUED7imXjScPw_U2F
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 43
Content-Type: image/gif

GET
H2 204 cookie-overlap
grid-mercury.criteo.com/notifications/ Frame 15E5 0
121 B 190ms
52ms Image
text/plain 2a02:2638:3::28
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=apkshub.com&bid_id=9c4f3b2b-425d-4615-a460-52fb18df8297&ads_txt_id=8GZCTF&has_bsw_id=0&bid_price_usd=1.5906555

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::28 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel

GET
H3 200 cc.jpeg
px.vliplatform.com/imp-v4/ Frame 15E5 0
501 B 166ms
166ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNMyUtAteB-BMAB-PZZT-MtZy-PMYKBatPrrBTRqxeNco_TUBMTUMKZY_BRwNekoztgRhNTGPBTZMaPKYYaBMZBMRlmNKYMbaARdzNwqfftkRrdzNRwkhNRmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJKTVCNOn%2FcdgQDhuGZ9hKYf1i2GW2QDT%2FVe5B3jkou1fRjgwXi9w9GjGRtTFG22%2F42jC%2F4GGx1cQnM%2BlP8VMqT4SGydsFWzcSxr4ldEYzSOoF4l4Grz1Z8vJGli1jrJ11D5TT0Sx65uQkaU119YTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f553821d32ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 tpd
cat.nl3.eu.criteo.com/ Frame 15E5 43 B
462 B 131ms
34ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/tpd?dd=U53mTV8zM1YlMkZCTTNlUFQwaUhLTmdEMWRqNEoyUjdpbElYZzR2MHVQcUV4MUxlRkttUzE3UXNjSll6NyUyQkttc3g1R29OaThUZDAzSExLOGc5Z3AyRjd1ck80cVhOQ0NFdXllUG9OZzlaUFZMVnc4eXVaWEJoYzlsQXhubE1DJTJCYmR1WkJEWTdPbXdETWNaWk5xY2wzZ3EyJTJCOHBPS2hVaXYwd3RoYmJjQUhrMmxaU0pDcGxnUE8zdE1RMW1sTjAlMkJCSDZaJTJGdHNqODlhRTVhNyUyQmw1YTQ2JTJGYVZyRGQ2ViUyRmlKNGxTdTgzb3pLU1JnTGUwNDhTaEJBVkZ4M0hvUkwlMkJHWk54YyUyRnVhVndTT1dDVklpWmJmNnBaY3lGTnpJcUNRZ1dRdXdrUmhzYzRiVmxvTk00RkhxYmk3SHk4NXFuJTJGdFBhNFlWb0cxRWhXaWY2M0dEdDl1eFI1UXZXT25uMWdjS2d6SWJXZklKakhTTVZpOWhYZ0pNSE5PRFM2eFMzSENxV21FWVpmVUNWMmtMNXJ6R0klMkJsJTJCcGpiJTJCY1pwUXdYRGN5ZWVSTSUyRkUxQjA1Rlo1SmRhRllYQ3BJQ00yNUlicjVrSjBXTDhxamo2ZWFoSXE3Q1FrbE44RXduVXJLSFJMcEJ3Vk9DVEFCYTNMUEN0SENDam5FY0h1SVloeDNURU1kRU5maDZCZlZl

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 324418
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15E5 42 B
401 B 142ms
75ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BRTUUM_rhh3EPveLduRokuQvgvR9G7Zg0rJ-WuS2aDzGXI-dV7tB5thgEVJsKzWFnaBhUBbfM5oPQifWJt74wM37RDrZY0uaVvsL2N0kHE5a9ruvM

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15E5 0
49 B 142ms
76ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2089081526269519943&x=38&ct=76

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame 8BA9
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D21648002e00e80a7%26uid%3D%24UID
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=21648002e00e80a7&uid=7476920855595883743

42 B
104 B

111ms
36ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=21648002e00e80a7&uid=7476920855595883743
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

server: openresty
date: Sat, 02 Dec 2023 17:35:24 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
an-x-request-uuid: fbd3be8c-b5a1-47a8-8b32-556b32a71594
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=21648002e00e80a7&uid=7476920855595883743
x-proxy-origin: 185.195.71.221; 185.195.71.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame 8BA9
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D21648002e00e80a7%26uid%3D%24UID&partner=eplanning
https://ib.adnxs.com/getuid?https://ssp.disqus.com/match?bidder=14&buyeruid=$UID&r=Cid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3...
https://ssp.disqus.com/match?bidder=14&buyeruid=7476920855595883743&r=Cid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY...
https://sync.go.sonobi.com/us?gdpr=&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E...
https://ssp.disqus.com/match?bidder=18&buyeruid=cd0b382c-a65f-4465-b1cd-9585907a0170&r=Cid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubm...
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=21648002e00e80a7&uid=ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3

42 B
103 B

34ms
34ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=21648002e00e80a7&uid=ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

server: openresty
date: Sat, 02 Dec 2023 17:35:25 GMT
content-type: image/gif

Redirect headers

location: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=21648002e00e80a7&uid=ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3
pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2

200

um
u-ams03.e-planning.net/ Frame 8BA9
Redirect Chain

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D21648002e00e80a7%26uid%3D%5BUID%5D
https://u-ams03.e-planning.net/um?dc=e52415579699e09f&fi=21648002e00e80a7&uid=cd0b382c-a65f-4465-b1cd-9585907a0170

42 B
103 B

35ms
34ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=e52415579699e09f&fi=21648002e00e80a7&uid=cd0b382c-a65f-4465-b1cd-9585907a0170
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

server: openresty
date: Sat, 02 Dec 2023 17:35:24 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-81
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://u-ams03.e-planning.net/um?dc=e52415579699e09f&fi=21648002e00e80a7&uid=cd0b382c-a65f-4465-b1cd-9585907a0170
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame 8BA9
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D21648002e00e80a7%26uid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D21648002e00e80a7%26uid%3D%24%7BUID%7D&ox_sc=1
https://u-ams03.e-planning.net/um?dc=ff96d1aa62deeebd&fi=21648002e00e80a7&uid=dbbef681-1b7e-4be7-90ef-3aacc3b7bd28

42 B
103 B

36ms
36ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=ff96d1aa62deeebd&fi=21648002e00e80a7&uid=dbbef681-1b7e-4be7-90ef-3aacc3b7bd28
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

server: openresty
date: Sat, 02 Dec 2023 17:35:24 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://u-ams03.e-planning.net/um?dc=ff96d1aa62deeebd&fi=21648002e00e80a7&uid=dbbef681-1b7e-4be7-90ef-3aacc3b7bd28
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145

GET

81a66732ddece2b186cdce7b6a45cef8.gif
cs.videowalldirect.com/ Frame 8BA9
Redirect Chain

https://x.bidswitch.net/sync?ssp=eplanning
https://cs.videowalldirect.com/81a66732ddece2b186cdce7b6a45cef8.gif?puid=cc77a4b6-7e95-47ed-ba32-09569fa94366&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D472%26user_id%3D${UID}%26ssp%3Dep...

0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 75A0 16 KB
6 KB 35ms
35ms Document
text/html 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D21648002e00e80a7%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=92587
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sat, 02 Dec 2023 17:35:24 GMT
expires: Sun, 03 Dec 2023 19:18:31 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7B6C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_eu&endpoint=eu
https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu

281 B
555 B

29ms
29ms

Document
text/html

69.192.162.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-162-113.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 02 Dec 2023 17:35:24 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 02 Dec 2023 17:35:24 GMT
location: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
server: AkamaiGHost

GET
H3

200

usermatch Show response
ssum.casalemedia.com/ Frame 1D9A
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D21648002e00e80a7%26uid%3D
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D21648002e00e80a7%26uid%3D&s=190243&C=1

2 KB
1 KB

62ms
61ms

Document
text/html

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D21648002e00e80a7%26uid%3D&s=190243&C=1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ca32cd05638cb33edd377e63e05dbaad63f65c399111babf379079fe1bb04ad

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82f553827f2524c4-ZRH
content-encoding: br
content-type: text/html
date: Sat, 02 Dec 2023 17:35:24 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3t4Hf1TXi5GkMuU8uLuXtCe3m01rw%2BXoq8gkG8BrTM3gekalwsoYzxQ9lcJWdWOVdxdjFdn5JXWz49gWsgg6mV6ZFaTfs2f4lphVzx5QKAFWXQByF0byn0QV5RPFeDnGwJVVAdy"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82f55382390a01e7-ZRH
content-length: 0
date: Sat, 02 Dec 2023 17:35:24 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D21648002e00e80a7%26uid%3D&s=190243&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajjHGjBWbLbFqyB1GOGb0don058K0Ck%2FxsY%2BWxJAVDpVpBlL2wb%2Bn9FpQ29BvVxl%2FCa0Y%2FBVkClqDI1Gt2AZ1myeT6pMBPTntecw34ifHkRoIw8ZbbOeCzzzXsi1tB4JgL7hXmu8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
spl.zeotap.com/ Frame DD5B 8 KB
2 KB 118ms
53ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c456baa01b5663e1ab62424a325339d9eb9ee31d176b57b9e84120f9d6744b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
cf-cache-status: DYNAMIC
cf-ray: 82f553829a7e0e0f-MXP
content-encoding: br
content-type: text/html
date: Sat, 02 Dec 2023 17:35:24 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff

GET
H2 200 15581 Show response
rtb.gumgum.com/usync/ Frame 0222 3 KB
1 KB 163ms
52ms Document
text/html 52.215.12.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.12.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-12-121.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fc651bcb3226fef2fd2579a3481bbf1ed1b5cd31b26a247db60a8c5b40b15939

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 02 Dec 2023 17:35:24 GMT
etag: W/"050ec7e02c1a0b3971ce3e053c9689268"
server: nginx
timing-allow-origin: *

GET
H3 200 setuid Show response
u.4dex.io/ Frame FA96 0
15 B 36ms
36ms Document
text/plain 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/setuid?bidder=eplanning&uid=AA7NNaOm5s-M4Czd
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 02 Dec 2023 17:35:24 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

GET
H3 200 container.html Show response
f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7ED0 6 KB
3 KB 51ms
51ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:35:23 GMT
expires: Sun, 01 Dec 2024 17:35:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cc.jpeg
px.vliplatform.com/bw-v4/ 0
497 B 161ms
161ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bw-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNArwTBwZy-tAPy-PPZy-wePK-ZBwYtPZYMtrZRqxeNco_TUBMTUMKZY_YRwNekoztgRhNTGPBTZMaPKYYaBMZBMRlmNKYMbaARdzNwqfftkRmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhrhrRfgbgKXyAyocLtC6n%2Fddb73UraChMUsp4rBTFWatMeiouqsDTG%2BuHX9J8uAKH661UWQjd0kr1E5iyYyvEeiyZ5ogvLuJEW3nx5MVXsr390OqLLi5FQI4p90WppvD9ElFX%2BTIBaj7cf6FppgLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f553825d79ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 543F 24 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Nov 2024 11:55:52 GMT

GET
H3 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 543F 26 KB
10 KB 44ms
44ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5908
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220028-FRA, cache-lcy-eglc8600068-LCY
x-jsd-version-type: version
server: cloudflare
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFxy8%2Fg8032UGmkK%2FeKCibVfWXoe1VBIv98QLZ9lqKxBYq3PprUgEA2SEeY6GlInNjoSgPDVWoQ8FsOQ2BsMAUSDnWMulo8zs6idaieG4nfFlloWHPeBLhp5ymaDUlfGLW1J1BvhDLTGSmiEDR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82f553826e78063c-CDG

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 543F 202 KB
64 KB 131ms
130ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:24 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7B6C 46 KB
13 KB 88ms
87ms Script
text/html 69.192.162.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-162-113.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 3ad05fd574b9bf64fb99c4e673f0bdcd6a889d5cffb763dd8829b2abf45d9702

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&p=eplanning_eu&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 21:14:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13191
Connection: keep-alive
Content-Length: 13236
Expires: Sat, 02 Dec 2023 21:15:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 543F 0
0 67ms
67ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8atDAj9CzuNofIfxQm14zMOy0JiEb8ALQp-PTfXDGTcQX0kYSA1hS-8fWrSb2nIwosQW0UjNj-HKj-orM0-EXZglv8wbI5l-9tjyWig1Xfyh2cZxHxWA05h_5Y6I2xvw1thU_e4nI1A4wlILNoi5iz9rB6fpoKKXfHvItAx7bdgxIYmXv3nQmYECosF5dLhABLC21Sy6s9hFHY5LxuzsogRqWtUgvmMtuoEjpx6rxDyJy9in6gSjNVLx4qGudiwrP0NBNj9_ClgrkCYo2xJ6OMCl-h6W1rHEtZVZ5U0L7FKqySGxagjHWoKxPI3ItQzAQg8nnRJghdzyjlRswR-OBVTEO4_MkyRcmH6CeD5bCS3fnjaH77Fpu&sai=AMfl-YQa_wH1JXuvhYc_SBNlZhdiMR5IsfuLv93jJu7rbXu7eVVQ3nD2reKGrS7aMtoniWYOH3rGEkl8SU1iYk-QKEIbPCZU9jLcnTvnLN-2AtsU8UkFmCgXpDDU34FvuCVEbiUgs0eoUvKiBQ&sig=Cg0ArKJSzFm6jxW5BTUIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7ED0 24 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Nov 2024 11:55:52 GMT

GET
H3 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 7ED0 26 KB
10 KB 50ms
50ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5908
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220028-FRA, cache-lcy-eglc8600068-LCY
x-jsd-version-type: version
server: cloudflare
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1ZbrsjBDGgreYEItMHrtLy%2BNtBfAizHVU7spRz1lzB3672NgsoX0scjM2sUe7zi3vRVuWllrDKgdKOtX2zbmeo%2FtSwECe8y2fqREDmUZ4DBDf2bijm7xl2JSI%2BggolpPRSAljmzneSBQ5INlGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82f55382befa063c-CDG

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7ED0 202 KB
64 KB 131ms
131ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:24 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2020 278 B
167 B 70ms
69ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_lSxCYtmoYsYGTgAIwAQ&v=APEucNV9mCp5iENgqe0CSEjUXNdKLRGYYLFwmblwEEv-lNw43m1p745ZtkjOCYAbV81mW2BoGnMXxVCgLBaPNRUgjnpuKHtfI7daERZ_1VBSXnohWXRyzuI

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a87985707fa8a2cd12b5d3879626eccd92c19372ed032b91a7c6f9ea00b6ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 104
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:35:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BC07 89 KB
31 KB 160ms
160ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:24 GMT

GET
H/1.1 200
OK https_A_B_Bpdc.bidswitch.net_Btracking__burl_BW3xIVQEoXPwmdqjDRhyCUf5FZUN5UIWGzmLchQHKfMxKvI1qyGXE-Lh1IrwYcfvkKB082Ix57dYv907s72EKZpQKAWgLL9XFgB8TaGB1RqqB8QNjGJDvG36sTzGc6QHOTpJCOj3gMhPhK7gVOaDoAfo...
media.grid.bidswitch.net/imp/Qt9D-J5eb47p8cVlzEHBY-wuwch_6b9Nh3eMsvzosM_ka6S-E-3PAUjRBQBlzIlnjHc9fmwDfMTofneEk8qjFB1-HshE23QE4-GcuJHCxEzKTBlIZcyP80qqOd4XF8woIu8OEVaY2PZ0RRYa-b2ZWbveW-LfOziL_H71CfJd... Frame BC07 43 B
196 B 97ms
34ms Image
image/gif 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.grid.bidswitch.net/imp/Qt9D-J5eb47p8cVlzEHBY-wuwch_6b9Nh3eMsvzosM_ka6S-E-3PAUjRBQBlzIlnjHc9fmwDfMTofneEk8qjFB1-HshE23QE4-GcuJHCxEzKTBlIZcyP80qqOd4XF8woIu8OEVaY2PZ0RRYa-b2ZWbveW-LfOziL_H71CfJdv6xxz8O7OE9ojgnyTUoV7QTygUBlLOfIAh5Tl2w6wZRQXcHUYmLOYQUw7NGhXQUNirPmKXZ4QgudpjBVakY0BPkLkRJScbHa-rn8KUD71fo8eQJOsmN0FHHfZWrrl4RZUwc3fXDdiAqB9UK2FNuxbZRzaeOiLBWaXZz4LdDz5RgmID0KdkiVxm-YT5mpP2hDqtyshJ2PQMcZ1OABNaouq4nnxJc/billingQWsEo0I6zd771TXYx-Zh_5BK1VA2Aw/https_A_B_Bpdc.bidswitch.net_Btracking__burl_BW3xIVQEoXPwmdqjDRhyCUf5FZUN5UIWGzmLchQHKfMxKvI1qyGXE-Lh1IrwYcfvkKB082Ix57dYv907s72EKZpQKAWgLL9XFgB8TaGB1RqqB8QNjGJDvG36sTzGc6QHOTpJCOj3gMhPhK7gVOaDoAfoVYONTbj4XpjZC4Gt4NkO1hnAE9PKdfXBcHSNan0KWjRTmktksKIgGSyWDKWU__cep__U5YzUWsfeAjfEuMxPbp0wXg-MBdvZZQSgEgXc6SXkL63RxUTywqm1kO0KRAgDzNKr4VI8YDI8LfsgnHDQtZDL6LzfDtiOdgZ0xeUhWoQlETr9t219jLM4ryuEnH1UcBeqZ8IlfziXbpMZh98iYju2g-wYtbvd7dMAaum9BF5evxbB3c50iaZSODECwD0RW9q5BYUHsKeyKUvPYVuiKTR7xr3GHSlqdVPhJ5VzADh6nMMMegmMQwgCKRSkVWropB6HWgs0t1__zFM_B_I_WAUCTION__PRICE_X_Bhttps_U3A_U2F_U2Fghent-aws-fr.bidswitch.net_U2Fimp__s2s_U2F_U24_U7BCLEARING__PRICE_U7D_U2FBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RCCa9P22prZeD3DMH5mLAP25ieeM7JsYd036L-vNwS6MrPmawqEAEgg____3mH2D1hYCA____AOgAfLqyJYDyAEJqQLoOKblAE2zPqgDAcgDmwSqBOoBT9AVGnE442HSL-NjZt10uGU6QiZ5Nkq9ThVj5-8fgvKjpeNnulyFXikpFbVUd4Z____uT2J4kkTr7CAOxI6ta____blF____9k9PFmqlnx23z4IN8GWtOhnZVd-cfjomquSBgBk4nQDle8eBgu8CeyJraQ3aifw0vAIO5BpEAMpCgn8bRAUAEUnrHPtr2HxDN-oo0yEFl2qYCs4eo5wghAcFb9dn57lphwXslIofBebSazSqhTv2wTJb1mHxxHQDi-f____8vxkfH-x4Rvi____GyT____1jzV2hpCD8CImzzX8S3Ntj10yvK5a5uPMa____kwCWUTE1UwASNteLauwTgBAOIBarE3ZhNkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZMgAf2lLdpqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH____p6xAqgH1ckbqAemvhvYBwDyBw0QiZ____rBBixgZOAAiAE0ggdCIBhEAEYXzICigI6AoBASL39wTpYgK____9-aTxggPyCBpiaWRkZXItdGhlbWVkaWFncmlkXzdlNGEzMIAKBMgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEAoKEKDC6fLSkMHIZxICAQOwE____Lh3xXIE86I--MD0BMA2BMNiBQB2BQB0BUBgBcBshcICgYIABIAGAA__Jsigh__Rae9hI0ncYv8__Juach____m__R__U5BUACH__U5D__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSMgDICaaNgCxyz____-sKeoiawQhA2EQodoW39wVHPdEe-exiB6H1yGZIo____uu7Ur9B5jc80TGAE_U2FXkJQ2__GCRo1nEgrhwguV9vmI__4lhMVHPClYx-CI8t2t55TR2-6UT0BBnQrkMuFDnYjb__4uyuXywoOgxqWMOS-2Dz0fcP6yNo71WzAcm8jNo0lzELWdFTBYfEJ119Zm3MyAjJTYtHvDV1cmf4NS-uMBpmB7Bkem1v3m6N7qnQuNmCaX3u-UyKRGA7UhGSB8pObgHZaeWFv6sTCQaymnvnb74GyCi4av9oEptcBNFpSWmFSQLnkQ6NufHbw5SzFQpFnOJEBNC5qiGY2p9wr7Cy6kg0qR2SuEDnZAW8NbIJnSgDa__mDY0HjK-JyswlQby1AevUpG0vkP3b3Jrb0K68xaFbmp3FoJZnyYO__wlr3jn5ELKp99gTeArxMjH2KqeN4YIH4JAzncYotr__nnpgL1MnOovph246bUcbLInnj74t9vPpp75giankex57HJG1MiECjTQQSK6JD1__S3ltED4QKVfd4OYAejpN1f8JiZ6o2kzVgOGnIVSL__eb0UMEF7eyC__bQwcR88Vr89kvxlB5iH7Tm3pT9__fZZxgCN85vPycdpWbtW5bZ48aORbldsmabbHXVEHWq0yFjcGb7qY257-enpBehkTHKWTs5HkKhHkKU87ZAPYAATIeSOY-DoCrF6yppkrSNFJ6lHt5sGoIvxEiO7tY-06oLHJ4uB40uYl12omEE8wHzTDyfB9ScQ40__U2__18jKGajApv4D7RVd__7kL76YMwZD5q8jvE7wl3soC3ZO1ksYu9v__APL-YxQJzEVXUF9OrahzqbwfeIvXZz8kB9pi6ARCUTgC-kHd64afjqdsm-snNFbWoaRbyqz__R1JspZXjVMz4InuZcv__dbhx5CIVzIAmKoCDFkN96Br4nh7qdXuVdxBZWhXW3GppQT__S5H5VVkA320TQKIopebwZKP__gPq71X1g5Dp3pIL30WgUoLTK7B6ewmIM6X3axSdTdDMp__ELgs0pzf-3j7p08h27piAII29L5WBz7nVZ1ishl5LPjsaGC0aHXRSAfmUlrrtk7MTQjikJmSdhd09pTfSj85fGxF__nsIUgES__BqdaeRS5obX-fLmb63Jrv8Hj3__zFhfK99gDm8xyRxbSe6QXf-QJlc5htQKJmrhwds02fL08yUxncC1ptF7qQTyBUhetKgwCfYIg36eTKomYoySi2mZ35SjqfGGv3oc0ttTloBgfdmIVC32MjdHygcBJY8Y2GH__3QRHz2fYDOSix__1tsuPPxx1KdwKXsmgaTNK0OIps5NJvwHPf2aOjeDoK5nTeQp26Tzsk4__BfCQqgckSSw8bm__j3EqAf8fIIBxUfwg0n7tU8WUW6Yw3bqkI6wM4wVCyUo7rnL8mPHCKE1OqfYXtS0Y__Kj5bZN7F4rALbshAD-wkmgoiQdrimNxNHwib5lBNrCnlaqroBLY7ItGfxYaLUbrbB1vgtjvy-NEDMmQv3sU__wg5f4xP6AB-zr6VlX5Y605wgwgTmXE8hNGytLAuYnIlGSy__COs3t5y__YeIN0bcLo-Mteypx2qGC-6v3STtnlINakNHXkBvk9X3d-pVYCJ__bhe4Xa9hbMMBR6bnHYkacu2LIf9be7qkRBcmHSuoJk11tUrCxSAoNeE07amAsKxf55KPymnSOe0M3hIYN26TxkEdxNMTtc1u56cmF7lnIfBsEd5Ato4ol1Vy33fk1dbnzHMhXGlyAeFx1QXi__3YlDRijHhoBOZJvmqSgSlLxcacZg____Lz-VG2Zi-FkpSWEnWwMZ7z6CuC-Wciy__As8CEIvg11eg4FPG9-7rx8tms-WOHpPrEkAVG7mzut6AMVjDeLvdFkVGyTgbZH__ZBMoR4IvhgwJ4SNIrbTP8bebVR8NdgGSq3q54fzyb-RTHetW1XN6cMPVnaEIRfpvZF3dT6SGXnKraqw2rrrnpMbJV0__PpI1ur7FURZ__TsDo3x0xTPM2ANNakdMBaP79X9EJ-s__ukvZO2Mam7xcn2V1yDfrhEBUeygd6iyvqpjhT3vxztOnPjTVatYMjPKVEAD-tc__xEEJ9a9aRnGQV8jYNJ4T3WprNofnTGkxcDaYDyM17Q700Ts-OT6ITMrS-5E6fia5fbKYCfTw8FQc9FY7KBSkWAxpi1eQP7S51YVtI91rw2LZscqorFDsNA8xu2Lv5-WBFeeNrbw8Dn38HugpOqXUd12LiUao7KpyicJL0__tVOqtgGSq2QyfQ0Unu2gh4yKQLPRpcR2R__ejWgPDPIwUdJGPO2RmVpnNa0hvrs7REKhvyA7MWG48MlMQjIPwET4DfPZztjz67XOwTrVasN7yInDpJ0md0rrfH7X-oL__7-H0xO0FPfa-uVFn1wYyX8ZFOE1CqDK__57jWJqLSji97Ruppr-bAEHvfdUQbt46cRh8zldgLtFTWULkfBJb__r03-k3zmroGYMswo82qfHaKr__QEzNu0o4wJjwt2v-wmqZ-Uf6AP-2sXhjc-8wtRt1JLCn6QJdyJCcADKR8DAGVbN1icvxEwWNmbFyOSdfbEqcgPd3sLZvm3fPb3BEdK9DuVreY6iAn1WsxbzQRkjMCwH5Dx2dIHsqHB3bLQUpge7bdUoG0Ysuyu5YJAcON-KguR3__gwcePCPYOH77GHSbO1lee-iYWKqbz6T4Dpu4-BPjAQZqQ6wfo0dv2QD6EDf9DEL-hBUjel2DCC88KTPEhszbdzLntPyijutbhEgZjhsrvQDjidYz5B0Nhuu__ovwDCk5MyT-rFkJsXNwcyhIGKLuVyLJ8brtotLbDEYQxCgKl8n946qMIigrjTuhVhmZxLQ8FAbQmylLPLMokw8sEaf7gTOaGAPTx9Z2C0tNQYkr3wbO7xCUpHmwHsbErzcnPxH0dEbuBynXtw-t0wJsup9DDSF__YII3uww-Ad_U2F
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 43
Content-Type: image/gif

GET
H2 204 cookie-overlap
grid-mercury.criteo.com/notifications/ Frame BC07 0
122 B 80ms
43ms Image
text/plain 2a02:2638:3::28
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=apkshub.com&bid_id=4880438b-1ab7-4961-a373-cf038f3f47c0&ads_txt_id=8GZCTF&has_bsw_id=0&bid_price_usd=1.369656

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::28 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel

GET
H3 200 cc.jpeg
px.vliplatform.com/imp-v4/ Frame BC07 0
501 B 169ms
168ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNeKAreYUy-ZtyY-PTrT-wZer-KTBeetTqyyaPRqxeNco_TUBMTUMKZY_TRwNekoztgRhNTGYBYUaABKAAMYMZZBRlmNKYMbaARdzNwqfftkRrdzNRwkhNRmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sk8ymY5UMhF4jddrtuooPYOvhAhaga1zUB%2FSnTzhZf5nHnEh2gLeZC0Jp%2BLj3R4dzT6gcxK6Skvajx1BmnTME3SN9UDfTvka%2FuLFVQw3FU8yGy5KE%2Fznzig%2FEXIfKEqHZjBh9BqnRkBX7dYRD69Sag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f55382bdfaba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 tpd
cat.nl3.eu.criteo.com/ Frame BC07 43 B
461 B 35ms
34ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/tpd?dd=lhGCHF9xOTc0b01CVWElMkJVYyUyQklEd0x6NG1oNzIlMkJTRHJ5UkNjc1laTWVyMUJrQ1VMSkdwRXZhd1ZRajNDOGwzeTFuWW45QmVZVWpiS0RBUUY4a2NlZ245RWdCUTJPSUVTa3FQV1ZXUFZoRHN2amtIenpPSWFCMWdzSE8lMkJSc2kwWk5ydlRJTFR6N0E2SmdiOElURkElMkZrZnJ0T1E1R0pyeTdZMUglMkZzdEVBWFhHVldvJTJGMEJUb21rajN1JTJCM2Zydmg0VUVsUGclMkZuZkE3U3FwSTklMkZzRSUyQnVwRHo3c0d1ZEVCZjdoY3FIUzMlMkYyVmZ2NThjb3J2NiUyQnJuME5GS2xtS09zQTB6UW8lMkJpSXc1cnUwWEIlMkJMayUyRjFNJTJGOWc5czk0UGxFWjBjVlZTMXBURUtETVZIbllEUlVWWWFlUmowSnFGN21ZUUxiOHhpcExYOFdjMjQlMkZxNmZqcTFLQ0hSZktVJTJCRHJXVEtnWmFaZmxzWjlkQXBrVFdnd3A1U2kwaCUyRnZjeVppNkkwS3c4TmgwU2I1V0ZQNkYyNUlieWF4dkt4TWN2UVBQQlhaTkRjcjE1ZkZsV0JwTXRFdkJSMUJKZkVrWXdERkxDaHp5b3htSm53azROc2M0VkJhdSUyQmhRWE0lMkJTT002TDYzQlhsNjNPZW85M0Z5ZDFWMnp3NXg1NWo1ZCUyRlZ0OTRnYWM0RmdIYUc

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 221145
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BC07 42 B
107 B 70ms
69ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A6EimClFjJgfWj5LYqacnhX-xLvgYxm25uPewys33jwlYJ_HIjZ-jhmJvEBdiyLiDbLUr_-egNrEUvvaIJt06fkZcTkHXEboJLJ1oNNu8ZVJLKi8c

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BC07 0
56 B 74ms
72ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6183851008184346066&x=38&ct=76

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1D9A 70 B
148 B 50ms
49ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D21648002e00e80a7%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 1D9A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZWtq3MY2JQc-5CL6qMuo0QAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELX2rNLMzFfY7DxZJ3NV2uY&google_cver=1

43 B
734 B

43ms
43ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELX2rNLMzFfY7DxZJ3NV2uY&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D21648002e00e80a7%26uid%3D&s=190243&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YR%2FPwFb9iPWn75g%2BlwAa0EtEhq8VLS2DhD8GW49LRilstlY1PVglGFQgF9KlXrAvNfR4EJqAKyU5%2Fj0eDaW44aINy2y2O59vWCsbkrC%2FMe2bOAZkdquawosWH%2BSRLzO3nOqXUKxzo5qrg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f553841b2624c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELX2rNLMzFfY7DxZJ3NV2uY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 1D9A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEH3DDMtemtHQhvBbGguh7Y&google_cver=1

43 B
331 B

67ms
56ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEH3DDMtemtHQhvBbGguh7Y&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D21648002e00e80a7%26uid%3D&s=190243&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvZGzFo0UzyEOcrxE4cJu05JCSNeKgxk%2Bo9s3DIGD3mv1hVJZgUjGBkAnvEN02OK%2FAQVJX1%2B%2Ffv3%2BtyoINijwV5F06xCCb1hLga3yPmdlT6JhIhDXgOrLO%2BPgBKDymgpiRxtiaLUVyVeOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f553836b6101e7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEH3DDMtemtHQhvBbGguh7Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 1D9A 43 B
855 B 134ms
131ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB&gpp=&gpp_sid=

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D21648002e00e80a7%26uid%3D&s=190243&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VSZQ2637102V9JPR77JW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 1D9A 0
0 107ms
37ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D21648002e00e80a7%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2

200

rum
dsum.casalemedia.com/ Frame 1D9A
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=&gdpr_consent=&us_privacy=

43 B
440 B

55ms
48ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D21648002e00e80a7%26uid%3D&s=190243&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rg64T9HfeLg308qhd%2Fu850xuz9U37pVZ2MJlnoRP0hV1oTqP7YNcpoCIjVxzVNMx%2BTOkOZGRYBtYKAsI%2BKUeof%2Ff2yL0buR24QXrcZvf4ul6uILRvUGxAJb628Mj4Yt0asCKGaB7"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f553833b0e01e7-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=&gdpr_consent=&us_privacy=
date: Sat, 02 Dec 2023 17:35:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 1D9A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JBo77Qk51R9tTK5

43 B
736 B

49ms
49ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JBo77Qk51R9tTK5
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D21648002e00e80a7%26uid%3D&s=190243&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LLDZBoiOeCyxHr6akqhjxs8jhjhrsZAOorGR%2FZ0xbr%2FQGQ6n18J7cpOn2iAsbc7O89y3VcEf5pPVH7niwN6EQx7sR5X8AjIMkiZI6v%2BtYG1BXv5ybXF6%2BKXNcFnY1k2xrpaz%2FXJ9%2BPx0A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f553845ba924c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JBo77Qk51R9tTK5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 1D9A
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

43 B
730 B

46ms
46ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D21648002e00e80a7%26uid%3D&s=190243&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCwdnPIkEiaVLurkQmV19rgNE0hlzYpkIlKM0u7fqHtgtAUsJ661JE4eaOnWRxbf3s%2FQnvQ6fL%2BU2ZO1F65XVoBoCd0FZuNV6DW69x7szj5KbLJnLF7VPRBacSUBm6d0SSrxcnCxEv3BKg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f553841b2724c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date: Sat, 02 Dec 2023 17:35:24 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H2 200 um
u-ams03.e-planning.net/ Frame 1D9A 42 B
103 B 38ms
35ms Image
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=21648002e00e80a7&uid=ZWtq3MY2JQc-5CL6qMuo0QAA%265166
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D21648002e00e80a7%26uid%3D&s=190243&C=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

server: openresty
date: Sat, 02 Dec 2023 17:35:24 GMT
content-type: image/gif

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7ED0 0
0 73ms
69ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQYoiq9lOsfTcZDc_y6zXjxBfY3b-lzkykp1x8ZL-Ae0CMnkSVBrYG_MA-J5E0voIPCe8aaKKEbWagT3xGJbjSbCD49kDoWpQIqQ4R212VWgGYxY4ZC53dUWYFExMfhP29PDKmFWtTWcAbMi0E7VUDqzFajtbq5TZIPSNTmY7dboqwpVBU2o0RhUtLWEhYhnyE1RQT5zW8zYjRZcKUGPLFOYSwCdBM_PVVX8SUp99pIC3xhDzHLL62McZulCwOLJ0NxbCjK67YGxI_wg1L55RT_4rUy54XlXNtn3p6dNFp-GARmmex2hLtL5EhQ8MGvykWH3vRXqQSyjP1nBqKynQ3zrEBwWUmiIG1KSJaXhrDBHUgH7Lon-Nn&sai=AMfl-YSZorUXSdHde0aHigkEM5EzNOBmcA5W3BscTm-sP3SPSFPASB9RRMeqtNYOac2loJsH_Z-JKs70IKQNn1x8yUynmQqgnHSw4nCHAHg-MLaJOm4BhvbtjVYOs0o33C8KqNQsg35_YSBf&sig=Cg0ArKJSzAW5m3b6jB7IEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 400 getuid
ib.adnxs.com/ Frame DD5B 0
0 33ms
31ms Image
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame DD5B 170 B
188 B 64ms
62ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DD5B
Redirect Chain

https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
https://mwzeom.zeotap.com/mw?cid=405b38aa-3058-4119-81e5-ae5bca179a45&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee...

95 B
154 B

52ms
52ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=405b38aa-3058-4119-81e5-ae5bca179a45&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82f553835b7b0e0f-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?cid=405b38aa-3058-4119-81e5-ae5bca179a45&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 403 /
dmp.adform.net/serving/cookie/match/ Frame DD5B 0
453 B 50ms
43ms Image
text/plain 37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DD5B 70 B
148 B 57ms
50ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D273bb8a6-4099-483a-750f-05534654a0c0%26reqId%3D8a098ad8-9616-41ee-4a2a-578c66e1bc55%26zdid%3D1361&gdpr=0&gdpr_consent=
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 cm
trc.taboola.com/sg/zeotap/1/ Frame DD5B 0
201 B 176ms
111ms Image
text/plain 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-vcl-time-ms: 84
date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 varnish
x-served-by: cache-mxp6981-MXP
server: nginx
x-timer: S1701538525.700456,VS0,VE84
x-fastly-to-nlb-rtt: 83385
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame DD5B 0
460 B 460ms
119ms Image
text/html 2600:1f16:e61:3f02:c74:8e54:2ce3:b02a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f16:e61:3f02:c74:8e54:2ce3:b02a Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:25 GMT
X-Fw-Request-Id: umo1a91_1701538525261213524
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DD5B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098a...

95 B
154 B

65ms
55ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82f553834b520e0f-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
date: Sat, 02 Dec 2023 17:35:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET genericusersync.ashx
sync.tidaltv.com/ Frame DD5B 0
0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DD5B
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=273bb8a6-4099-483a-750f-05534654a0c0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=273bb8a6-4099-483a-750f-05534654a0c0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=21955394203947692791556598419646193350&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-...

95 B
154 B

54ms
54ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=21955394203947692791556598419646193350&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82f553849d3c0e0f-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

dcs: dcs-prod-irl1-2-v054-07bf84699.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: dsozJTbbThc=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://mwzeom.zeotap.com/mw?cid=21955394203947692791556598419646193350&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 /
loadeu.exelator.com/load/ Frame DD5B 0
324 B 171ms
29ms Image
text/plain 18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DD5B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
https://mwzeom.zeotap.com/mw?cid=7308052309189916812&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-...

95 B
182 B

57ms
51ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=7308052309189916812&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82f553834b500e0f-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=7308052309189916812&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
Date: Sat, 02 Dec 2023 17:35:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3 200 receive
pixel.tapad.com/idsync/ex/ Frame DD5B 95 B
124 B 45ms
41ms Image
image/png 34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=273bb8a6-4099-483a-750f-05534654a0c0

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

QUIC, , AES_128_GCM

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DD5B
Redirect Chain

https://idsync.frontend.weborama.fr/ids?key=zeotap&value=273bb8a6-4099-483a-750f-05534654a0c0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
https://mwzeom.zeotap.com/mw?webouuid=4AxG0ABYOTXS5hQBKw1mbO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41...

95 B
154 B

50ms
50ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?webouuid=4AxG0ABYOTXS5hQBKw1mbO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82f553841c880e0f-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
last-modified: Sat, 02 Dec 2023 17:35:24 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://mwzeom.zeotap.com/mw?webouuid=4AxG0ABYOTXS5hQBKw1mbO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DD5B
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
https://mwzeom.zeotap.com/mw?cid=3589463590391086894&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1b...

95 B
154 B

51ms
51ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=3589463590391086894&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82f55384dd9f0e0f-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=3589463590391086894&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
date: Sat, 02 Dec 2023 17:35:23 GMT
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DD5B
Redirect Chain

https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=273bb8a6-4099-483a-750f-05534654a0c0?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
https://mwzeom.zeotap.com/mw?pid=3e4651007b929497695f86809be6efcb&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-96...

95 B
154 B

51ms
51ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?pid=3e4651007b929497695f86809be6efcb&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82f553841c900e0f-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=3e4651007b929497695f86809be6efcb&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
cache-control: no-cache
x-server: 10.45.27.33
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DD5B
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
https://mwzeom.zeotap.com/mw?cid=y-nu8510BE2oqeFhgW98NAX8Ly54dufLtFOw--~A&zpartnerid=570&env=mWeb

95 B
154 B

55ms
54ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=y-nu8510BE2oqeFhgW98NAX8Ly54dufLtFOw--~A&zpartnerid=570&env=mWeb

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82f553836ba90e0f-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?cid=y-nu8510BE2oqeFhgW98NAX8Ly54dufLtFOw--~A&zpartnerid=570&env=mWeb
date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DD5B
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=CHE&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zd...
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CHE&zdid=1361&cid=U37HnBLYKocDjye%2Fs%2Bp4KB3%2FoQlQfel%2B%2BS41iYitP1U%3D

95 B
154 B

64ms
64ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CHE&zdid=1361&cid=U37HnBLYKocDjye%2Fs%2Bp4KB3%2FoQlQfel%2B%2BS41iYitP1U%3D

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82f553846cf80e0f-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CHE&zdid=1361&cid=U37HnBLYKocDjye%2Fs%2Bp4KB3%2FoQlQfel%2B%2BS41iYitP1U%3D
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 v2
odr.mookie1.com/t/ Frame DD5B 42 B
204 B 92ms
37ms Image
image/gif 34.160.236.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=273bb8a6-4099-483a-750f-05534654a0c0&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame DD5B 0
338 B 176ms
51ms Image
text/plain 108.128.36.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.36.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-36-0.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by: beacon-n013-dub-prod.krxd.net
date: Sat, 02 Dec 2023 17:35:24 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1701538524
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 /
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame DD5B 0
60 B 193ms
45ms Image
text/plain 162.55.236.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=273bb8a6-4099-483a-750f-05534654a0c0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.236.55.162.clients.your-server.de
Software: nginx / PHP/8.2.4
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:29:31 GMT
x-powered-by: PHP/8.2.4
server: nginx

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DD5B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZWtq2wAEAN3S7QBU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578...

95 B
154 B

51ms
51ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZWtq2wAEAN3S7QBU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82f553841c8c0e0f-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

x-served-by: cache-mxp6957-MXP
pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701538525.642427,VS0,VE94
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZWtq2wAEAN3S7QBU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET v1
engine.widespace.com/map/ext/api/trackingcallback/ Frame DD5B 0
0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame DD5B
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1...

0
337 B

52ms
52ms

Image
text/plain

108.128.36.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Server: 108.128.36.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-36-0.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-served-by: beacon-n024-dub-prod.krxd.net
date: Sat, 02 Dec 2023 17:35:25 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1701538525
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
date: Sat, 02 Dec 2023 17:35:25 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a019-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame DD5B
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=273bb8a6-4099-483a-750f-05534654a0c0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=273bb8a6-4099-483a-750f-05534654a0c0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750...

43 B
568 B

59ms
59ms

Image
image/gif

67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=273bb8a6-4099-483a-750f-05534654a0c0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361&dcc=t

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

HTTP/1.1

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JB6FG4E433G22GTMZ114
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HJT061RN2KKDFG9GQ5B5
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=273bb8a6-4099-483a-750f-05534654a0c0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 87734
tags.bluekai.com/site/ Frame DD5B 0
145 B 264ms
175ms Image
text/plain 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/87734?id=273bb8a6-4099-483a-750f-05534654a0c0&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DD5B
Redirect Chain

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D273bb...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

95 B
177 B

51ms
51ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82f55385cee50e0f-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
date: Sat, 02 Dec 2023 17:35:25 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DD5B
Redirect Chain

https://pixel.rubiconproject.com/token?pid=41544&puid=273bb8a6-4099-483a-750f-05534654a0c0&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654...
https://mwzeom.zeotap.com/mw?cid=LPOC3RIX-4-J7RK&env=mWeb&zpartnerid=1770&gdpr=0

95 B
154 B

50ms
49ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=LPOC3RIX-4-J7RK&env=mWeb&zpartnerid=1770&gdpr=0

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82f553850de10e0f-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

Location: https://mwzeom.zeotap.com/mw?cid=LPOC3RIX-4-J7RK&env=mWeb&zpartnerid=1770&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 mw
mwzeom.zeotap.com/ Frame DD5B 95 B
154 B 49ms
49ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82f55384edac0e0f-MXP
access-control-allow-headers: *
content-length: 95

GET
H2

200

mw
mwzeom.zeotap.com/ Frame DD5B
Redirect Chain

https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=0&gdpr_consent=&partner_user_id=273bb8a6-4099-483a-750f-05534654a0c0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
https://mwzeom.zeotap.com/mw?cid=9_BJrPekG6zspEmv96BS-vakSvns80n_8qf6wMP7&env=mWeb&zpartnerid=1875&gdpr=0&gdpr_consent=&idmatch=0&initiator=zt&gdpr=0&gdpr_consent=&partner_user_id=273bb8a6-4099-483...

95 B
154 B

66ms
56ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?cid=9_BJrPekG6zspEmv96BS-vakSvns80n_8qf6wMP7&env=mWeb&zpartnerid=1875&gdpr=0&gdpr_consent=&idmatch=0&initiator=zt&gdpr=0&gdpr_consent=&partner_user_id=273bb8a6-4099-483a-750f-05534654a0c0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82f553834b560e0f-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://mwzeom.zeotap.com/mw?cid=9_BJrPekG6zspEmv96BS-vakSvns80n_8qf6wMP7&env=mWeb&zpartnerid=1875&gdpr=0&gdpr_consent=&idmatch=0&initiator=zt&gdpr=0&gdpr_consent=&partner_user_id=273bb8a6-4099-483a-750f-05534654a0c0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 3428
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm&gdpr=0
https://ads.smartstream.tv/cm/?cmsrc=dcm&gdpr=0&google_gid=CAESEPoPdWZiCXalQTm8bqUFs-I&google_cver=1
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEPoPdWZiCXalQTm8bqUFs-I&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=5c4b1d4836243e37378eaeeb8bacebbe&uid=5c4b1d4836243e37378eaeeb8bace...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
148 B

50ms
49ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_lSxCYtmoYsYGTgAIwAQ&v=APEucNWGKRMR6rY8V_ZzEzKOsNVNRFGwQF2gExvUU5-EYp5HOL5TWJ87JEsq1PUbD98ut_6yR-stbFSOgIe1v4XAfKg-RgN5RY0nTqOKJ4QQ_BbYl-AmI8c
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Last-Modified: Sat, 02 Dec 2023 17:35:24 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 3428 170 B
188 B 65ms
65ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_lSxCYtmoYsYGTgAIwAQ&v=APEucNWGKRMR6rY8V_ZzEzKOsNVNRFGwQF2gExvUU5-EYp5HOL5TWJ87JEsq1PUbD98ut_6yR-stbFSOgIe1v4XAfKg-RgN5RY0nTqOKJ4QQ_BbYl-AmI8c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C5E9 278 B
167 B 72ms
69ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_lSxCYtmoYsYGTgAIwAQ&v=APEucNX7Xv0acWc9GmsplqBPOYt6UJevuUEA1_uNVC_3uBYG8IAY8o78l2UVDjzlyoEid1M2bTIppnVdQb6PvRwyxraIhBg1JUiz0whTTOcUXjn-cVxAfEg

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a87985707fa8a2cd12b5d3879626eccd92c19372ed032b91a7c6f9ea00b6ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 104
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:35:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame ACA5 89 KB
31 KB 111ms
107ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:24 GMT

GET
H/1.1 200
OK https_A_B_Bpdc.bidswitch.net_Btracking__burl_Bvu3DwdNgISO__EMjpLrtuVY5jDCE8V3GacjCrFGO__UbPsHr-uqi4WMwLt1TDwldLTLg4xv8Neb-JjvRRpwF66U75dvssMvZ4mSQkdmTHnmKxgr-fuFUeLpTOiryy5S3MfG4qsJRb4DaJWNYbjP4t__...
media.grid.bidswitch.net/imp/VBXG-2UQ7CNTRCWxffNZAA32xcC3KuWg4VyI7JinHZSWZTOAfxhPrErQpE0OlP4ALbhZMvwH7H94mTjx52XNQSFpfvJJgmb4BgpASQTd8k6vSdu5mmJo3Co3RJujxiqaWEvkUX7cHbuthZfWQvlWdoARDM6eAhfWdu88SX5x... Frame ACA5 43 B
196 B 78ms
33ms Image
image/gif 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.grid.bidswitch.net/imp/VBXG-2UQ7CNTRCWxffNZAA32xcC3KuWg4VyI7JinHZSWZTOAfxhPrErQpE0OlP4ALbhZMvwH7H94mTjx52XNQSFpfvJJgmb4BgpASQTd8k6vSdu5mmJo3Co3RJujxiqaWEvkUX7cHbuthZfWQvlWdoARDM6eAhfWdu88SX5xFuwlPvd4gCnT2zjd_uY3U-TIxeHAIKp3MAQwikRbz0l6KkrVzQlCMVnyDRaSTLmlTReSBC7fVuOXRRQ4mM4Ea8KPkOmdIBWA96t73DtQchtrLVqQeO4xxravmTngE5z_sybLpqF2CzwEJFxXXEHM4XD1GQCw5SR0Jr45s3XsUzbDXBpqdfO_PZ_Mk55VKd-st5NO8bcRooDWGvsO8rcYo0mPf64/billingQWsEo_0-PChm7D_8t8ldUhU9Xy--LQ/https_A_B_Bpdc.bidswitch.net_Btracking__burl_Bvu3DwdNgISO__EMjpLrtuVY5jDCE8V3GacjCrFGO__UbPsHr-uqi4WMwLt1TDwldLTLg4xv8Neb-JjvRRpwF66U75dvssMvZ4mSQkdmTHnmKxgr-fuFUeLpTOiryy5S3MfG4qsJRb4DaJWNYbjP4t__KwBvUDBcjOUtqYzcXYI8RnE9GXSAc97R8__d1EDqBQT3iKmpZ6rutaWAVEW3fkwrkb6pbwu8p3k3y6Nt1J__AQw4CBFsxlf0D74LK6urFVaj50NHxx4gWU7AuH__JWwtjdL3Z-JEFC1nkchuiyEW4DjH3ou0jKEa3Xtjkmfv4VT1VmJYc__oEmZt0CBXruYBE6UgSjmcBDjG1glfEv0__BXexohD3IlTRWudf2b3F__mfidldBgni9FcxYrrsLNDSOybM3ak53YrxMF__VyNBZuEPpXgcgKOc-2tTdZbVOJRcf2rJhpIPd3ET8WqECaMPd-1JG976-rYgRw6RmcNFE_B_I_WAUCTION__PRICE_X_Bhttps_U3A_U2F_U2Fghent-aws-fr.bidswitch.net_U2Fimp__s2s_U2F_U24_U7BCLEARING__PRICE_U7D_U2FBSWhttps__A__B__Badx.g.doubleclick.net__Bpagead__Badview__Cai__RClo5O22prZeafEICe2fcPnO2S0AvOybGHdN-i____rzcEujKz5msKhABIIP95h9g9YWAgPwDoAHy6siWA8gBCakC6Dim5QBNsz6oAwHIA5sEqgTqAU____Q4Vx3R1RkR____tDVEjEJ1uBdN____BP9BOSPa-kaP04EP0a7hBcKuG____G0VDiBhaHF41CY____JkAg65Oxfz-k00HPpvTPGyhQzK1ulbNZu454wS8yNuBp9sslHDTHdBD9vgHS7-v4nLxtIIYmZMm5QgH2oPPAhkAvyRbK8HNV3uYGubtH1Td____23bgPm____ybinB8WReWQo2HCKx9QfM8Mw4pbPDba8RncGAfq17sWuqKvOm0FRoqgEmGccdVU6tUXKncZc2mdgA8____GwbU3NDz9Fm871sjCnekf____Yp-NowNX-atN0mnlRNEKwX63kbBRGcAEjbXi2rsE4AQDiAWqxN2YTZIFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGTIAH9pS3aagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB____6esQKoB9XJG6gHpr4b2AcA8gcNENO16AQYsYGTgAIgBNIIHQiAYRABGF8yAooCOgKAQEi9____cE6WJbhgPqk8YID8ggaYmlkZGVyLXRoZW1lZGlhZ3JpZF83ZTRhMzCACgTICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLaDBAKChDwxvbS6oDihisSAgEDsBPy4d8VyBPOiPvjA9ATANgTDYgUAdgUAdAVAYAXAbIXCAoGCAASABgA__Jsigh__Rmci-8yzH1Xo__Juach____m__R__U5BUACH__U5D__Jase__R2__Jnis__R4__Jpr__R38__A__I__WAUCTION____PRICE__X__Jcid__RCAQSMgDICaaNVaGYnSqXuJq1zqNd-Vc3ijiTbdckgaiiO3xSr8wlUXgd-qQK5IvXSVPOxQSGGAE_U2F3vKpA6edRTlNc5ZeA1D6bK2uyW3iogz9y6wd-LFPLWa8MOcp1LrdghtrczwD0RLV__IZLP3f__IkyZVEzAF9ERE5OUxGEhXZQWrMt-ajkAp4W6uRgPoZ5Xg__NXdoQTz1X5aC4I2liT6AjKmKUMpHxJdsHCn892uxzc1rhQ-bf9pvOwhKKMkhK3uGW4d6hTgBDIyuDLKWchtT0Jt6MCC3mL7UYF1ZxALC6q84FJfp8PnwwCdCSiI0Q9m2fsFyIfHDJ7OUus5h5j7rIs0ng__g-nPWQ4VXyx9H9t__UvlLpXiWSWRbD8exm3lWoZLQ8NEAk3WJBjn-NnS82KaHLkNH5UuuJfmAbe0Jg4OufwnluQ4kZyGrGRK9zpTPn__HDQI9FCwR6WizNpPGAbfkOZwgD4OZJIHxtFqrMKSSENZmPfNmkHxd0vuWEyq5nlTI3QtyVsbvdEGal6VIH__yM1bCJlYiiCoTcSHAsqUZvdw5lhQRJvI3fuYs474sVSco5R2hbbiS2RbCSdMjoW5b-HuwxUk39L9tTfLDEaLAizuivkvmRSXjIPKHfUf8IszBZrNScxKY8__TCXOzHmPpJ1NnSjTSTB__EwIbWVg__xbCqgQkphkCDZNw1s0oKVDlP5k4jTKSgy8Hm3VwB39u0Jf8BO5aeRkk-v__-zlK6FgdCCpjVJrWUkdoA6aC8wNVkvJEIbtInXTsPQuHMAXu4nWgaWB8AubSuH5fqFnLrXZr2cHPGey7nQ1NUlacar2cZgE90yQ9lIR6Yv3kCKWRe5__9z4ShoJOrM5KY9fgLJTyKhc9yoerU9fRnmndVMEzAXS-rqvcJsWAjW1jigkc8FJlv88GIj9RTdlxfnqgeJ-pVboEphPBx7kEv49LTYRW28kajwXXK9NS7nFfeoS25PPO2-oz5N__jVW8Xr__I4Q2YudjzkuZq8QXTN0X5oT9Kfy9hDVFyZPkXBN7U0Xo8bfqbjBI0ey2u1t1u0YBL803gK2ve2Hx1v2vlPFLgerbehjnDwFkjUGrPrv-oJt__DRjKAzN6HH4cDjR1Z__-5WHoK9KXRGUxgFmKhFzKZ9QWi903fzD-bTmAdZ4Oze3vkiGdh0CVTHpwH4HxWdWl59gDso26kVrYFJwuPa8SbUN-jIuxt1A3tomqsppRpqi3uKH4csopg25nw7429PVCtDNdDBIRnrXl9ckt0V8OwAWXAGAIMYxQ8WBkuqYww3SIpSQHY6MFk63m-fyVbqDeUJKjg7TKSxsJvUc4LDjJ6RUIbQETE3xCygmEPkakSbYDY2xUCPflBwNl7fEy1tuGivJdmkmyXsfhzUaNFj77JKTjENBd68J4Y__8IyWDzMm3KvBhVHXtctysfewautbBRFMEqBS4EeuXkiVqKYOvR434V__LTcuu1YuxU0HuzY8kdNy__Heh5e7keWvVsbp1O0qbj8Ykr1H9lJcPYY8lRqQICdYOQHIW4bOoJ__WGfEWBzwZpOtOm__ggXWa3k7wuLpgF24lkwHTMilfAzeQMQvYseNH0JmUkWusWGs3CqJct80YznFqG15UM5aKYDH-l1uPjw2g8wI5vjt__eCN9A2oDMwimENW4eLbnxGSp7-__rmr-49zBEHVRmn3ZnbpBzpRMN9rPyZq6UGZgCHl8u5rB8GAQt3R0eJ4uIG6VrBqEWU8NoGN2BtgGP22xkYnUMPGFh18X__eYSq1JyM6zMmM9Gv468mZEnGdEXI9JmaWIUP6ai0Knbi3g0aENRI63wU2pIk7oI7arbmpBMPvOnbipule5klzttjG39zXmNFzpxWnefuYQkmXX__53ivEC9OnsE9adIyA8zBKQflvWr3maemVZ4AxDJwjyKpkQr1QpTA7GM23kSdlTCsB6EGXOt9WzAv0CD27Xq__jeahG-yD-MxlbM__rFXGssTopwdDRnylnJq__DAZt966hWFFpxSnWy9Ciog3MxIbVygGIXwj1Ga__bAH0rTzM7o480dcxKGJ24j7FSxipw-9E8v4y9hG3ALiqF966qGYGqaeKe7DQQ3CC5ecAhbchZ4YH7uIZqid4JeBFfJNt2nUoHb6LY5Ruqi51GcnpE2UynEveQ136pfkYaMIznAAsIxuRMel4Xj-2V8fwMxEXW67yNH333YH__iCsa3kFdmEi2QGZUIjplJOtiBaRis52aVa0__h3KNkXxhsMYTDNeZ7TB3GJjznqUi-02x9BhcHyD20-CWMqdakydDS4mOEHxJd__WtSJhS9Ozz5zf33rW7ASSoVA6u__1JZl3DrDS9pWGKp9TrqrqTWmleQl0CKJldnTGCrZXYpZWerPp6kjg8PlRfC37hcSW9o9G3NuDvxM0b9nAJa1Z-rSHDrfhkEpjCrY5n7lzkxMr0OnkNfIFQpX__jQxVaDipqMKGhLYmHtTVx9U7Dmuti4zcmR3PQjx5nxQRAQlaEzd__HV__NUAf36oxKo4BkAc-tC7djVeEtG6ACbqt4__TrGMJtRg1S5z__VkWt4Jdz3VJXqaH8Y1uT6J1eQAFmpq83fMBS3bXKFRqSjD-dVHxiGGkSUPFutGtO2Q52-RDyX2C5axnk__4t6h2Bz7E0v7__qlOq8CJWpnKNvFLPmTwVBIkZ1vVLArNzu1Uz52OaC1Xc53u8__-OITbesnJPMUGe7E2azo-iomdX8jAgfgmbBtgG6I0RpRXS4DUqhgYBEQ6bythg4xMy4InFy3iZGFqJs6xxZ9K__FgosmYsU-5p5saEcQN3DechvwrU4iwYyo2UfCdUgnpBv8X795oXF__kUNKC4-3fo-odsvyYP3pcOslA-fIcXhGX5uKsC9yzqnwHZsYNIKeIUOdaloq6ACzI0VhsHu83CMcG-C30PguKeOJ9oB6dNduoihHGNUb0PD6ggWnFBVl666bBEwreCV35g_U2F
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 43
Content-Type: image/gif

GET
H2 204 cookie-overlap
grid-mercury.criteo.com/notifications/ Frame ACA5 0
121 B 44ms
42ms Image
text/plain 2a02:2638:3::28
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grid-mercury.criteo.com/notifications/cookie-overlap?publisher_domain=apkshub.com&bid_id=ba4754d4-9468-45f5-b38d-6cab7590f044&ads_txt_id=8GZCTF&has_bsw_id=0&bid_price_usd=1.5906555

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::28 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Kestrel

GET
H3 200 cc.jpeg
px.vliplatform.com/imp-v4/ Frame ACA5 0
500 B 157ms
155ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNZMByTKUr-TAPw-PTUM-wweM-UTZyrrMKPUKrRqxeNco_TUBMTUMKZY_YRwNekoztgRhNTGPBTZMaPKYYaBMZBMRlmNKYMbaARdzNwqfftkRrdzNRwkhNRmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9d9fWNTSLHMGtuFDkfsRpuzjTdG2hktcbozssRTG%2FFgRj4Fn3aHXpOr%2B4r4x4Hdcv2KgwVCJ%2Bwv1YSruTjIpuWhkrNyar6tJ8FflIt7M1LF%2B%2FxCzRl7g7wMfpN56Ptk9dgc23MRJyBIztzJaYSx9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f553831e65ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 tpd
cat.nl3.eu.criteo.com/ Frame ACA5 43 B
461 B 36ms
34ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/tpd?dd=Ho7b2V9kVTFwbGlzNkJCY1QlMkZtdzhsMW1TQ0lmRXM5ZDg4dXdIZ2UzTjFyaHdvMWp5Qk5DRDBDJTJGU3YydXFCSldBSnJQeFQlMkZyajdycnNDSEdyNUluak1raTE0R1R4TXJQTVV4dnY4alFUeUJEbUpDOCUyRkl1MiUyQjh2M3FSS0Z3NTZiUWZkVVRWaDZmUE9JT2hVUGdwcjZHNVJ6aTlUWkRBcU40Vlo0RTRGM0JMcWpGbElrak9DeUhsd1BHendLb2pPQ3B2MjdBZEpyMHFZcHlaOThJVDV3U3JxVDRsYmxvS2RqamhUTEFwOWxEQlhBdDJtS2FUbjVuT09RVEppRDA5V3YzNExNSkhoMjZSS3hrQVVXMHJSd0dudlhWOUdvNnVOU1o3eTRZRlVMMENaYlJERk1QUDA3b2I3N3ZVNGE5Tk9yTHlDZmN5M2QxR2hLNHh0TXg4dU5XSTR5elB3JTJCWjNiS2pRVkxCWTRoNjN6JTJGMGUlMkJKTnhuOSUyRjlMbEdraEd0TDdpZ0NkeDRIRk8xamhSUHdKUk9nTnlPVmZWeFFoekN4NGdYeEFCejFZMTF3akJnS0JVUDZxWE9BaHJGMlhhNlU5blo5NExCY1J2Qm1aVk1LQWFvQzNaanBLZlg4ZGxKWnNzaUlaa3o5SDdQQVdKNnRqemg1ckxhUGZ3VGJNbXlOamNySSUyQjNX

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 236914
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACA5 42 B
107 B 65ms
63ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BbJuJ3G_NCjjCD5aR-Ea-pyZStXELgZbBwkJORYYNuLJstOmrQUjoJeRcTIKE5MRQ3N6tNSntj6W4seBIHyySjo4AToerbTpvhJdAdKqqPd1t_0X0

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACA5 0
56 B 65ms
63ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8853819634153017543&x=38&ct=76

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 7B6C 7 B
775 B 33ms
32ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LPOC3RIX-4-J7RK
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

GET
H3 200 cc.jpeg
px.vliplatform.com/tmo-v4/ 0
499 B 175ms
174ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/tmo-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNZUtaeKTU-KyTB-PUMY-watM-wUrUeZyBTBMMRmNUMKZZRleNplRworrtkNldostvqfztr
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvR6wDfkSBDUEN37ZmCIj5xXUgP8E9oS3RptJ6er0I24oTTt8FWql9p%2BuzEGXRdGIZsimd0b8VZyNo5GiTB4p7xxkG45hJuQ9RCe2sf9Ls%2FZaZCEm0AELAT5bT63%2BUhybZ4cwBPfhFzvxnEZzc6o9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f553832e75ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
14 KB 586ms
584ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2981851881987093&correlator=685659463729645&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=22651645586%2Capkshub.com_vli68755&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&sfv=1-0-40&fsfs=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3D45fd29d85dd15209%3AT%3D1701538523%3ART%3D1701538523%3AS%3DALNI_MYEYtAyG5OpwgFk4O-DEU1jnfJl4A&gpic=UID%3D00000d01a01cbd97%3AT%3D1701538523%3ART%3D1701538523%3AS%3DALNI_MbdTsecszt_FYJ6nIyqhSLRQca_uA&abxe=1&dt=1701538524668&lmt=1701538524&adxs=985&adys=326&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.apkshub.com%2Fapp%2Fcom.scottgames.fnaf2&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&psts=AOrYGskWSc9PD_RDYt7z09uaA9aIsOyFEzU89arcG8a3pJEJGp7AIeomKH_TaCjDjy-2e-83OSCVtx2z7JR1FI2BeA%2CAOrYGsnh0Ed3RuHF7uC4AtUPWLHRf-n3obPh0FXH8odVa3EE9ZgVM1dgJawww7sy7cl5n3ivsOq34m9GojKgsMZyWg%2CAOrYGsl9btm_Gb3pAZgJrBDM1VilTT3vwsA_riT1C3RYnWUrJ0ra8vcaYm1Ovn-IIoUy-7srFB4X0950xcrk-UqLXg&ga_vid=1865362612.1701538522&ga_sid=1701538524&ga_hid=1059934213&ga_fc=true&dlt=1701538522035&idt=1115&prev_scp=vli_adslot%3D68755%26vli_acc%3Dvli_22%26vli_adtype%3Ddisplay%26hb_width%3D300%26hb_height%3D250%26pw_tagid%3D68755%26vli_sf%3D1%26pw_network%3Dtrue%26floor_key%3D37%26vli_ad_type%3Dpassback%26pw_pb%3D0.01&cust_params=hb_domain%3Dapkshub.com&adks=871115713&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c64fb649821038fe7f3ccc4c4b94924e2796bfa6a94a97dafe9b89a2c9ba15c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14035
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/bi-v4/ 0
500 B 168ms
167ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNZMBwPZKY-eZyM-PwYw-MMKw-AqyaeKwTKePyRdzNwqfftkRwlNcso_YYRkjmNBAAbYZARrdzNuggustRwkjNTRmNUMKZZRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETwAHo8REaS0LG%2BbE91EuT0BFJdgutwxJ%2F7PFRWwdguTx0tIJXktsh%2BsvqXrkpc3KViXWSfMg5rPgcMdIZY1Y%2B6VI%2FE4IbsVoDt04hdn5kRlYBy5n2M5aWemO4h8OiA24zn7GK7e3N%2Fuo7CN2ROixw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f553833e82ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2

200

sync
ad.sxp.smartclip.net/ Frame 2020
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBtpG7ikj5Fbzsq9Lu8qohU&gdpr=0&google_cver=1
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBtpG7ikj5Fbzsq9Lu8qohU&gdpr=0&google_cver=1&ang_testid=1

42 B
444 B

38ms
35ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBtpG7ikj5Fbzsq9Lu8qohU&gdpr=0&google_cver=1&ang_testid=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_lSxCYtmoYsYGTgAIwAQ&v=APEucNV9mCp5iENgqe0CSEjUXNdKLRGYYLFwmblwEEv-lNw43m1p745ZtkjOCYAbV81mW2BoGnMXxVCgLBaPNRUgjnpuKHtfI7daERZ_1VBSXnohWXRyzuI
Protocol: H2
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBtpG7ikj5Fbzsq9Lu8qohU&gdpr=0&google_cver=1&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame 2020
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEFDtxMX65i3jaEpw831e5kI&google_cver=1&gdpr=0

0
400 B

107ms
40ms

Image
text/plain

23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEFDtxMX65i3jaEpw831e5kI&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_lSxCYtmoYsYGTgAIwAQ&v=APEucNV9mCp5iENgqe0CSEjUXNdKLRGYYLFwmblwEEv-lNw43m1p745ZtkjOCYAbV81mW2BoGnMXxVCgLBaPNRUgjnpuKHtfI7daERZ_1VBSXnohWXRyzuI
Protocol: HTTP/1.1
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Fri, 01 Dec 2023 17:35:24 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEFDtxMX65i3jaEpw831e5kI&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 299
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0222
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=7476920855595883743

35 B
250 B

169ms
51ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=7476920855595883743
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
an-x-request-uuid: aea7c92e-a9e2-4c61-beca-73394e35d64a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=7476920855595883743
x-proxy-origin: 185.195.71.221; 185.195.71.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0222
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_7bdbcb18-7d52-4f3e-be07-9be385a915ed&gdpr=&gdpr_consent=&us_privacy=
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=0&gdpr_consent=&user_group=1&user_id=5ff53495-c341-4cbc-b412-cbfcda5e18bb&ssp=gumgum2&bsw_param=cc77a4b6-7e95-47ed-ba32-09569fa94366
https://usersync.gumgum.com/usersync?b=bsw&i=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&us_privacy=

35 B
250 B

51ms
51ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: //usersync.gumgum.com/usersync?b=bsw&i=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&us_privacy=
date: Sat, 02 Dec 2023 17:35:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0222
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=f4ae74ec-7d85-4783-8e28-15b692e4188b

35 B
250 B

117ms
51ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=f4ae74ec-7d85-4783-8e28-15b692e4188b
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=f4ae74ec-7d85-4783-8e28-15b692e4188b
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0222
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-c344a179-9236-5e4e-6606-453c184cf9fa$ip$185.195.71.221

35 B
250 B

162ms
55ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-c344a179-9236-5e4e-6606-453c184cf9fa$ip$185.195.71.221
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-c344a179-9236-5e4e-6606-453c184cf9fa$ip$185.195.71.221
Date: Sat, 02 Dec 2023 17:35:24 GMT
Connection: keep-alive
Content-Length: 128
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0222
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-qeo5tahE2pekAZY18lDhsvdWSdC7zabNaA5_~A

35 B
250 B

113ms
51ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-qeo5tahE2pekAZY18lDhsvdWSdC7zabNaA5_~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-qeo5tahE2pekAZY18lDhsvdWSdC7zabNaA5_~A
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0222
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
https://usersync.gumgum.com/usersync?b=vnt&i=73c56baa-ff6c-4dd2-9835-7afda27df592

35 B
250 B

220ms
52ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=73c56baa-ff6c-4dd2-9835-7afda27df592
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:25 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=73c56baa-ff6c-4dd2-9835-7afda27df592
Date: Sat, 02 Dec 2023 17:35:24 GMT
Connection: keep-alive
X-CI-RTID: 04d0d637-2a56-40f9-9fd3-ee9e6cb57553
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 200 142
match.deepintent.com/usersync/ Frame 0222 0
16 B 116ms
115ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:23 GMT
content-length: 0
server: a

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0222
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_7bdbcb18-7d52-4f3e-be07-9be385a915ed&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://usersync.gumgum.com/usersync?b=zem&i=

35 B
250 B

51ms
51ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:25 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=zem&i=
Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 72
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0222
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=qNYNIJZGIGkZ&ev=1&pid=558355

35 B
250 B

164ms
52ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=qNYNIJZGIGkZ&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-CH
location: https://usersync.gumgum.com/usersync?b=pln&i=qNYNIJZGIGkZ&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-74c7cffc45-7pcmw
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 0222
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=3589463590391086894

35 B
250 B

165ms
53ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=3589463590391086894
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=3589463590391086894
date: Sat, 02 Dec 2023 17:35:23 GMT
content-length: 0

GET
H2 200 um
sync.e-planning.net/ Frame 0222 42 B
104 B 106ms
35ms Image
image/gif 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=21648002e00e80a7&uid=e_7bdbcb18-7d52-4f3e-be07-9be385a915ed
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

server: openresty
date: Sat, 02 Dec 2023 17:35:24 GMT
content-type: image/gif

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 8664
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
https://rtb.gumgum.com/usersync?b=adf&i=5601850442688953787&gdpr=&gdpr_consent=

35 B
208 B

56ms
56ms

Document
image/gif

52.215.12.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=adf&i=5601850442688953787&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.12.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-12-121.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
content-length: 35
content-type: image/gif;charset=UTF-8
date: Sat, 02 Dec 2023 17:35:24 GMT
expires: 0
pragma: no-cache
server: nginx
timing-allow-origin: *

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Sat, 02 Dec 2023 17:35:24 GMT
expires: -1
location: https://rtb.gumgum.com/usersync?b=adf&i=5601850442688953787&gdpr=&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame 39E1 170 B
188 B 66ms
62ms Document
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83YmRiY2IxOC03ZDUyLTRmM2UtYmUwNy05YmUzODVhOTE1ZWQ=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:35:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B1E2 16 KB
6 KB 34ms
34ms Document
text/html 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=92587
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sat, 02 Dec 2023 17:35:24 GMT
expires: Sun, 03 Dec 2023 19:18:31 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 15FB 70 B
148 B 50ms
50ms Document
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Sat, 02 Dec 2023 17:35:24 GMT
server: Kestrel

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 6A02
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZWtq3cCo8XkAACFF9JQAAAAA

35 B
250 B

52ms
52ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZWtq3cCo8XkAACFF9JQAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sat, 02 Dec 2023 17:35:25 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Sat, 02 Dec 2023 17:35:25 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZWtq3cCo8XkAACFF9JQAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 2
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad358.dc4p.scaleout.jp
X-SO-IP: 185.195.71.221
X-SO-Key: ZWtq3cCo8XkAACFF9JQAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"185.195.71.221","key":"ZWtq3cCo8XkAACFF9JQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad358"}
X-SO-LB-Hostname: m-tgng21.dc4p.scaleout.jp
X-SO-Upstream-ID: m-ad358

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame E07E
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=oEXCCcN2jo7_Fex7d7JdS6YgXe3QI3Iuca0aTj6OCoU&pi=gumgum&tc=1

35 B
250 B

77ms
51ms

Document
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=oEXCCcN2jo7_Fex7d7JdS6YgXe3QI3Iuca0aTj6OCoU&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sat, 02 Dec 2023 17:35:24 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Sat, 02 Dec 2023 17:35:24 GMT Sat, 02 Dec 2023 17:35:24 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=oEXCCcN2jo7_Fex7d7JdS6YgXe3QI3Iuca0aTj6OCoU&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 4CC0
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
555 B

50ms
50ms

Document
text/html

69.192.162.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-162-113.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 02 Dec 2023 17:35:24 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 02 Dec 2023 17:35:24 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2

200

um
sync.e-planning.net/ Frame 7B6C
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=eplanning_eu&khaos=LPOC3RIX-4-J7RK
https://sync.e-planning.net/um?uid=LPOC3RIX-4-J7RK&dc=9bcc91305985f0db&iss=1

42 B
103 B

34ms
34ms

Image
image/gif

193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?uid=LPOC3RIX-4-J7RK&dc=9bcc91305985f0db&iss=1
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

server: openresty
date: Sat, 02 Dec 2023 17:35:24 GMT
content-type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.e-planning.net/um?uid=LPOC3RIX-4-J7RK&dc=9bcc91305985f0db&iss=1
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 579d6dd278f76ae39d067788043e4297
Expires: 0

GET
DATA 200
OK truncated
/ Frame 681A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdad0f44392f5298828e5780f433fa1632d015d7f3bc93c3348eeda988088cd7

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15E5 0
20 B 63ms
63ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5686079881191&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15E5 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5686079881191&version=m202309260101&ct=76&x=38&cor=2089081526269520000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 15E5 82 KB
37 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A24Eb5YhOwxUOUvk-cgUaTrzSI0Du7ApOnjrk_SHeIN1kq4xh6mZwQ9hzhS74oEToKBGZ52VI6I2bRRAXZn6xl__EdhbvLSD9_RHJ65Pmn3lYGHGkgPP1bkPgccKGHefN9UWO3griMvLaAsuVkudNM3Xuj_BFVI6xzvgALf94fGehuQ5c&dbm_d=AKAmf-AuBqCAtNadvnRO3DK_RIKB1ulRlolrQ_DloSJpa_gH92VWglWtmwCf5HUY9LOrmkNxgAHAA1mMlj-vLq4oKoOYaCx3bxVnfgV13fS0m7EBdJESCPUr5tMmzODO3tPXkMKFBuAu5qS4j7HLOQ8VeWkCf88L9Xu65jTTaRaNvaLPj11fnEwqQRra9p1HhgcZetX1T5vhbCrHyeazrxGhHZ3-y2tpH2MyvToJvSpWrWgZZbF4VpGKdLac2nQkUMOGZ0xAecmEYR9KpOtUa_WzgI0N2jc5TxyqrG7aqzvHg4qh7ebtTdPb-BdlEzrgKw6M6HfvNl3xEX_ofMFNK6DdH2D7u1jowhMxUM9w_wqZMM-Szk4cX_qAeel3U1aqL8LrgXj5m6VtsIBIpsZkfTC0yt0ZCwYS4ImyhvuZJVwU0fPYIDW9w9bzMWEaDAhplxdssHldF42jrAr-s-nrhWNfOor5QbyC0ydhXqXUyV5hITzBoOLPenj9S6YFZaP4JtkKxhK2yZ5NBYV5oWMiPtMa6VjU8KZIv9FlDsseusoXUmJ4gEBqw-hFn4lr_DiKDkT-arlwERBUhUZxi1RHcZh4_dZzye8Hb0N98vas2jkofBaPlc6QWbKzJcHMq0WA9l1RIWGi1R61-q55MH_N092Hz5o8wIJVz7LL8lzEvJsJiSyvbO6QWgglpBLWt2DsbbhnrutVscnH3y2kDdA4St7ZjkBi3MJ7eQt9jydy8Vnc4OH0rPDEQVETH4kVOM8T19qNbQCr7RLjH33zXIcs84GS6m2Dg45WlLODtqCzUBfYjdM2BgDsoGtxL48BX8WjNU-KrsFcMP2YNArKvG4LqrRtJjRC015SUEMk3MaHzz-EbmxUFiUUbgbhrRdShPSsE-cyoPMr1gHzWfbCNbd5S-rNdGvR-EuDEOWakpDPpNQZbLvHm3IsJHHST1tR53UR10bjIOZ8FTG04daREdKRyuJ7UwUCNif8zWH8o9cKC7GFP1diQPma7MpITUgJZIxuJW-3yTp5PYCmb7nJJiubS2djuakOtIR-MOMjjPM2eAJWpNm8JNQBWqrzh7zKlkDkZML_dcEsN3uMaeusH3FY4wD8VFdHUncrJt_INt66NZvHfsPJHtdm-_tGcn3WBi2cF4EK5tytlhbC5V_Z5TMscjuHOyXr2Ku8y65e9r-iVVOn-iBH3zt53IzxJYBoVnDWn7pP8cC6uGRitmLngJ28D5DURgq9YxD1jKeISR-QPUfK0FLMHkP5xkS068apcBFuPaYFZFOTpKa_pbcOGzvzLYMvFWjAxtVe8oh_WqxHLO93dxQY5A8u_CZY1djDs9WDyMuoF6VmH2DJX30ANy1nYJNs6rD6fKjUaVhsmXMWnH9nVzcs03GsWPKiaB7W0mxJDjRSDtBO-BG4nPxWNAF9UZmP8S1PZqM6kJQL3vr2wsWuqk_xQGYB4iWFvOXm2FoWcxBEvjr__NA5Lipflj3Lzz3ep6xkphphcvlgpib-3axSPYDaXktDoamS4kPjOE7GzZDzac7YYg-ONhpEE_jNWbmrY6ZBfj8ZjlzG7mLVz9_l9bTWJkxyP-I6tm0ovl1oGZTdLnx0ELXKLLCIYYeoY2lhfiN2cVirBbQE66x1VNiwfDi4qtTm0ZDlf_rbJ8MtnSsL_vHLZea8NrT5wsMlzdE9cJEVzrn9loMNc8rZikV7wldZLLFhRtVZ0vn6Id_9gHvGfAc0rHINQEOOacGQShtqPbXsNPQkKhShNbu3v6faAQ4tFI54BJ0Qa6KCURKajmstQjqFlkqqeLImnR4WicwieScAn1v0yzpIG2v5xh1BPc5G1KBhG3JorefgrHEplwG7Un2TQjjN2HxGk3bzaHxee2-YLRTvN8Cs-wXD3VZHalPRFRjD7ZC0VaWKmjMO8HCS9y7jfuHluRPZS-iWaPzE4JGx-9_V0y3p1mdFFQJPmpZmUKmnUxfalMnn5gp4pYhyRhxyg-4JTUO5J_RprwcweXdj4lSV6okjkhAHiAuKvOWoPMX001Gs2PnVqRSz2P0F79rDBrsEczkKEauNVwVPCkwodIycP0VtMZZISwWIXvjxbEOgoplv0_9pRD-FQxbt95XCMThqmtzo7s2amhFVSBF5yJBvIGOe-Xa5FEve9zrBAo-sB70-XoeyK2MqRc2mRCFu0-OFmLXRgUF4XKd2NkZ0ZHOCkmgCxwq2BxgRdvxq6bx9pKmpxbaGPeCqBY4uQeZusHr9gRYgQo9n2m1PLRVlPb_HfCU5pioM-zC_uZPnPNsGu2FkCJ3Nf9Kxh7gypMfHZHumPc5cJrU1qEgWI6EjvRrX7wK2eWjY5tXECTHDybJS-9W7p4KXx0dkPAckipWVo3gfdMdii3z09kPH_dWAlY69i2VlwE4Nbh7uQxplg4cksdgxPU_RwR6wKXQ4o6zgYD3vFTUco3ZW-sFmaZQ_hGczwqwF7kuti47puoyiS09lcPBdTNwydjrTJAupvFviQkfd9n8VRP89yM142Ll0jch9nG4z4UZv7ZwhM4iN05oLnEr-TLgycbKdNzl40hFB3qB5uhFBPE5E2MyEcSfRBlJgyrrpO8E-MHVzApIMJX4rQVHktOY3ZRJ5W65CK0961_KmPOXPoMjFdvQhJg-tHnGs9GGfCOwjZzjOtOocYcrOyCocg5xBaylfLRo841acr4pSzkwQlKcEIxQi7LkekR94L9ujOm7rPPVZe6jdqvDwqwAY3cYXQDEa3iFvfpAnxkKKvqI6fdnk8g7ALbf2rOAAFoR_7InfovXBGweXSNtA-1VKny6Mlzt0Z14HnqdhJfq8vuWt_IHnTS4YttuGoAsJCLWGoNuKlqP9IaXIFANVdjzlQUwYxp8o4ayShSZb20DsoQaigflnj428YcEGjfncX9km8JJrKnWmy4pVmt3F_ZpRie7pZGXLidCAVnM289jqyl17lwcqakx1gF4VgfWmprn-fW_J2hdy1AgtfcVs3QltTfpzKy3ndAQXM6WRUNBNMImFTfVUdJRPDA-QkqSuH6QXD48L62KdCWt4-K3l5jWzJkNMej1teGrvMrFdC7NikmIROb3Yi4h1x09zgIJNv3hAFykhu7KLCNBGQA3t7RcZqZA0_mFmUSKdf17LHI7EKUN7FbXhA-hOHXSjmILVtQE_MaazGE5BKu66jUj7wzUCyIdpDjJkBCdYN5zHPyjueFrXrheDCYNLlRNv2RZv3LoIT5Pm1V2aniqLsRK0CAVYN_XCroalOwEnxUU-cd8sRyjaksKcQ8XJhjGDMwzBZ27EZaXYQpfCYeqqV_33uF5fXFGHxP5VnQx9gJ0yXHpX3eqCjGtElrShgvCJOXwt3FF5VHclirico7hO80aI9WKH4s5OasH4D9K6RmRLmvOgpbbVOBVL_lVF9yUSu_YphkJd3MY92M_Zv7rwb15tERZsNSaFlhH3-Y1vYm_vNjD_duSeHhvcrgdwIFg4BT3c6dGJoqcYNWF47XjAgIW_FuKx9BRAcNYxKwCy_wGbCXuM&cid=CAQSMgDICaaNOGra8ZPcqyyujXVuGCyJAvOJ1gKEI9GsnwpPFz40HYc5VOa9swrhrM4wTNgnGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apkshub.com%2F&ds=l&xdt=1&iif=1&cor=2089081526269520000&adk=429927377&idt=205&cac=0&dtd=102

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c8b8b2486c5a57a0cee2eaee8df9105cccb7c5e2beea6c6339251f6466232a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37894
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
ad.sxp.smartclip.net/ Frame C5E9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm&gdpr=0
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBtpG7ikj5Fbzsq9Lu8qohU&gdpr=0&google_cver=1
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBtpG7ikj5Fbzsq9Lu8qohU&gdpr=0&google_cver=1&ang_testid=1

42 B
434 B

37ms
37ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBtpG7ikj5Fbzsq9Lu8qohU&gdpr=0&google_cver=1&ang_testid=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_lSxCYtmoYsYGTgAIwAQ&v=APEucNX7Xv0acWc9GmsplqBPOYt6UJevuUEA1_uNVC_3uBYG8IAY8o78l2UVDjzlyoEid1M2bTIppnVdQb6PvRwyxraIhBg1JUiz0whTTOcUXjn-cVxAfEg
Protocol: H2
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEBtpG7ikj5Fbzsq9Lu8qohU&gdpr=0&google_cver=1&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame C5E9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm&gdpr=0
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEFDtxMX65i3jaEpw831e5kI&google_cver=1&gdpr=0

0
400 B

78ms
47ms

Image
text/plain

23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEFDtxMX65i3jaEpw831e5kI&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_lSxCYtmoYsYGTgAIwAQ&v=APEucNX7Xv0acWc9GmsplqBPOYt6UJevuUEA1_uNVC_3uBYG8IAY8o78l2UVDjzlyoEid1M2bTIppnVdQb6PvRwyxraIhBg1JUiz0whTTOcUXjn-cVxAfEg
Protocol: HTTP/1.1
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Fri, 01 Dec 2023 17:35:24 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEFDtxMX65i3jaEpw831e5kI&google_cver=1&gdpr=0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 299
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4CC0 46 KB
13 KB 35ms
35ms Script
text/html 69.192.162.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.162.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-162-113.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 3ad05fd574b9bf64fb99c4e673f0bdcd6a889d5cffb763dd8829b2abf45d9702

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 21:14:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13191
Connection: keep-alive
Content-Length: 13236
Expires: Sat, 02 Dec 2023 21:15:15 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 57DA 4 KB
2 KB 38ms
33ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

af26d967249e07b8d39f75101902eba7c8130b289118298be4eff1f9f141056c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1508
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 5035 0
0 130ms
126ms Document
text/plain 67.202.105.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-105.static.steadfastdns.net
Software: 33XP017 /
Resource Hash

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
server: 33XP017
x-33x-status: 2020008

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BC07 0
20 B 68ms
68ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9848064768945&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BC07 0
20 B 67ms
66ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9848064768945&version=m202309260101&ct=76&x=38&cor=6183851008184346000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BC07 82 KB
37 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUzz0N-NNGhniF4FGSgGmceOkas8hGSwfY_E3_LAEJTWFHpbQx_3oUekpssNllCha6dpp2balFexxMl8QVqIoPEox3yylJuL4hlvC5kSJnSzUI5q6LajE-uPeeED8syPSKfIQ8vag9epu_k8jEbP7IX1tk0_MqFCrsDjrlFjKmefVWlPo&dbm_d=AKAmf-BCeOlFW5DmD4IYm3DPcYqRs79ZE6XkvX_mXu906WVcK3oYDPlJUOliey0L8pJptZYRX285LY4L-FGbgYCrIotdj5-ZWyIE3BpSmVgDxHrEsmX95PyP7tE-pGXExk5j-Kh0Te6BfqsFCE36ocKRVgs0ok5Vtk5wCfdth8zBb-beoVXGHMDs481S5I5zQKmzRH4cJnTFyFTEa9CvLvbHV5J4PFZEdRCGsm7NP4g49H-tOaGWRbqmP9tUbcDJpgHYM4tGpkmp1QbEjO5oES33BEzhcq-XaHBHbsAFMvHGKADwa0v2oDkC5k49uzH6581wEX5ZXmmk8kq3K8-OH4z8BtO-wxeYvRiXfR_hlpSbz4kEUlhOxFDVPb7G_17D03wgqRlurQRHmP33CyjI2wNFYpDiZFTGYzMY0mOqqIEl5ZqfSlGU4PjrabP2L-gNtUPVO8PdYGtdB52BuGfZJsixOkI1Kch-5a4w5mJza5MfluWH9RXthseyTVlIBnAvoL5WRHZP-HRgc1b4HfLdAL8yxuOwqTlzbPqaSzeLnIxUgQarqyMZaZFi7sP6zX2HWx_TlyQxLov0ejLHPL-ta5c3wxSxlBaeCVy3hzljp4y9F5VlY224eAzgjdd82IStNMVIy2oki_whFrhqQabangSh-4Wl-ie7eh4YSyZoqzx0N9KRCJcScXMUv4AfHYRC0skTVu__aXd6vCWX6ph4gNdcDd_katXlcXQRVfkJ4VXb22f-E1SueI6BEIO-ferETMHrHSjUVNqiipZ7CgsuEl9ebwHyavcazOoIYiLq082BXbSfo0OaSaQ99qNf5p_uuXGf1mHYGC_0WGJinwZzvCJ2eW6Kkr3PRaqpphOWwzI3Qfyctz5kX6106bzz5o3BaWGEkP2RYkk58KSveVe_YUDC97WyF3x5cZGrIC92lAqtfYIQNCTuz1XKSSlDrhNCqVmlubghrU4cjceqNeq1Gx3izkPxJksMoeC06xnZgnmcnmrNWbCf_IC8Uo10JhZvGudTf4wWFt-u3GbFmVKw5RtX4iq-OH70xoFD_maw7pbGOxzV37rxU1J5-rZHBD1EU1zpV2yB0K9ObQZzE489WvfQYx1o80elyvtVzHHyX9rJ7eKiF_lV23Omkm9VwtQnLRXdMUy60Tzez7iRnre5jV8x3dUY5_BzWBJzuiIEYWLGqGdjTCjQoK4Hex__WCArY8PsQnzFnLhhaJ-8B81IsW6_fjU_2K6t1yU-vJ1c8-6J_A1Y2vwRp3hnL8EYp_5bXnqwZk9_qoVTCUHpLmJjUGE7bUg5M3CpKUkZMpXYpP4Q1Z-e_oyK4jpxG_jsCrsg0MVO_ye1ekDMeZGXV6XODohV_9mIj8-oi-HzswSmHepbiQTIGx3eBrtwG1uqGMKbAkwHPsQOag25RIZLjKx_3ARbxcjjKdi-f4Cy1tOd5asvQpD27OKyLgi_0Y6HL2woZ4DVTdn4uBLoADCKZRDXuvjKHg-2p8g-oR4Ac-bBjApmD2rCZBTtj0a-TvCu2X9YoNnFmg7FlOYWG8jf7MPeTalfre7pj5AuS3DPFcP4jH8QCTCU192sXqe7HLxGFjjHssNGcvwlPlzpqsVfAa9CClYx9BnOYbnFEwHfWAXA8-8PnF07AK13VRMNrL-PrvPh32o5C7a9EKN5__7cW4QZ4J_3vTv2KRgg7-sGxum8X__VS6KQAlUNYQIW_C7fzKIYGrYmVYJfAayB45o7yTz2gIK9Y0jEbFvznMtR0aLXYq09ZD_DqVFpO9zmkuS4-IbqihyxbbS-oxxIYFV8wlp3SRwzyQs7-WiRF1-XyfSnzDZkQRAF2TpJwQ1FjGjkj16HiFNXNcnpWdoWiWYrqG1AILKaC40ZcjR8b5onCcMP5D6VW-Q3FHR8AllzR2L5zJCcQ9nG21imBLL7PmAEU5deRFvi3h8ShQSQSjbG2uPgcAZfa9kuclhrqCbdnSLGXboXn2KFN3rhVK2IU6v3JaE13hVKM1AZBHvW03Y8u8LEOBUNg2Ovfn3u8aGS0JqyafqyTB3Tq__FSTJkGUHmOyIUQ0XbsIJJlv51isanCFLbkG8M2Zgrmr9TS7-vfGhLwWH4pgRamWImv6fnq63dHQdBEQ8E_OLuy6sDfUFhJLkuiYsfFeS4ANdnjs4NiTK-TZF-4wKWSkBpV5-9vnE1QvVMkcwV_-i6nuEynMC7XEBUBOhapmdpHXPhno-pPyjTHAu_ptUpMvjJ489fwO_7Ltss-NhKn5gJRq3jJ3BYH8SvwtIeZeW5FvNuiAS6BjEhnC9q3IRfa8oMts_z5XcMnOtCOshKmalpG7PlJPz1qM2w9ckXsSfjy3NLMsg1tdFBpzaKLnw9HaSJ20OEZH3yYxpk8fQrN_XmRFHeHqUvYyat-LHi5kM4teRKEeX4bVQwpPaVPW6kbOSy3t_sFjhlUmUVdc8xegH_rnoUUrd5r8bwv63xEw9rRJMk0V0KjGYpuv4ob16xnlDvXzToTCKNQ6PYJqECeGv3FJccAjJ5j4ODRainrtgpDQBPxkPzv4dKSISQZSTCw0Rl1iqQhXwjF8JUCFA59DSFTBOZFbwKZT1k7diDGTCyFzhQGSEQl4RRYP9pa6Vf-14PC7_pjkaX69bHrEXN1S04oI1TekkGFEpzapoxzPihnJIMf3z8_mPuT1rg-6eAYgrmI3lVeQBnLvM4BhhEBcHsuXf8p2xKPPrxCoerZc0B3P98_jF0_-tBv6K47JzOGV6mGPGxtlQs3zm1MdaN-4VN2KaLO3cd-3162S8VdLD_eMV52Yvs8cLokLjpEVPxxihV_eL4Mvo7TDL3Cf29OTmSoX6Axla713--bT5tWeFvbErDDL8BNbYn8mb8h5IB-5AkKQ_6v8TfFsP2qbki6C6hnCXSMnMCXnlBcSBXZDv4HgmJ8GNK8PwiY1qHhLSodE3lDQypN54T0szrHrVoAfSgABsTn0hF6qqeUlig__PV-lFnIbqIxoPvUK1jNlw-GNyU9PYwmriHPGS1WX32Zg07SqUJn9QiLzqRDtNQlS97cPIayk45DFGPWybUWmtrCwBif2_9NVIgM1TZyD75bhJRPYUUQHr91b4QacCIkSzuye2m8e8A_Y3OavSRhDmLcl_0uOy5ERC_HeZO8a7T1Vcchslokmu4DXM-b1Ydnb35cH5fZULKv6WgEWDTTJyvL4soENM_wYI5FOq481CuJk81eg6CE4tUOLHexSR5SaPv2OUoC0yAS9Wd0chBvH1auaR9N6uAvP1Z55uDL76ev56hdBHrd9WWkR2IoEApgRDWKqbwP20bWTplaYjucglUoFvk-fEDFjALc8A7x9PUYmWSvsR6rJ1N9ht1bZMVYQ1maN0cyY-BJa8ww5hSRNWT5Sw6AIXsg7VEXIfb3jdz8BJAbcR0DNPWBBH-g2-5pOBQndCPp_yNUU8a3GYFd1XwIZvZFdH5BcInw1p6WDVHR8DNPTo_MmXyoagudeIU1Eyvmxuxn_t6jsH6IJvNnTyjYp3tXrq7BO7bFuKKFz5K-qYa5BZqdg&cid=CAQSMgDICaaNgCxyz_-sKeoiawQhA2EQodoW39wVHPdEe-exiB6H1yGZIo_uu7Ur9B5jc80TGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apkshub.com%2F&ds=l&xdt=1&iif=1&cor=6183851008184346000&adk=3663839231&idt=175&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75001b69e4648a1972a8a5229a89f077b79d05c0036153ae858846f797571f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37779
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACA5 0
20 B 65ms
64ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=364916390722&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACA5 0
20 B 65ms
64ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=364916390722&version=m202309260101&ct=76&x=38&cor=8853819634153017000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame ACA5 83 KB
37 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AE99hKoF6PrMAdqUPMoacUiEWuTJ_8IwXdEAt0twyQ8t7daVuuIZ01PuCNto-hOMRYkNEFAK9OIxKfxGiOPrmb2p3rTwU1Dfh5Pb5WcrGnMxolbqFZxlM9akXxboR-dESTemF7fsfz8c9MKIqLWwPMy8SfRranfrir_uohpSGGxFmpYEc&dbm_d=AKAmf-BAMM7p0V3I_aGtmW0reIz3eosQRJZQZlsXxzBeMBNJpNI-h4qCQfA3zybdgMJI7-SNbfBRmKWa5VEgILL49artkw6xZMUIU1JEOiHhNjrHx8BiLe34NG0Bn8iwb46BtOFKhaRrCHyPIGL_8jl-pha6fF00yAUmAiCr_UEtyr93nbZLg3T9cPnCTXfLyLItt-xkQx3PyOLclptAGeIp3LoGldm6XCQiE2C00jXTvMw3i4H8a0JYz-iUxXEx30ge7_2V5qKq74S0Z0wQ7to7bf3J8IRWwz6jUqXW-GciqrUKijwgqeSRdPmOQnBXS5pCGpLo_Y3xbLvo-Bd07IbG19cRw1OJurXGThQahT2W2VrrB4rejMhPuk33FrUz3mJtvt04BFZjfrC3HPzqJ29yXaG2fJXcUT6-KQVl1R2z1kOxUC6IG8zKs-E3842eETp2T0jeFF0KleWDDmgYM03MdQtlgA9ZF7b6IByXweD1dTKUTz-fTnTTbXeYP7r6hBW0tjSSEtFmnMeGDFacDL4aHqOsmKbvYH2LHPYydJT5MkYX5SxXe_QAOhbvp1so-fV76yVuMQspUXzho-1GYVCLPkJroHNwCwj3KQkDlK2flaewxoJGm_UNaVqHdWr-8qTTh_RMG5qijXrZ3yLl5tP77Hgi5SpbbMTomKGJyGfpTx9qBHMsfousZlmiUXWTAFwtWL7IGF20CTqeqoz78TBvW4UIbGe0q4YeK7a-_Rlu0K8PkB_jU8YoKRKmtwtHRq4-RjaMMXf15KDuhq9J8dkT-dzmJPks0mSOnNhMerJZyQ-H2xbrDx3KHS8DG40Ot-5HEnzdbMtS1wOi80je1Le2-xGVv-zAMUKnSY9L44prdvoF9i9kz43aMY-DkrPiT7KxBu785XK6qfSIPbcUm1Cu99suvhiTk4t-VZ8RZgd6mu89cBpP12wJFSEMafUXcY2ykeJHm5IjKcZAJRfBVQCyGnL4XcgDuOIk6ZO00cH2ROemOVD0AaAYITtMYTO-jDBj_Y81nHDCeOiqMmNV9rWNFq9s-vqjcNDv__cFlidip9iwaxfKFYrekXjOK996X_ApPwHEmMEIR3TTMjBNNndKy4ljdLLruymakDhr2HL0PyBlevwOudsb88JYcOyGQPsVUCw-wlbRz8B6XgUPsFOLISkAnpX9o1T5PwZMz5G9qj1iHbCFYQEpIbFPJ07HLnWmfMd4ottzijyZXDVk2Og0jLEHqAKmX6kZ0JDeygxHTBRGivvtQXv8N4LakoCr377mLvAElWYCGJHivbrqwdLEAEm7jCabxIWxuew2ukfCuT61_uFkSoi03yQoEEXNBqqhAyUwK9uHpbF0lrYFNQdaK73SCm4bS7HJp34E-8wvrynElrguDGKXE72rFgTnZ99k5bN4MnfdAbloVXAWiKDAAGUeVAtyYc8NV5K2BmBv1iYZYIM5qQrxwPgHUMeMg-ZggRzGVYsD0JaPtYZ4WkOeNwifcRjm72at5BAbyqtorwscX-rdhBX_DqWltE1MoIx9EfiHHIuDmtVVJY2hGLCz6QDEe79JBHOAoZqR4x57KMo_kFrGL-94YKzEcDumwCYMFmRreMRCqI4pnzuXqLlhRWo_laLnbM6hLhjxyK3_Bz79TTC5EJ9L5NIqlniMI4tCyi84oPvOI3D25bihJzOfMtPz0E5Ak-U4ih_mEmliogmkHtAJIyRHBigNTnwLfVCenSXPnEWOqov4VTW46Tnzhq0fsDWRsqSR8PgFgzaIu5eK9RQJuxNLW1SmFwJEHWfk6c8-5RXkB9-lOv7Z_3CdhstPzHpaY8Vjw6U1KRV0hV0MzutcVPV62c-liwii3od2gPYyT14g56he7o8xpRIFjOR8rsDXEgGqD25uWvwDaQu-8dhkyn9h8uDYYZSuDGo-zJZGnGNM2TULHdkmSgd7qbcbA-0piJ9FefanaCavxfsjnn2dn9v6zZTdNB5enRfOHjelfLDR-fldLLI6NJNiAvGX2fqWxLgKrK7-mzY_cSGBqLfe91tWsps4Y-u3rGIvXkl7K4mbktQmWDS9A4Nggrak_fCpEczii062M9y0160vpQEIgWaIxs9zqSMl-E9eAaNX3R_0ndPGrwi_w3ljzy5kwMw8VdExuCF93cSZM5SEQVI60_lQxDsJllPZMwxzt26FK0HE5uLCyuNtEWDhNxsKkX8-T2DzoJ4NPaYCqhipQqrT4Lhit3mEpP53ISJascO7vJYDmCZH4G-FIUFNWl76xXzEb37LpLdCQu0X-eH7xS5hyBr1u2YkG20EMW-L6YuysKa0mu4gkSLJFS0OYvZuuF7gMVrbCFwaoRoOclcuRpGfSkhMcmMn1rm0SM2jAh93T6mYcg091FAft1w8qmVGKXsqoh-GbwrTC4EruW9CJIyygF0SVWIGghVuafjlot_7RxCwOtZ0FKqqbGAzFLsGKpQvx4-umesqdJqwou5N1WQ1FYdcJouMvd1B0CIsOYwy7gcoUsGyPWV9UajOxAofSPjMrs0yRakVkta9304Es9Z5ma9nx3_yK6DCMW_wdekXeRI_ZknYc39V42xE9ta6V7GrwtsuWxILrR1MZnY6ZIpB0TD6uqyD5ENnD7eKY7toiaSGS_VQG-1kV7U8-O2r-D0kpmq8phCLSYBMrAF49_LJKGuUF9DFhpfpdgJAq0Dbwy8gm_QysrW4xqkwXNPwq2OHxBI19fZLS9m4vg5RFAujLekpmTgGZiqMRCALxF9APOh0Y-ZTjoOU5wrU3TTMAbOuSCQrVOKNErRVY5QSEC-dyiqnX4hkIGsmJ92cTc88JrZzaTDrEr5bvUoLz2L4SHm0U7i2AYag_U510mV3jCBn8jxnM3zPkDCttN6ErKt2ZJmYB7XwPnRB-XQBiVoCUyazrsbO_bsMwwWuGPPEoydeCSLQ-8Sa6VNZodOUT6RTkh_8wo-aW5BlOg9cHkiCg3WL0Jq2jYPeRifP32rN8oTxfeJjk_hDzkB9i76PZ7UkWbKrFh_iReKiynwS8zYdVmUQ4PfXlBpPbYP321FsDAKNyWdjSVrUUYP3hag4n3rHJPxXFGfU3Am_-ulFLJZMAHi7LroKugIKCbMl9X_egtdyxqvHnoJk6L5YmWZXZCAF8PwH0_2Dk_JtiacHX6aVL_yKnIyH1m353lqgKWjmNY41F38QwYZiDZ1wxmjLnnOO294cdh-CSjd0GS-XHgZaQYi1u1LHRbIe_6weaDwZCKltiS0cO5uwsciebwJrLGedxutYIw4_Em-kK91SINQBqYep33JY2Mv8xnYlUVhcoQulpJ6snU1lLqP-aM9Pta4TZAP1sYsfqvBb31WAMKBStw3_VWRd8jBFCKRZYpcKjPG_gPqGxGo_ZFULcI1b2ZWxySfMfR3Nr-0O5AvHBNQLRdx5saWUu5CGiQU9BvU8DKXL6d5Sq3XxItZ4QJED9AZ4-N7MOs15yWIfhnAoWYCG05xmyH5Lzn3nHpEPzQ9YXj4EsQ3XUX7gszpoCPWlyg6dwBkBKjXKGKcaYXVg7D0euPqJvQ&cid=CAQSMgDICaaNVaGYnSqXuJq1zqNd-Vc3ijiTbdckgaiiO3xSr8wlUXgd-qQK5IvXSVPOxQSGGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apkshub.com%2F&ds=l&xdt=1&iif=1&cor=8853819634153017000&adk=1861781142&idt=126&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc8411f8627a4b5cf2c9e7a5112aa1d3b5a99134e2209f445c2ecc9c11b70f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38264
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 543F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f15bbca24cc6948ed96b6637683d3341848bec109d3a80fcd1b2a2d3d214930

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7ED0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10e67d670cbd719ec58876892d9bbb4dc0838b98381a106ab45db12ef0d40efd

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 4CC0 7 B
775 B 31ms
30ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?khaos=LPOC3RIX-4-J7RK
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 15E5 31 KB
12 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A24Eb5YhOwxUOUvk-cgUaTrzSI0Du7ApOnjrk_SHeIN1kq4xh6mZwQ9hzhS74oEToKBGZ52VI6I2bRRAXZn6xl__EdhbvLSD9_RHJ65Pmn3lYGHGkgPP1bkPgccKGHefN9UWO3griMvLaAsuVkudNM3Xuj_BFVI6xzvgALf94fGehuQ5c&dbm_d=AKAmf-AuBqCAtNadvnRO3DK_RIKB1ulRlolrQ_DloSJpa_gH92VWglWtmwCf5HUY9LOrmkNxgAHAA1mMlj-vLq4oKoOYaCx3bxVnfgV13fS0m7EBdJESCPUr5tMmzODO3tPXkMKFBuAu5qS4j7HLOQ8VeWkCf88L9Xu65jTTaRaNvaLPj11fnEwqQRra9p1HhgcZetX1T5vhbCrHyeazrxGhHZ3-y2tpH2MyvToJvSpWrWgZZbF4VpGKdLac2nQkUMOGZ0xAecmEYR9KpOtUa_WzgI0N2jc5TxyqrG7aqzvHg4qh7ebtTdPb-BdlEzrgKw6M6HfvNl3xEX_ofMFNK6DdH2D7u1jowhMxUM9w_wqZMM-Szk4cX_qAeel3U1aqL8LrgXj5m6VtsIBIpsZkfTC0yt0ZCwYS4ImyhvuZJVwU0fPYIDW9w9bzMWEaDAhplxdssHldF42jrAr-s-nrhWNfOor5QbyC0ydhXqXUyV5hITzBoOLPenj9S6YFZaP4JtkKxhK2yZ5NBYV5oWMiPtMa6VjU8KZIv9FlDsseusoXUmJ4gEBqw-hFn4lr_DiKDkT-arlwERBUhUZxi1RHcZh4_dZzye8Hb0N98vas2jkofBaPlc6QWbKzJcHMq0WA9l1RIWGi1R61-q55MH_N092Hz5o8wIJVz7LL8lzEvJsJiSyvbO6QWgglpBLWt2DsbbhnrutVscnH3y2kDdA4St7ZjkBi3MJ7eQt9jydy8Vnc4OH0rPDEQVETH4kVOM8T19qNbQCr7RLjH33zXIcs84GS6m2Dg45WlLODtqCzUBfYjdM2BgDsoGtxL48BX8WjNU-KrsFcMP2YNArKvG4LqrRtJjRC015SUEMk3MaHzz-EbmxUFiUUbgbhrRdShPSsE-cyoPMr1gHzWfbCNbd5S-rNdGvR-EuDEOWakpDPpNQZbLvHm3IsJHHST1tR53UR10bjIOZ8FTG04daREdKRyuJ7UwUCNif8zWH8o9cKC7GFP1diQPma7MpITUgJZIxuJW-3yTp5PYCmb7nJJiubS2djuakOtIR-MOMjjPM2eAJWpNm8JNQBWqrzh7zKlkDkZML_dcEsN3uMaeusH3FY4wD8VFdHUncrJt_INt66NZvHfsPJHtdm-_tGcn3WBi2cF4EK5tytlhbC5V_Z5TMscjuHOyXr2Ku8y65e9r-iVVOn-iBH3zt53IzxJYBoVnDWn7pP8cC6uGRitmLngJ28D5DURgq9YxD1jKeISR-QPUfK0FLMHkP5xkS068apcBFuPaYFZFOTpKa_pbcOGzvzLYMvFWjAxtVe8oh_WqxHLO93dxQY5A8u_CZY1djDs9WDyMuoF6VmH2DJX30ANy1nYJNs6rD6fKjUaVhsmXMWnH9nVzcs03GsWPKiaB7W0mxJDjRSDtBO-BG4nPxWNAF9UZmP8S1PZqM6kJQL3vr2wsWuqk_xQGYB4iWFvOXm2FoWcxBEvjr__NA5Lipflj3Lzz3ep6xkphphcvlgpib-3axSPYDaXktDoamS4kPjOE7GzZDzac7YYg-ONhpEE_jNWbmrY6ZBfj8ZjlzG7mLVz9_l9bTWJkxyP-I6tm0ovl1oGZTdLnx0ELXKLLCIYYeoY2lhfiN2cVirBbQE66x1VNiwfDi4qtTm0ZDlf_rbJ8MtnSsL_vHLZea8NrT5wsMlzdE9cJEVzrn9loMNc8rZikV7wldZLLFhRtVZ0vn6Id_9gHvGfAc0rHINQEOOacGQShtqPbXsNPQkKhShNbu3v6faAQ4tFI54BJ0Qa6KCURKajmstQjqFlkqqeLImnR4WicwieScAn1v0yzpIG2v5xh1BPc5G1KBhG3JorefgrHEplwG7Un2TQjjN2HxGk3bzaHxee2-YLRTvN8Cs-wXD3VZHalPRFRjD7ZC0VaWKmjMO8HCS9y7jfuHluRPZS-iWaPzE4JGx-9_V0y3p1mdFFQJPmpZmUKmnUxfalMnn5gp4pYhyRhxyg-4JTUO5J_RprwcweXdj4lSV6okjkhAHiAuKvOWoPMX001Gs2PnVqRSz2P0F79rDBrsEczkKEauNVwVPCkwodIycP0VtMZZISwWIXvjxbEOgoplv0_9pRD-FQxbt95XCMThqmtzo7s2amhFVSBF5yJBvIGOe-Xa5FEve9zrBAo-sB70-XoeyK2MqRc2mRCFu0-OFmLXRgUF4XKd2NkZ0ZHOCkmgCxwq2BxgRdvxq6bx9pKmpxbaGPeCqBY4uQeZusHr9gRYgQo9n2m1PLRVlPb_HfCU5pioM-zC_uZPnPNsGu2FkCJ3Nf9Kxh7gypMfHZHumPc5cJrU1qEgWI6EjvRrX7wK2eWjY5tXECTHDybJS-9W7p4KXx0dkPAckipWVo3gfdMdii3z09kPH_dWAlY69i2VlwE4Nbh7uQxplg4cksdgxPU_RwR6wKXQ4o6zgYD3vFTUco3ZW-sFmaZQ_hGczwqwF7kuti47puoyiS09lcPBdTNwydjrTJAupvFviQkfd9n8VRP89yM142Ll0jch9nG4z4UZv7ZwhM4iN05oLnEr-TLgycbKdNzl40hFB3qB5uhFBPE5E2MyEcSfRBlJgyrrpO8E-MHVzApIMJX4rQVHktOY3ZRJ5W65CK0961_KmPOXPoMjFdvQhJg-tHnGs9GGfCOwjZzjOtOocYcrOyCocg5xBaylfLRo841acr4pSzkwQlKcEIxQi7LkekR94L9ujOm7rPPVZe6jdqvDwqwAY3cYXQDEa3iFvfpAnxkKKvqI6fdnk8g7ALbf2rOAAFoR_7InfovXBGweXSNtA-1VKny6Mlzt0Z14HnqdhJfq8vuWt_IHnTS4YttuGoAsJCLWGoNuKlqP9IaXIFANVdjzlQUwYxp8o4ayShSZb20DsoQaigflnj428YcEGjfncX9km8JJrKnWmy4pVmt3F_ZpRie7pZGXLidCAVnM289jqyl17lwcqakx1gF4VgfWmprn-fW_J2hdy1AgtfcVs3QltTfpzKy3ndAQXM6WRUNBNMImFTfVUdJRPDA-QkqSuH6QXD48L62KdCWt4-K3l5jWzJkNMej1teGrvMrFdC7NikmIROb3Yi4h1x09zgIJNv3hAFykhu7KLCNBGQA3t7RcZqZA0_mFmUSKdf17LHI7EKUN7FbXhA-hOHXSjmILVtQE_MaazGE5BKu66jUj7wzUCyIdpDjJkBCdYN5zHPyjueFrXrheDCYNLlRNv2RZv3LoIT5Pm1V2aniqLsRK0CAVYN_XCroalOwEnxUU-cd8sRyjaksKcQ8XJhjGDMwzBZ27EZaXYQpfCYeqqV_33uF5fXFGHxP5VnQx9gJ0yXHpX3eqCjGtElrShgvCJOXwt3FF5VHclirico7hO80aI9WKH4s5OasH4D9K6RmRLmvOgpbbVOBVL_lVF9yUSu_YphkJd3MY92M_Zv7rwb15tERZsNSaFlhH3-Y1vYm_vNjD_duSeHhvcrgdwIFg4BT3c6dGJoqcYNWF47XjAgIW_FuKx9BRAcNYxKwCy_wGbCXuM&cid=CAQSMgDICaaNOGra8ZPcqyyujXVuGCyJAvOJ1gKEI9GsnwpPFz40HYc5VOa9swrhrM4wTNgnGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apkshub.com%2F&ds=l&xdt=1&iif=1&cor=2089081526269520000&adk=429927377&idt=205&cac=0&dtd=102

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:51:49 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 15E5 202 KB
64 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 15E5 11 KB
4 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:58:01 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 15E5 0
0 138ms
67ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLfAIZRXE36ujH79IWMz3s1cqEioJFF-mF-NqJa-JAp_DnY7MTKGfxrEDW9bxsRpCj1Jypz5NJ6yxgBLCQkmHThcxkMbN1hznI9pTxNriPJM8jilDpXrN4-kEGoHYeoFuBOLID7OzpnRCGnIL2EwabEg7FKo1VRk9JWPwBXg&sai=AMfl-YQuvHGRkyjcVaKy13c6lcb_3KX2Z0WJm6B6re9W6ly_KUkHNWyJdBJ_8nlJC_ilKddHdIqb8cJ70W03CIdBCA-szWpxoM-40uriL_0dKGLSIyipp2bEwuiFijK_3EYH2NJA&sig=Cg0ArKJSzLsiX9acjUtXEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.04448&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 15E5 41 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 5978172290354122024
s0.2mdn.net/simgad/ Frame 15E5 83 KB
84 KB 101ms
30ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5978172290354122024

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b270d77147c3258d3aed6f17bfa040b6bf0430f8c1e60ad2058fd6099caaa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 06:15:49 GMT
x-content-type-options: nosniff
age: 127175
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84994
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 12:17:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 06:15:49 GMT

GET
H/1.1 200
OK EBYXd_UiIbnwVRNmRLEsE28fTOEZkSTFa5KdoXuBqRvh8D_Jj1_cqBOQjRxbExem72MfYCSPd-FixVk7Xe1tJkGifxj0NlJak9EXwDnVYokhlFPDP2UEdDNohbnQK7XIbPB_8_6GyxxG2FFWS19VLB4KoUqPAXfBEApLM3wS2WORFj4_jiGUqMdJD-4zVWtvD5fxy...
pdc.bidswitch.net/mimp/ Frame 15E5 43 B
220 B 1260ms
31ms Image
image/gif 18.153.147.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdc.bidswitch.net/mimp/EBYXd_UiIbnwVRNmRLEsE28fTOEZkSTFa5KdoXuBqRvh8D_Jj1_cqBOQjRxbExem72MfYCSPd-FixVk7Xe1tJkGifxj0NlJak9EXwDnVYokhlFPDP2UEdDNohbnQK7XIbPB_8_6GyxxG2FFWS19VLB4KoUqPAXfBEApLM3wS2WORFj4_jiGUqMdJD-4zVWtvD5fxy__j_FTppoXyednY409yeQjBFZcAbFBXZmsh3LxqIG89Ox383rHQE0_LkDyzm_EwMqzp6BNp8WIstsuHIE8wUN9pRXllNWDeVjR_B8HvXgxhW8YzLVwmf_D6_0NQfsnH6xVaaVPsUtLJYo6NacaUgpF0d7yaAoWly35dwUJb1K3H7tnyVD9fQSXE-fhqepRpJDJRCuoqr1zTel3Q99xRMx_aiSIL-XyTECvjRzbMpKDQXu9TYkFUHyggnjba8klPlUc-kvA2VWIaOdTfKBzcMPsVo3EoY4Q
Requested by: Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.147.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-147-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 204
No Content 73c1e1bfc3bde354d60b80e601ae3914.gif
cs.admanmedia.com/ Frame 57DA 0
176 B 5886ms
939ms Image
text/plain 80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Connection: keep-alive

GET
H2

200

/
onetag-sys.com/match/ Frame 57DA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=a6e1656b-6adc-4600-9c10-55aaabba5f12&gdpr=0&gdpr_consent=

0
340 B

30ms
29ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=a6e1656b-6adc-4600-9c10-55aaabba5f12&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Sat, 02 Dec 2023 17:35:24 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x9 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=a6e1656b-6adc-4600-9c10-55aaabba5f12&gdpr=0&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 02 Dec 2023 17:35:23 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 57DA
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LPOC3RIX-4-J7RK&gdpr=0

0
340 B

35ms
30ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LPOC3RIX-4-J7RK&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LPOC3RIX-4-J7RK&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 579d6dd278f76ae39d067788043e4297
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 57DA
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=84f5155833b72adc0b840d57bc3cc8d&gdpr_consent=&gdpr=0

0
340 B

33ms
30ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=84f5155833b72adc0b840d57bc3cc8d&gdpr_consent=&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:24 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=84f5155833b72adc0b840d57bc3cc8d&gdpr_consent=&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1701538524913017-566

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 57DA 42 B
840 B 35ms
30ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=Tx0ADkrITnFBu9UNNJmJf4xYkAQixkBaofFW09ylYGU
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 57DA
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZbwEjcUtHM_MQKHpwQhuJEwYvdkS33g

170 B
188 B

64ms
63ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZbwEjcUtHM_MQKHpwQhuJEwYvdkS33g

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZbwEjcUtHM_MQKHpwQhuJEwYvdkS33g
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 57DA
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=3589463590391086894

0
340 B

30ms
29ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=3589463590391086894

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=3589463590391086894
date: Sat, 02 Dec 2023 17:35:24 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 57DA 0
0 42ms
37ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 57DA
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Ot5T0Q2hRNAJT2WeZAcE-63L0ivngP9bVJ7MMzOPz6U

43 B
479 B

124ms
121ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Ot5T0Q2hRNAJT2WeZAcE-63L0ivngP9bVJ7MMzOPz6U

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5E9DSPEMJFKXY2WJEK3Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Ot5T0Q2hRNAJT2WeZAcE-63L0ivngP9bVJ7MMzOPz6U
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame 57DA
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

0
340 B

31ms
29ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
date: Sat, 02 Dec 2023 17:35:23 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame 57DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAn6iFtsf6DnRBmq98MstFs&google_cver=1

0
340 B

29ms
29ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAn6iFtsf6DnRBmq98MstFs&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAn6iFtsf6DnRBmq98MstFs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 57DA
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=92&uid=y-KuInPo5E2uH5FkXlU86gwtKb8.kaWe.RTNUNfmc-~A

0
340 B

33ms
29ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-KuInPo5E2uH5FkXlU86gwtKb8.kaWe.RTNUNfmc-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-KuInPo5E2uH5FkXlU86gwtKb8.kaWe.RTNUNfmc-~A
date: Sat, 02 Dec 2023 17:35:24 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 57DA 70 B
148 B 53ms
49ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
onetag-sys.com/match/ Frame 57DA
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Donetag%26expires%3D30%26us...
https://x.bidswitch.net/sync?dsp_id=429&user_id=e5535dcc-f3db-5250-8c3c-4e97e957244b&ssp=onetag&expires=30&user_group=1&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=30&uid=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&us_privacy=

0
340 B

32ms
30ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&us_privacy=
date: Sat, 02 Dec 2023 17:35:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 200 setuid
u.4dex.io/ Frame 57DA 0
15 B 41ms
39ms Image
text/plain 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=onetag&uid=Tx0ADkrITnFBu9UNNJmJf4xYkAQixkBaofFW09ylYGU&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 4CC0
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LPOC3RIX-4-J7RK
https://usersync.gumgum.com/usersync?b=mag&i=LPOC3RIX-4-J7RK

35 B
250 B

65ms
51ms

Image
image/gif

52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=mag&i=LPOC3RIX-4-J7RK
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D21648002e00e80a7%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:25 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://usersync.gumgum.com/usersync?b=mag&i=LPOC3RIX-4-J7RK
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3 200 container.html Show response
f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A8C0 6 KB
3 KB 53ms
51ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:35:23 GMT
expires: Sun, 01 Dec 2024 17:35:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 62B8 38 KB
13 KB 28ms
28ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 569804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15E5 0
20 B 68ms
67ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=44&d=1&s=1&f=0.01&bgai=B1ij23GprZYLcMvHOjuwPqKi50AQAAAAAOAHgBAI

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5978172290354122024
s0.2mdn.net/simgad/ Frame BC07 83 KB
83 KB 87ms
87ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5978172290354122024

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUzz0N-NNGhniF4FGSgGmceOkas8hGSwfY_E3_LAEJTWFHpbQx_3oUekpssNllCha6dpp2balFexxMl8QVqIoPEox3yylJuL4hlvC5kSJnSzUI5q6LajE-uPeeED8syPSKfIQ8vag9epu_k8jEbP7IX1tk0_MqFCrsDjrlFjKmefVWlPo&dbm_d=AKAmf-BCeOlFW5DmD4IYm3DPcYqRs79ZE6XkvX_mXu906WVcK3oYDPlJUOliey0L8pJptZYRX285LY4L-FGbgYCrIotdj5-ZWyIE3BpSmVgDxHrEsmX95PyP7tE-pGXExk5j-Kh0Te6BfqsFCE36ocKRVgs0ok5Vtk5wCfdth8zBb-beoVXGHMDs481S5I5zQKmzRH4cJnTFyFTEa9CvLvbHV5J4PFZEdRCGsm7NP4g49H-tOaGWRbqmP9tUbcDJpgHYM4tGpkmp1QbEjO5oES33BEzhcq-XaHBHbsAFMvHGKADwa0v2oDkC5k49uzH6581wEX5ZXmmk8kq3K8-OH4z8BtO-wxeYvRiXfR_hlpSbz4kEUlhOxFDVPb7G_17D03wgqRlurQRHmP33CyjI2wNFYpDiZFTGYzMY0mOqqIEl5ZqfSlGU4PjrabP2L-gNtUPVO8PdYGtdB52BuGfZJsixOkI1Kch-5a4w5mJza5MfluWH9RXthseyTVlIBnAvoL5WRHZP-HRgc1b4HfLdAL8yxuOwqTlzbPqaSzeLnIxUgQarqyMZaZFi7sP6zX2HWx_TlyQxLov0ejLHPL-ta5c3wxSxlBaeCVy3hzljp4y9F5VlY224eAzgjdd82IStNMVIy2oki_whFrhqQabangSh-4Wl-ie7eh4YSyZoqzx0N9KRCJcScXMUv4AfHYRC0skTVu__aXd6vCWX6ph4gNdcDd_katXlcXQRVfkJ4VXb22f-E1SueI6BEIO-ferETMHrHSjUVNqiipZ7CgsuEl9ebwHyavcazOoIYiLq082BXbSfo0OaSaQ99qNf5p_uuXGf1mHYGC_0WGJinwZzvCJ2eW6Kkr3PRaqpphOWwzI3Qfyctz5kX6106bzz5o3BaWGEkP2RYkk58KSveVe_YUDC97WyF3x5cZGrIC92lAqtfYIQNCTuz1XKSSlDrhNCqVmlubghrU4cjceqNeq1Gx3izkPxJksMoeC06xnZgnmcnmrNWbCf_IC8Uo10JhZvGudTf4wWFt-u3GbFmVKw5RtX4iq-OH70xoFD_maw7pbGOxzV37rxU1J5-rZHBD1EU1zpV2yB0K9ObQZzE489WvfQYx1o80elyvtVzHHyX9rJ7eKiF_lV23Omkm9VwtQnLRXdMUy60Tzez7iRnre5jV8x3dUY5_BzWBJzuiIEYWLGqGdjTCjQoK4Hex__WCArY8PsQnzFnLhhaJ-8B81IsW6_fjU_2K6t1yU-vJ1c8-6J_A1Y2vwRp3hnL8EYp_5bXnqwZk9_qoVTCUHpLmJjUGE7bUg5M3CpKUkZMpXYpP4Q1Z-e_oyK4jpxG_jsCrsg0MVO_ye1ekDMeZGXV6XODohV_9mIj8-oi-HzswSmHepbiQTIGx3eBrtwG1uqGMKbAkwHPsQOag25RIZLjKx_3ARbxcjjKdi-f4Cy1tOd5asvQpD27OKyLgi_0Y6HL2woZ4DVTdn4uBLoADCKZRDXuvjKHg-2p8g-oR4Ac-bBjApmD2rCZBTtj0a-TvCu2X9YoNnFmg7FlOYWG8jf7MPeTalfre7pj5AuS3DPFcP4jH8QCTCU192sXqe7HLxGFjjHssNGcvwlPlzpqsVfAa9CClYx9BnOYbnFEwHfWAXA8-8PnF07AK13VRMNrL-PrvPh32o5C7a9EKN5__7cW4QZ4J_3vTv2KRgg7-sGxum8X__VS6KQAlUNYQIW_C7fzKIYGrYmVYJfAayB45o7yTz2gIK9Y0jEbFvznMtR0aLXYq09ZD_DqVFpO9zmkuS4-IbqihyxbbS-oxxIYFV8wlp3SRwzyQs7-WiRF1-XyfSnzDZkQRAF2TpJwQ1FjGjkj16HiFNXNcnpWdoWiWYrqG1AILKaC40ZcjR8b5onCcMP5D6VW-Q3FHR8AllzR2L5zJCcQ9nG21imBLL7PmAEU5deRFvi3h8ShQSQSjbG2uPgcAZfa9kuclhrqCbdnSLGXboXn2KFN3rhVK2IU6v3JaE13hVKM1AZBHvW03Y8u8LEOBUNg2Ovfn3u8aGS0JqyafqyTB3Tq__FSTJkGUHmOyIUQ0XbsIJJlv51isanCFLbkG8M2Zgrmr9TS7-vfGhLwWH4pgRamWImv6fnq63dHQdBEQ8E_OLuy6sDfUFhJLkuiYsfFeS4ANdnjs4NiTK-TZF-4wKWSkBpV5-9vnE1QvVMkcwV_-i6nuEynMC7XEBUBOhapmdpHXPhno-pPyjTHAu_ptUpMvjJ489fwO_7Ltss-NhKn5gJRq3jJ3BYH8SvwtIeZeW5FvNuiAS6BjEhnC9q3IRfa8oMts_z5XcMnOtCOshKmalpG7PlJPz1qM2w9ckXsSfjy3NLMsg1tdFBpzaKLnw9HaSJ20OEZH3yYxpk8fQrN_XmRFHeHqUvYyat-LHi5kM4teRKEeX4bVQwpPaVPW6kbOSy3t_sFjhlUmUVdc8xegH_rnoUUrd5r8bwv63xEw9rRJMk0V0KjGYpuv4ob16xnlDvXzToTCKNQ6PYJqECeGv3FJccAjJ5j4ODRainrtgpDQBPxkPzv4dKSISQZSTCw0Rl1iqQhXwjF8JUCFA59DSFTBOZFbwKZT1k7diDGTCyFzhQGSEQl4RRYP9pa6Vf-14PC7_pjkaX69bHrEXN1S04oI1TekkGFEpzapoxzPihnJIMf3z8_mPuT1rg-6eAYgrmI3lVeQBnLvM4BhhEBcHsuXf8p2xKPPrxCoerZc0B3P98_jF0_-tBv6K47JzOGV6mGPGxtlQs3zm1MdaN-4VN2KaLO3cd-3162S8VdLD_eMV52Yvs8cLokLjpEVPxxihV_eL4Mvo7TDL3Cf29OTmSoX6Axla713--bT5tWeFvbErDDL8BNbYn8mb8h5IB-5AkKQ_6v8TfFsP2qbki6C6hnCXSMnMCXnlBcSBXZDv4HgmJ8GNK8PwiY1qHhLSodE3lDQypN54T0szrHrVoAfSgABsTn0hF6qqeUlig__PV-lFnIbqIxoPvUK1jNlw-GNyU9PYwmriHPGS1WX32Zg07SqUJn9QiLzqRDtNQlS97cPIayk45DFGPWybUWmtrCwBif2_9NVIgM1TZyD75bhJRPYUUQHr91b4QacCIkSzuye2m8e8A_Y3OavSRhDmLcl_0uOy5ERC_HeZO8a7T1Vcchslokmu4DXM-b1Ydnb35cH5fZULKv6WgEWDTTJyvL4soENM_wYI5FOq481CuJk81eg6CE4tUOLHexSR5SaPv2OUoC0yAS9Wd0chBvH1auaR9N6uAvP1Z55uDL76ev56hdBHrd9WWkR2IoEApgRDWKqbwP20bWTplaYjucglUoFvk-fEDFjALc8A7x9PUYmWSvsR6rJ1N9ht1bZMVYQ1maN0cyY-BJa8ww5hSRNWT5Sw6AIXsg7VEXIfb3jdz8BJAbcR0DNPWBBH-g2-5pOBQndCPp_yNUU8a3GYFd1XwIZvZFdH5BcInw1p6WDVHR8DNPTo_MmXyoagudeIU1Eyvmxuxn_t6jsH6IJvNnTyjYp3tXrq7BO7bFuKKFz5K-qYa5BZqdg&cid=CAQSMgDICaaNgCxyz_-sKeoiawQhA2EQodoW39wVHPdEe-exiB6H1yGZIo_uu7Ur9B5jc80TGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apkshub.com%2F&ds=l&xdt=1&iif=1&cor=6183851008184346000&adk=3663839231&idt=175&cac=0&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b270d77147c3258d3aed6f17bfa040b6bf0430f8c1e60ad2058fd6099caaa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 06:15:49 GMT
x-content-type-options: nosniff
age: 127175
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84994
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 12:17:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 06:15:49 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame BC07 31 KB
12 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67415
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:51:49 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC07 202 KB
64 KB 133ms
133ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:25 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame BC07 11 KB
4 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:58:01 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BC07 0
0 67ms
67ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzIsK9jwYQ8M_Jmh63P-jYRkPG13o9U1HJAKPNH4uawWaumiaEhWNenR9MuGsf_n5LOYfl5cllml6-QD1GeDA9GEFG_0PjnNOH2nRaEqL-dFNN4aJgX4s7C9kAKfZuM2aT6yTdlvS5fbDHD5XnXDL8fKKb8X1-pmV4G2Kv7Q&sai=AMfl-YRcUZ6OYekPoJ8S6UXt_vSsVhUDYbu3RNWhxj6n5sWMxx2Hbg0nX3pvN43PO5-e4Z7DBSXQUmXIefMJcrkSQX0VHCgkSqd-zSX73o_sVFUDPGn-bi0OBoaeRRTqmBMDshwH&sig=Cg0ArKJSzHEDUdDfpY7fEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20231129.17264&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame BC07 41 KB
14 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H/1.1 200
OK W3xIVQEoXPwmdqjDRhyCUf5FZUN5UIWGzmLchQHKfMxKvI1qyGXE-Lh1IrwYcfvkKB082Ix57dYv907s72EKZpQKAWgLL9XFgB8TaGB1RqqB8QNjGJDvG36sTzGc6QHOTpJCOj3gMhPhK7gVOaDoAfoVYONTbj4XpjZC4Gt4NkO1hnAE9PKdfXBcHSNan0KWjRTmk...
pdc.bidswitch.net/mimp/ Frame BC07 43 B
220 B 1182ms
30ms Image
image/gif 18.153.147.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdc.bidswitch.net/mimp/W3xIVQEoXPwmdqjDRhyCUf5FZUN5UIWGzmLchQHKfMxKvI1qyGXE-Lh1IrwYcfvkKB082Ix57dYv907s72EKZpQKAWgLL9XFgB8TaGB1RqqB8QNjGJDvG36sTzGc6QHOTpJCOj3gMhPhK7gVOaDoAfoVYONTbj4XpjZC4Gt4NkO1hnAE9PKdfXBcHSNan0KWjRTmktksKIgGSyWDKWU_cep_U5YzUWsfeAjfEuMxPbp0wXg-MBdvZZQSgEgXc6SXkL63RxUTywqm1kO0KRAgDzNKr4VI8YDI8LfsgnHDQtZDL6LzfDtiOdgZ0xeUhWoQlETr9t219jLM4ryuEnH1UcBeqZ8IlfziXbpMZh98iYju2g-wYtbvd7dMAaum9BF5evxbB3c50iaZSODECwD0RW9q5BYUHsKeyKUvPYVuiKTR7xr3GHSlqdVPhJ5VzADh6nMMMegmMQwgCKRSkVWropB6HWgs0t1_zFM
Requested by: Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.147.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-147-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 5978172290354122024
s0.2mdn.net/simgad/ Frame ACA5 83 KB
83 KB 106ms
106ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5978172290354122024

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AE99hKoF6PrMAdqUPMoacUiEWuTJ_8IwXdEAt0twyQ8t7daVuuIZ01PuCNto-hOMRYkNEFAK9OIxKfxGiOPrmb2p3rTwU1Dfh5Pb5WcrGnMxolbqFZxlM9akXxboR-dESTemF7fsfz8c9MKIqLWwPMy8SfRranfrir_uohpSGGxFmpYEc&dbm_d=AKAmf-BAMM7p0V3I_aGtmW0reIz3eosQRJZQZlsXxzBeMBNJpNI-h4qCQfA3zybdgMJI7-SNbfBRmKWa5VEgILL49artkw6xZMUIU1JEOiHhNjrHx8BiLe34NG0Bn8iwb46BtOFKhaRrCHyPIGL_8jl-pha6fF00yAUmAiCr_UEtyr93nbZLg3T9cPnCTXfLyLItt-xkQx3PyOLclptAGeIp3LoGldm6XCQiE2C00jXTvMw3i4H8a0JYz-iUxXEx30ge7_2V5qKq74S0Z0wQ7to7bf3J8IRWwz6jUqXW-GciqrUKijwgqeSRdPmOQnBXS5pCGpLo_Y3xbLvo-Bd07IbG19cRw1OJurXGThQahT2W2VrrB4rejMhPuk33FrUz3mJtvt04BFZjfrC3HPzqJ29yXaG2fJXcUT6-KQVl1R2z1kOxUC6IG8zKs-E3842eETp2T0jeFF0KleWDDmgYM03MdQtlgA9ZF7b6IByXweD1dTKUTz-fTnTTbXeYP7r6hBW0tjSSEtFmnMeGDFacDL4aHqOsmKbvYH2LHPYydJT5MkYX5SxXe_QAOhbvp1so-fV76yVuMQspUXzho-1GYVCLPkJroHNwCwj3KQkDlK2flaewxoJGm_UNaVqHdWr-8qTTh_RMG5qijXrZ3yLl5tP77Hgi5SpbbMTomKGJyGfpTx9qBHMsfousZlmiUXWTAFwtWL7IGF20CTqeqoz78TBvW4UIbGe0q4YeK7a-_Rlu0K8PkB_jU8YoKRKmtwtHRq4-RjaMMXf15KDuhq9J8dkT-dzmJPks0mSOnNhMerJZyQ-H2xbrDx3KHS8DG40Ot-5HEnzdbMtS1wOi80je1Le2-xGVv-zAMUKnSY9L44prdvoF9i9kz43aMY-DkrPiT7KxBu785XK6qfSIPbcUm1Cu99suvhiTk4t-VZ8RZgd6mu89cBpP12wJFSEMafUXcY2ykeJHm5IjKcZAJRfBVQCyGnL4XcgDuOIk6ZO00cH2ROemOVD0AaAYITtMYTO-jDBj_Y81nHDCeOiqMmNV9rWNFq9s-vqjcNDv__cFlidip9iwaxfKFYrekXjOK996X_ApPwHEmMEIR3TTMjBNNndKy4ljdLLruymakDhr2HL0PyBlevwOudsb88JYcOyGQPsVUCw-wlbRz8B6XgUPsFOLISkAnpX9o1T5PwZMz5G9qj1iHbCFYQEpIbFPJ07HLnWmfMd4ottzijyZXDVk2Og0jLEHqAKmX6kZ0JDeygxHTBRGivvtQXv8N4LakoCr377mLvAElWYCGJHivbrqwdLEAEm7jCabxIWxuew2ukfCuT61_uFkSoi03yQoEEXNBqqhAyUwK9uHpbF0lrYFNQdaK73SCm4bS7HJp34E-8wvrynElrguDGKXE72rFgTnZ99k5bN4MnfdAbloVXAWiKDAAGUeVAtyYc8NV5K2BmBv1iYZYIM5qQrxwPgHUMeMg-ZggRzGVYsD0JaPtYZ4WkOeNwifcRjm72at5BAbyqtorwscX-rdhBX_DqWltE1MoIx9EfiHHIuDmtVVJY2hGLCz6QDEe79JBHOAoZqR4x57KMo_kFrGL-94YKzEcDumwCYMFmRreMRCqI4pnzuXqLlhRWo_laLnbM6hLhjxyK3_Bz79TTC5EJ9L5NIqlniMI4tCyi84oPvOI3D25bihJzOfMtPz0E5Ak-U4ih_mEmliogmkHtAJIyRHBigNTnwLfVCenSXPnEWOqov4VTW46Tnzhq0fsDWRsqSR8PgFgzaIu5eK9RQJuxNLW1SmFwJEHWfk6c8-5RXkB9-lOv7Z_3CdhstPzHpaY8Vjw6U1KRV0hV0MzutcVPV62c-liwii3od2gPYyT14g56he7o8xpRIFjOR8rsDXEgGqD25uWvwDaQu-8dhkyn9h8uDYYZSuDGo-zJZGnGNM2TULHdkmSgd7qbcbA-0piJ9FefanaCavxfsjnn2dn9v6zZTdNB5enRfOHjelfLDR-fldLLI6NJNiAvGX2fqWxLgKrK7-mzY_cSGBqLfe91tWsps4Y-u3rGIvXkl7K4mbktQmWDS9A4Nggrak_fCpEczii062M9y0160vpQEIgWaIxs9zqSMl-E9eAaNX3R_0ndPGrwi_w3ljzy5kwMw8VdExuCF93cSZM5SEQVI60_lQxDsJllPZMwxzt26FK0HE5uLCyuNtEWDhNxsKkX8-T2DzoJ4NPaYCqhipQqrT4Lhit3mEpP53ISJascO7vJYDmCZH4G-FIUFNWl76xXzEb37LpLdCQu0X-eH7xS5hyBr1u2YkG20EMW-L6YuysKa0mu4gkSLJFS0OYvZuuF7gMVrbCFwaoRoOclcuRpGfSkhMcmMn1rm0SM2jAh93T6mYcg091FAft1w8qmVGKXsqoh-GbwrTC4EruW9CJIyygF0SVWIGghVuafjlot_7RxCwOtZ0FKqqbGAzFLsGKpQvx4-umesqdJqwou5N1WQ1FYdcJouMvd1B0CIsOYwy7gcoUsGyPWV9UajOxAofSPjMrs0yRakVkta9304Es9Z5ma9nx3_yK6DCMW_wdekXeRI_ZknYc39V42xE9ta6V7GrwtsuWxILrR1MZnY6ZIpB0TD6uqyD5ENnD7eKY7toiaSGS_VQG-1kV7U8-O2r-D0kpmq8phCLSYBMrAF49_LJKGuUF9DFhpfpdgJAq0Dbwy8gm_QysrW4xqkwXNPwq2OHxBI19fZLS9m4vg5RFAujLekpmTgGZiqMRCALxF9APOh0Y-ZTjoOU5wrU3TTMAbOuSCQrVOKNErRVY5QSEC-dyiqnX4hkIGsmJ92cTc88JrZzaTDrEr5bvUoLz2L4SHm0U7i2AYag_U510mV3jCBn8jxnM3zPkDCttN6ErKt2ZJmYB7XwPnRB-XQBiVoCUyazrsbO_bsMwwWuGPPEoydeCSLQ-8Sa6VNZodOUT6RTkh_8wo-aW5BlOg9cHkiCg3WL0Jq2jYPeRifP32rN8oTxfeJjk_hDzkB9i76PZ7UkWbKrFh_iReKiynwS8zYdVmUQ4PfXlBpPbYP321FsDAKNyWdjSVrUUYP3hag4n3rHJPxXFGfU3Am_-ulFLJZMAHi7LroKugIKCbMl9X_egtdyxqvHnoJk6L5YmWZXZCAF8PwH0_2Dk_JtiacHX6aVL_yKnIyH1m353lqgKWjmNY41F38QwYZiDZ1wxmjLnnOO294cdh-CSjd0GS-XHgZaQYi1u1LHRbIe_6weaDwZCKltiS0cO5uwsciebwJrLGedxutYIw4_Em-kK91SINQBqYep33JY2Mv8xnYlUVhcoQulpJ6snU1lLqP-aM9Pta4TZAP1sYsfqvBb31WAMKBStw3_VWRd8jBFCKRZYpcKjPG_gPqGxGo_ZFULcI1b2ZWxySfMfR3Nr-0O5AvHBNQLRdx5saWUu5CGiQU9BvU8DKXL6d5Sq3XxItZ4QJED9AZ4-N7MOs15yWIfhnAoWYCG05xmyH5Lzn3nHpEPzQ9YXj4EsQ3XUX7gszpoCPWlyg6dwBkBKjXKGKcaYXVg7D0euPqJvQ&cid=CAQSMgDICaaNVaGYnSqXuJq1zqNd-Vc3ijiTbdckgaiiO3xSr8wlUXgd-qQK5IvXSVPOxQSGGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apkshub.com%2F&ds=l&xdt=1&iif=1&cor=8853819634153017000&adk=1861781142&idt=126&cac=0&dtd=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b270d77147c3258d3aed6f17bfa040b6bf0430f8c1e60ad2058fd6099caaa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 06:15:49 GMT
x-content-type-options: nosniff
age: 127176
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84994
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 12:17:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 06:15:49 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame ACA5 31 KB
12 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:51:49 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame ACA5 202 KB
64 KB 200ms
200ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:25 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame ACA5 11 KB
4 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77844
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:58:01 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame ACA5 0
0 67ms
67ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHrEo-09yrf0JpN5MZ_J4OP7eUf_no5_KFqJRdglmgWJAFj_Pg0mRHMOv18MrVtNt0vxDHxC4xcwKOJmCYxBRbxSu006pFnB18QM0mpes_qz2eQrfdDuGnIu6jDTX2QPfjCggcfWjKvp06b_nxEvRmaJ-eSblJ1aNHvENLWg&sai=AMfl-YQsuKs4mit4vP9oUsOi0TB_j7yG9M0pEpUj4uSSYlk1d-myjc47Hot5MPcyuMQPWp4DcwG2DKcRassRIvFDhgcL-MMUyevLbaHMjFSSb8ujlEUnqM-TMR38yhjCijmGuO2v&sig=Cg0ArKJSzH_FpV_BIRmHEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.42423&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame ACA5 41 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H/1.1 200
OK vu3DwdNgISO_EMjpLrtuVY5jDCE8V3GacjCrFGO_UbPsHr-uqi4WMwLt1TDwldLTLg4xv8Neb-JjvRRpwF66U75dvssMvZ4mSQkdmTHnmKxgr-fuFUeLpTOiryy5S3MfG4qsJRb4DaJWNYbjP4t_KwBvUDBcjOUtqYzcXYI8RnE9GXSAc97R8_d1EDqBQT3iKmpZ6...
pdc.bidswitch.net/mimp/ Frame ACA5 43 B
220 B 1172ms
30ms Image
image/gif 18.153.147.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdc.bidswitch.net/mimp/vu3DwdNgISO_EMjpLrtuVY5jDCE8V3GacjCrFGO_UbPsHr-uqi4WMwLt1TDwldLTLg4xv8Neb-JjvRRpwF66U75dvssMvZ4mSQkdmTHnmKxgr-fuFUeLpTOiryy5S3MfG4qsJRb4DaJWNYbjP4t_KwBvUDBcjOUtqYzcXYI8RnE9GXSAc97R8_d1EDqBQT3iKmpZ6rutaWAVEW3fkwrkb6pbwu8p3k3y6Nt1J_AQw4CBFsxlf0D74LK6urFVaj50NHxx4gWU7AuH_JWwtjdL3Z-JEFC1nkchuiyEW4DjH3ou0jKEa3Xtjkmfv4VT1VmJYc_oEmZt0CBXruYBE6UgSjmcBDjG1glfEv0_BXexohD3IlTRWudf2b3F_mfidldBgni9FcxYrrsLNDSOybM3ak53YrxMF_VyNBZuEPpXgcgKOc-2tTdZbVOJRcf2rJhpIPd3ET8WqECaMPd-1JG976-rYgRw6RmcNFE
Requested by: Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.147.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-147-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 62B8 39 KB
15 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 08:15:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame A8C0 4 KB
1 KB 110ms
38ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 17:33:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 17:35:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3776 6 KB
779 B 111ms
45ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 17:26:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 17:35:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3776 2 KB
822 B 29ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 3776 24 KB
9 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3776 3 KB
1 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3776 20 KB
8 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3776 202 KB
64 KB 152ms
151ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:25 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 3776 37 KB
16 KB 94ms
29ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 07:40:28 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame A8C0 22 KB
9 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9189
x-xss-protection: 0
server: cafe
etag: 14682237860056745894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:46:45 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A8C0 205 B
519 B 99ms
37ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:42:43 GMT
x-content-type-options: nosniff
age: 96762
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 30 Nov 2024 14:42:43 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A8C0 604 B
696 B 99ms
37ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 16:48:04 GMT
x-content-type-options: nosniff
age: 262041
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 28 Nov 2024 16:48:04 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame EEA1 38 KB
13 KB 30ms
29ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 569805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 45F1 38 KB
13 KB 31ms
30ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 569805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 928D 6 KB
3 KB 52ms
51ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:35:23 GMT
expires: Sun, 01 Dec 2024 17:35:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cc.jpeg
px.vliplatform.com/imp-v4/ 0
499 B 166ms
165ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNUKyTPMYB-YKZB-PwqY-MPKe-atZaeMtZeZPTRqxeNRwNcso_YYRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNyqsltRmNUaAaPRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2F5HmAwlOdc4mnc5FUGD93SnPAU7ldnq0J%2F2%2Bk5zoOAaC4qY60muS4fNaqcEiXv0EjiWrx%2FiDhRwRn1ykIM81j16pjL6dcahAs7Y1iurUSvMnraSUenZXZ1RuVb8y2e%2FtO1nN2MlCaSMbj5t%2F7t0Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f553859966ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 15E5 0
0 68ms
66ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLfAIZRXE36ujH79IWMz3s1cqEioJFF-mF-NqJa-JAp_DnY7MTKGfxrEDW9bxsRpCj1Jypz5NJ6yxgBLCQkmHThcxkMbN1hznI9pTxNriPJM8jilDpXrN4-kEGoHYeoFuBOLID7OzpnRCGnIL2EwabEg7FKo1VRk9JWPwBXg&sai=AMfl-YQuvHGRkyjcVaKy13c6lcb_3KX2Z0WJm6B6re9W6ly_KUkHNWyJdBJ_8nlJC_ilKddHdIqb8cJ70W03CIdBCA-szWpxoM-40uriL_0dKGLSIyipp2bEwuiFijK_3EYH2NJA&sig=Cg0ArKJSzLsiX9acjUtXEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=169&vt=11&dtpt=168&dett=2&cstd=0&cisv=r20231129.04448&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame EEA1 39 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 08:15:15 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 45F1 39 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 08:15:15 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BC07 0
0 65ms
65ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzIsK9jwYQ8M_Jmh63P-jYRkPG13o9U1HJAKPNH4uawWaumiaEhWNenR9MuGsf_n5LOYfl5cllml6-QD1GeDA9GEFG_0PjnNOH2nRaEqL-dFNN4aJgX4s7C9kAKfZuM2aT6yTdlvS5fbDHD5XnXDL8fKKb8X1-pmV4G2Kv7Q&sai=AMfl-YRcUZ6OYekPoJ8S6UXt_vSsVhUDYbu3RNWhxj6n5sWMxx2Hbg0nX3pvN43PO5-e4Z7DBSXQUmXIefMJcrkSQX0VHCgkSqd-zSX73o_sVFUDPGn-bi0OBoaeRRTqmBMDshwH&sig=Cg0ArKJSzHEDUdDfpY7fEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=135&vt=11&dtpt=135&dett=2&cstd=0&cisv=r20231129.17264&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8562 624 B
245 B 72ms
68ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyntKMDEMPxn9gEGJyD-v4BMAE&v=APEucNXH2gjFJOCsHTMgUDLe_azb3sYwz0wVb7ki-RQIlDxXXI2XO9xhmIjE8CwLdY9AtfKwmYJuikIC-De1yNIEyX_eBtZ2Pg

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:35:25 GMT
expires: Sat, 02 Dec 2023 17:35:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 928D 89 KB
31 KB 101ms
97ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:25 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 928D 42 B
63 B 65ms
62ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ap24VBuEw0hOIdUHujnZl7Wsw5415y0WFZDrg6moTdP-1cfrL2coiE29FBao3GlOGlv8CnqOHTPU5fJ3A1OKrDUxuyT8rUij3MNgcWmhNgTtuvFkQ

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 928D 0
20 B 66ms
63ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15030478992588757556&x=1&ct=77

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 928D 2 KB
3 KB 143ms
43ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=69706643;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C0EWD3GprZdHhGoGG7_UPh8avIKPk6Kx09cSQ2IMS4sm2m-JBEAEgk620fWD1hYCA_APIAQmpAocWcjmKQrI-qAMByAObBKoE-QFP0Av2J1RL0ypJKMNLTjDI-VvdE9KbDAsnYMP50ZwIs-X4ynf_0UPVV-Zpen92zx8LwUGprEkI5OffruIRYHgARbbn7rg0jYINqUcdu0a_OQMcUs2EXJgNxST_J323qsyMmfyc8Xkj9-rE1LoULjzI81HSrdc_VtFmXQw7YY2TC95FTVLKJpHUE8PwZnscXdJ6Y5WqmaBPZCHNGOFlfb8vq6CMOkVEV4GQu4CG2_IEBCQywKaAnr5n3Nkyyz1Jmxygk3706UO4PmOJcsyjuOQ5hzYb_KS8oWGwEqFsO--ip_itSqqkiHzkaUyKyMHx4pS2jjvb5mClDFjABLaNjcy6BOAEA4gF58O8uE2QBgGgBk2AB9PK9KsEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABGB0yAooCOgKAQEi9_cE6WLrIw_qk8YIDgAoBmAsByAsBgAwBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAqoNAkNI4g0TCPGpxPqk8YIDFQHDuwgdB-MLBLAT1PLTFdATANgTCtgUAdAVAfgWAYAXAegXAQ&ae=1&num=1&cid=CAQSPADICaaN6rnV1u-5GxIZ-6jpOgiEdxL9-BwyBH-O9v76vCiZ1gghYH-RTiWwO_ImYbkEOM6HgPAq0UR6ORgB&sig=AOD64_1pNxkgEiR59t4Fhdl4_y22xdofaA&client=ca-pub-7719500339410191&dbm_c=AKAmf-AJ6wSYLnRTsekJhkd6qsCW_zg8C3L3ojg41C4G0dJZHv3s4Fza3EUzFtEM9ablHiTu7dRZGIJhrH_kCR9O1EAfjqcrZp_X1B_hIrgSKfyEtO5_5PtLK6o27t9DnPJoHd41ndhBXnIqJnLyf1VxmkFttwQpwqNd0OiqIyEi5SAQyjN6C3c&cry=1&dbm_d=AKAmf-DGysJqfHn_8djJVcVBBNYStW5DO4TFkiHC_hOa6JEUVE1XkwnYFuzzosTatjh1oVkEBVU7Ax8EwZXmUu5cvdvZzDs_oMa-rDRoGmlU7UHF9Wewt1Oo3gAtwVa0CHhJZF9MY1pHnV4tUCIq9DBBGqeZ3fhNaZbL6pu74UHdfAVWW8HjNdMU-giy9IcHKmAxbvwPPGIxdWiv_CP7IyyG52Id_7M_OxFl-G-F9HcGfmHu2G6ZwDwz7aAJO--zk60A9gGA9jHmOTyqSqz8eVDz0w9m7DzGeoZ6WqOphbQ46TLkdRCd8J-4XUlPnYu9nElXZ6IyShTqtEp9PZvXCHorab_oQ-3vZvLr_oFILznwue8dB5e94ynPdHv3MxmbQsBjwVlnVwRvL8MiHR45E-xlPhxgkL187c8KSh3gWP5iXiYNAmcJfzvsvvP_T1vAcan0H4XEsSj8AYS9ZkfgnRO1OJj-UXVil0CZrhs8TAlcOC3EbAGOABOZ4FN3h2JzoHfRhR40ZGb2fjz4OTgYAwys8pgeXh2DOOfnhQl7smktxldal8paSXxT1dGH8pGAaF4UIZf20AwNCcCHIx8keFAzpM92WCGnRg&adurl=

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e9daffb35b2c7cb82c906658cc42ea0912e12888bca493073cc8ae8662943f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2439
expires: -1

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 928D 3 KB
1 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 928D 20 KB
8 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 928D 0
0 175ms
61ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOa7hbR_2-gSyooBQL2JR6sdtIDa4sjf0QL-Cn8DwBbD9F0Ub7-eTJUjg3kRInaRRwrUCIA3gEiEdE_ofbN_9FK-QHsQ
Requested by: Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 928D 202 KB
64 KB 101ms
98ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:25 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame ACA5 0
0 69ms
66ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHrEo-09yrf0JpN5MZ_J4OP7eUf_no5_KFqJRdglmgWJAFj_Pg0mRHMOv18MrVtNt0vxDHxC4xcwKOJmCYxBRbxSu006pFnB18QM0mpes_qz2eQrfdDuGnIu6jDTX2QPfjCggcfWjKvp06b_nxEvRmaJ-eSblJ1aNHvENLWg&sai=AMfl-YQsuKs4mit4vP9oUsOi0TB_j7yG9M0pEpUj4uSSYlk1d-myjc47Hot5MPcyuMQPWp4DcwG2DKcRassRIvFDhgcL-MMUyevLbaHMjFSSb8ujlEUnqM-TMR38yhjCijmGuO2v&sig=Cg0ArKJSzH_FpV_BIRmHEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=131&vt=11&dtpt=130&dett=2&cstd=0&cisv=r20231129.42423&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cc.jpeg
px.vliplatform.com/iv-v4/ 0
497 B 163ms
162ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-MyUtAteB-BMAB-PZZT-MtZy-PMYKBatPrrBTRqxeNco_TUBMTUMKZY_BRwNekoztgRlmNKYMbaARdzNwqfftkRrdzNRmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2O2lXOw8Fkjb0CiveMQyo8eg1l%2FpOpJnn%2FAzlIqagqfuYtFNUMR0yFg4f2mcKPx1JrWcuBiheWww7lJRaEfKYUhLh0YeKFQvFP4aD3N9aB8NmBisAwg%2BFXHSLldx0JgEeMPR5462AWnPnyrmiVRTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f553863a64ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 cc.jpeg
px.vliplatform.com/iv-v4/ 0
496 B 164ms
164ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-eKAreYUy-ZtyY-PTrT-wZer-KTBeetTqyyaPRqxeNco_TUBMTUMKZY_TRwNekoztgRlmNKYMbaARdzNwqfftkRrdzNRmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9KS0Rw3nMnp%2FyFTDL0pBsF5m2AesQeX7cA7e4x0jVqHvtc9QuulYyToGEexjG%2FnFzP2nRWzuOy4PoA6vZdIawrTmnet5K7Ev6aYeXutFgjN1c5fVKbt%2BDzmaZ0R9ZmHvdMoPxAi4s21RN1YFKvjow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f553863a66ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8562
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELX2rNLMzFfY7DxZJ3NV2uY&google_cver=1

43 B
737 B

69ms
68ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELX2rNLMzFfY7DxZJ3NV2uY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyntKMDEMPxn9gEGJyD-v4BMAE&v=APEucNXH2gjFJOCsHTMgUDLe_azb3sYwz0wVb7ki-RQIlDxXXI2XO9xhmIjE8CwLdY9AtfKwmYJuikIC-De1yNIEyX_eBtZ2Pg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zxXKdHZdGuL9DKsZbB2s235T639ll380ycNJ78AGNhYAHIClDdOAzvtD%2Fv%2BCCHgjI%2B0ybOhpUcZB%2FdTojGmQpdDINQgAPgIj0EABRkcPytYK2x5qJ7qevHnOu8uCOF%2BlY0CKW8k%2BnMBrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f55386f9fe24c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELX2rNLMzFfY7DxZJ3NV2uY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8562
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWtq3MY2JQc-5CL6qMuo0QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELX2rNLMzFfY7DxZJ3NV2uY&google_cver=1

43 B
735 B

42ms
42ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELX2rNLMzFfY7DxZJ3NV2uY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyntKMDEMPxn9gEGJyD-v4BMAE&v=APEucNXH2gjFJOCsHTMgUDLe_azb3sYwz0wVb7ki-RQIlDxXXI2XO9xhmIjE8CwLdY9AtfKwmYJuikIC-De1yNIEyX_eBtZ2Pg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrZSnyLdpxIEuJusm4gEiJdyla0cF41U2jVZ00%2FGvw7AfGq1ujfqgcJfXl7IOPTKMjpyd4Kv35FjBfSFbpPaaqh%2BDuLnCm%2FkUuOpH9zWuC0CwIj%2FaFrhqZAqWAQ%2FGwN14MXI0qn5DWE1qw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f553874ac824c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELX2rNLMzFfY7DxZJ3NV2uY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8562
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHPTsg1oMvOtSoCHheuqdaU&google_cver=1

43 B
874 B

45ms
45ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHPTsg1oMvOtSoCHheuqdaU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyntKMDEMPxn9gEGJyD-v4BMAE&v=APEucNXH2gjFJOCsHTMgUDLe_azb3sYwz0wVb7ki-RQIlDxXXI2XO9xhmIjE8CwLdY9AtfKwmYJuikIC-De1yNIEyX_eBtZ2Pg

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
an-x-request-uuid: 43e2d67d-e852-4ffb-b31c-7f4543e112d5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.195.71.221; 185.195.71.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHPTsg1oMvOtSoCHheuqdaU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8562
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3NjkyMDg1NTU5NTg4Mzc0Mw%3D%3D

170 B
188 B

61ms
61ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3NjkyMDg1NTU5NTg4Mzc0Mw%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
an-x-request-uuid: edf0f4a3-4c19-43ac-8383-534ef42724fb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ3NjkyMDg1NTU5NTg4Mzc0Mw%3D%3D
x-proxy-origin: 185.195.71.221; 185.195.71.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 62B8 0
20 B 66ms
65ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B1ij23GprZYLcMvHOjuwPqKi50AQAAAAAOAHgBAI&bg=!CQqlCkXNAAY3kmNgF5I7ADQBe5WfOMYDHHcv4qB_TKzx5KjhNoo_2tGAhsKPMNrU0mbxcXbH3Vw4BJNHBkmg3ogZZwohAgAAAH1SAAAAAWgBB5kDUWRdhMw8qz0O5H1N-fJFFGQUMitX4tYsRwBj1_DBUIIdrzf4A_qcNsv5hW6B0C3cGLf0Sw-AEPauntcQRislVZoro5SUR-iXslLDKmjEeGl5Mzrhf-AyiQYLAFNOJeOjtB9ibADyKv5LWUgFzwHOLfGhrNcQHMJBWpBSbHtXgkJS3FUwia1wLjbhONFLLl0p8A7envZB9gfYSnD-xgwHjQm0OmWjMHGluo0P_BA-RTeoE0afgX4N3JIYx_AoxVStDNxxeNMen88JuhpOslb0rwwtDKUVRH3obQCuP_j31XOqCpJzBvPav9s3xzQdwbL7PckI8JZlNiYP7TVILDPH22xUJzlgWPlOSmcT6IVwCKN4tygedObEb1ew6Dk71a5A6erVwGpDJZ7MHEJ727LEWzNGRe7_ALYxyE9t4zVHC71iBdwga6iJX5gQBHbfYalsqeb8amb04IvWPSZjg-4rcoTXRITyefQdUPx96fiv2Gf8qEpmOancqOvxj4PwakayH9b6Ooky2fk9pMLxWZLVzFX0Ot0nWavgSv03SXnUYgl8V7dztLGfYhvphavE4I4n4gPum6wqOFUl2Xbq1SgYSYlppli3uP005H_JJ98bxrhaXmSO48UGxlC8RA_ZxQlhrVtW0L8betUxazklNWUUVuJb8aheN2mQDU_Lm5dX-RcyEfSgTJTapaaduuOwZaSJHaMRJQonuU9Bz0C8rdDxThKXNW1dxAEU00ymE2G9P01FufjryJjElir8t8VDoY9emg3kHoKje6aSAoyyB2pZ7G0Ylf3CzcEnjZH69JP-mr7C_CLimp2ChpeAU3o4NGQYgXO0nGuE2DuZD0QaObB3lpQtPNXG9y4SQFtdWXMOp5FehJAWhE0nkX0ROOPs9i6djK3wI8z-Mw29eG6X5eDRlRo166WbJFo4y5-CpK511uKIEb9ii1lEQbPkUVGdZhgwpbpqQI7PugDf4k-bFi3paJ3lfA5YFWuw9Erj_XGD_y2KcSLLyEaw9cxBXhLNa_wittL2YEewFA2qMHFtfdXvn5-l6emGpyqMo_61lS8q5sqUis3y5VF5Wu0aMtx0IrVVNUs-_upUaDGtPy5kb7vi17SiYh516J575M5lqtPTOVHPpw

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 928D 0
20 B 63ms
63ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8534027430659&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 928D 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8534027430659&version=m202309260101&ct=77&x=1&cor=15030478992588757000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 928D 34 KB
19 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkFtjlvk1H2RRgnvuxwEhodlnsD-IPxitWc2xVa1kqIIztBeq16GnQNY9fLAhIThiHX0HLwdkEGMevO-GYmwTr2w4oI7KLRg3ri_BR-Hb-L2w6G2gvegmMnTkWj4kybwciExOJJKWODAY2jFY2LUVT0M1gaF9EbVKd9YDPP8Uz4v3j5vw&cry=1&dbm_d=AKAmf-CBU-dFCkrZxJJmUjCn-3NzQPToOUfp7Dy5D8nR7CJb7qMKQX_uDO9bNs65X3cvUg0qyyZcpUsX__BxhsKQhKQRpmOZIxvjFdl2PSskdG58Nt-PajEEB_rp6_F1rt39CU1cE9XzAsXjd5YDgjfzGN-qdRg4OCe74bbFSvj8DUFC1FL50fkjrD4Ljkw1iscKn9rQFhTKx3qdvpPKz3LQj4tfQCOpFLQCw_Yz5KOCt7nZjBKP2Hw_n_ZKCEqFa2LOfmzkRrO0RN7HGJm7f_d7drfgAG7aG_ZBt1o8LOBuZdvnDGFNGQZPSPTbC9chPOWLy88c2D48F8qsRCHO1AcC28KN70mdozMQ1w7x-CgvG9BviQjSJWguV9gq2qtXPCdrHQE5gLTb0yyGfmRV6P9q3FZdwFHYLhhYsbar9gk5nOnIFOmMwlk_DQNorbwfF8v-F-3skK9EvGIpyQEbvsNZ7TGVkLCc7W94G0fXK8b596Y1BogO5NhhhPFxofg2t2eeTJrhwQ2o4cYDsf0GaADJk3eyXbK3jooevVfiDh_xkkYD9ZpqGVnZAjZ7vHEcIlcn6zMYPeMxxhKPiofuJsInRH35pRS9eSnvPAigtw9jPq8pavNIqfGjNK2KEp1roCTGhm_uyQWPAF8FtbRgZDH8jBdipP9VKnBGLkcgeEEK6YO36OUxPhDYTbF-yN9TVNAg4qr2wKiVskFulAXfRhXHjWN6cZFdiq6oo2q3PYmAttWL3mgxNqM9dfgWeD0a40UWlae4J3tcckjUhVsOUr6VmGeP-BwGF7NcP0akFGxqJbFiAmVqgkeNHpIjJHQYDQCBUy9cYJ4TeStl6fMtmD7faMgN1ga8Es_EVz9Yxkn_3l88PiUkOrjbar54HTWP_8or8lKbPCda0RWeksd4wE9vzkyaWz9SoKLwUAlp7rf2Svm5OyZBY4FrZOKKI1aN-6XOe-l2kDtcuLIDIIekQMycAycDDOtJu4e1spyrsoKJqUsz0pqPQvAr700XW7D8CR2euIEzSvEgj3D5-JHZtfCpeiZlb5FNMU4nzoKdR09cpfRr88MuI3Ex1EIj3sN3PY9QpL6fOG_uAQcD8WcSYyBGQRe0EKU56NAEoLHaurTijEd8o4UTTqIiqL01Hvmt3VQIqMPABQkvzrA4TflnbvSVh7j1ikGzqhSQHYz9tMD_SAzftTvNwKSfAMPrWjEuwxvViVVYZz2T5yNAGaikHE4-Erq73IUYlf5WXbi6Q9XFmXHdDwXd2iGhFfWvVfDyAsD5-YbqBtWZ7HJPVTDXWrwdX8m8OJ6jkCDCoqouF2vlFbxHgr4EE3bIr_s0T2KGqFmvjPNjZldm3o3ZuF3rvSDafx6ByP8PYMUxtLkFGlbzltEwzCs1zg2YyJ9-LJvbK_J7vWZvCdD2Cq4ngV4T7KRw09b2i1xw9zjEJXy4JNVOG1FlzB_qO4ETT0uVYPGCUcUNA7a2zqi0ZfynbVGjOD0HkeuOzQVBdtJIKlL2XaiIHQWx5blW57_Kv15BDSrCnksT7fQUnZ1kJOfmO3kIC5jpoUhzMDPyg0gwDKfDGViCMR6vxO2_5e9tXNAX_JSpgUyj24clJeb7nUwg8GzXwutvVVttDJewAVMW56ayzXWKVnyrMnvsH8UmO52dgccFajLhAEO-2dLBYxxA0z2kYlFsfmk68NAA6s8u6cPiClrrxWlIrsN6tmozxW126pivNGX-0pUgcv-IQ791a-x3U_unR4XR5I5dTy0EmvhJ160Q-OaOIqvgLFzCX1j3Wc45gmrpOBwKqkFjlp3QpxX4b31ldyGPAu03RBjttkFP00oQU0FmFdlPA2lyFPzGgNj26nfx-AtfX6DlbEO5lmpVcLc4TVJOJR6Yf2FFkCFqBF4vY0MjbjeMthEgccp5b3g6IIIGKgr6PvVtEd0mmMKjR6ZkJ9QXlJo0jqmQUJJv9JjlZgy9KqZSWw6hheRKZMOgZzs4nDKJq9nkJNmoI__WDp74i7pqgO9UCxH2-6hpe6lxoM_Fz3FvmyN-mrpfbkkdMQ5uJYYtw2punOzELKjvJ8d4xrwFRL76LKN9Qkos5Gw4AxNEsXsdWIemUINmCTcGfpVGx7cw1ASnLuEfcFPpYgeFK5vzrtZF6iIb6GpNqwl2z9k-QWgW81m_PF1kQ9NzpRxr1X6pihp9i1m96RH51bE2TAQYnJFmYoTsgl3MLhpQv6Tfv-AxwYdIFdPDd3npqwRm5-X0LpFOUK28VjCcAx3KYfbZTvrwvAHvCMAeJkv8KKDOvflLNsIURft6jAwLAp3ZhLyyC3OiWHVQBSgx2ML8nzGttJf0dxtQJNaPGAxkL7lYGR195_BgB7KabbHPcGot3ZrMKmUuTzdLAV9qBJq2Yj061IHiywH49CP0H930mzwmj7m4LzPEGG96r50aP2Odsz4Q6r8w6cqlpRJjIbeVq_zqiAmv5PpVKjSazljJML_ZpDB28kpVopDOExG8vUjP-RBvvoO8seejTF0WoDM2_Jhg0_lOTVygQDYVTEwtEWB2AaFJRH-M_umTzq3kpyGfdKpYOwUs3gEPPOjyU7gccc4DHbnvBNlzYQQLy011veHj_gyc6KbEslzm0XRjHDfuGVOpgRx0m6s7ZNEf8C4ZO0PmeeWzE6SqLg-UqLHO52icgnXJ1gJoEGymVKeXFUFKTBTwYuwcElE9T3d_qFYHAAQqyiub1SbDalHBvhCAxQLFscE5K5hU4vbZ_kKB2nJni0gS43baZlX4Ysg41fYk1L0sbheV6gfe4KEfmyvcu62Ix-g3UNSnpZbLYl90aLKVtbW4TPLTjfxndcZbwGlC4TeIRSVZPBR_Dy2kP-zNSvhYxLJkSvmne6lP8IIPCNxWbUW6K679VFT0WP5BhmCu85Hv9UKQXXHm7OKLu4fzU55XjZAKPSyH5X2CK7s2EYh2MJecj39vNddICY6b73WEhaCH4Ke6c73tXTLaLxSJ8s4wL2p6innl0PhcYiDuVacVH7P82909ZatIW17I1Q0EhGQaQmiL6XoukmaTR4lffu_esCawicQ-XJJfJF69UPGCLAe2QGg7VLmFn1pgMjjdFlcKwGsJbMBp5dbO97dqFE5-SGq0sbORL9uz4qSp6JkFkxFURSDdlv_1oHCXPpwpgAEFlzbaybousqyvGFbSV4O0cprrgIzwDFC2dcTfd_wwHg0MHciKeXGtzfqhxDFvE9XF6JSJxWHwFia3FLE6LWU3AwL0BNFE68A406T5j1jMCJaIYU07_l-Cukm87xW-jqsH5AEPYqYWXcNdh21OAtWgjbNjz7HMCjxyLUGO3afh_NIdNYXr5Ip0DLmVwC_gtAbzLdWvuAEOFnjRmYGS_AonmBFbyjr3Jb_Nz6n2wacpAGNZbgpCh6YiFYcY3Fbm1z3rXHY6BLTxJvm7N4PqPlCM94xpCV4M5x833K7mAZ6jbkktdwZJgrqQzK7cdhSvrhlKPvMAPoJrQEa4T1UoT0HAYX1dYgE_CSBwr72jPLDT93giVKl5wyBdaGHQ5q-oHUJpbB0lUUespENfW_sTQabMppig4247-IpsEyhOmL5-nRLjpn6q_U_WGlVHam3DHXBFkJyWS_85AfVZUzkeOcOTYcz3WWzqIFr27TzvY3eKFwJFYXwWofWb6Fs9cyZrzbCOUYl3pIfUtneJVfHau3hiAFHws8rerKL-EfEX4-F2c8lWw4HshbS6fAAoFTPNeWuo0-OCiBM_9BwA6XdQ__uz0XCSoi3waFQBE-RKgrHNbFyPCqw-hs2GbJYVhXgYOWi_dqqGJ1s-vz3P5t4NN-_gkgTNoDEaQEbGVfn9zSDQkU-M6cQptUfaoV9onxyq3kUeTunkZNn1yQzaBTRRYRuTKeJ_9M4A8pnl-r2ewPzuSvDfn4kvoYX_xtIZGQjtcJkRlwEiy4ueQ1R_4IzBAUSa_h46aTZRI7Pxv_3-hgxHFxeZKGoYqI3QmYPL7uxixqVDBtBf3jDD89azUYRJ1XwIMrh5n_R9TlWQnMxW_GXuO_iHilL79KFisM1fgGZE0V31_xim0voG2o1t4CkOyZiZXtx8xsIwGLjLQKQSbPpBy42ocqRfmKi3Fn6KNj7kmtOzY78DOWq58YrHBVcBkt9iHwxFNB6AcJAPS8RgVAf0NAO7NavSbD4UNfQut51mVn6MAErqCp-krjdjjqMz7fLj6RcUE8AWpnKV50ejdsPNmoXN9cwKvItN1vlb6yrr0CMzuowEHKIfSdi2hU5dIM8vGtE3sUvyAoBBgzntilS9h2h9HCt58mFfmCyegj8mJBQ8oVydG7uRyf63ax2jJhzVq1FfEFH46VzwjzZ6grdqZRi2NapnJ0svwlNvCrRT3bZmthBVSK5t81lGC6qbNqpgSg9fZYln0sB4rWUwKQ5yxNbuT_DK6PBcCkhqD2rHtTfo_wqnqYDvBLmdc57hnHntpV7Qf-9XyGRv_A7Xue4_clT0ZcUArZ6jSJ8KomeD7-LYi6KgzTq0b-Fm3MIsMnmZbeiPZVuBkDWCvTFelON2kogwWIfvWzDEitHUenwcZ9d56Weu3Q&cid=CAQSPADICaaN6rnV1u-5GxIZ-6jpOgiEdxL9-BwyBH-O9v76vCiZ1gghYH-RTiWwO_ImYbkEOM6HgPAq0UR6ORgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apkshub.com%2F&ds=l&xdt=1&iif=1&cor=15030478992588757000&adk=2013371551&idt=113&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b75d47f45fe747aaf88568c949ed6978f352602dc7c323565713fe2b5146919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19718
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EEA1 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bqb9P3GprZfjON6_Hx_APu6aTsAMAAAAAOAHgBAI&bg=!QkGlQQ7NAAY3kmNgF5I7ADQBe5WfOC-MXBKTrHPQb9At2TWIur29n_9qyCv0QATeJ9N38s13CVCWphRdXnomi6PXFwUKAgAAAF9SAAAAAmgBB5kDUIiXGXj1vqoTukwxoyM9TDHxzhe4Rzos1r8vTQKnDFDXhMTE35bBA-tgQmEXwTHtRfHNx_smI28gylRZnUIrYOhmYjg2daMh0v3eQFnEm092gvxt6NktqYI8uYFJSsuSfPDmDlhCo-WezK1e8PGFj-SKw9hkGFKU93d9n19qUMXa13qfrVt_JbdPpysoUZ41fxhJn8a9B2BNblN-w0R8yOCv4WNpUew9p3JyYX3yZnAD7tsjFrLDW-yisqFWxvx8yNLl63i1hMmMD-4TNSJLf1w5L791nvQGFwxWRmq0mXFxC4zTihWz2x9wu74BgbLhOzasPCszt3zj3DR5JnfDMsv6fX46IFYKdowxCH20dTgLCe-qjhu2cMeMkjCxPkPEp9hjAdn2uAGFx4-hmm7VvD_arg-21r1IM6MqeGQLP6fkXRZ0I4NLQxQWd-vrT_rztmxDzMDBfVZ1S3Wc8cRFQKuGMMyEzzLJIi5H9vy4Az_C5CvNhoE_lFzeYEDpvBIps7i96yAr-xJE45kIMNtrv_UgO34MxtbVyvJzXYhg5CtaPqIzWEVcf5hFl4tlhQ4np8LwjavmWpeXaMoo2khjkPNnwpEcijxnDzjVZ_VCItT4ystHZPfYRYICFviNabuHx-SffM0tPIV9O86OWfwlhqxRzwMr230w-v7P8uRq8TbLdIjLbDJW5rDd8Ic71fEEGOsRn1mzdUJvIQMvEKNGG3vVMkS7qoKGPr8NUmTX4uKf349R4PVGMdXT9Qu2G8QTq0zdxe9QUaYR9-IuIyLg0FVmgRpRov_8a76aeXoJdotHe4IJKOBIGolECLcT_ij3O8FDcn1DLpIOYKsTL4Ts6wVijcbLzP2lW2voLUXYz8wptcvtfmHK3trFCAiIJQDHEtENsPB8gzqzyVhOZ7bfF-9DHds7DfiDbNfVXDxFNQC5ipaAmbEyRMyXJQuH22PG1UXNpYwiolOge9EmKL_Q9KC9bay1mEpgJ-dTrcwkTxd7YzEtY7ejD-j72AyZaT-qCJcl83roBizj_q0ldhQcwx1OuiMTMMeLieMWZCbdO3fDeN6Oh9MnI-7cBqZPwStQvZTMAuIhNmDDVh_W9gDWJzcH_jgCOERbK5mVuL8mQ_6N

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame F8AC 50 KB
19 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:49:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 247540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:49:45 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 45F1 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BYxAU3GprZdTMN9zC1PIPgOajqAMAAAAAOAHgBAI&bg=!eXqlejXNAAY3kmNgF5I7ADQBe5WfOAOKNuGB7TvdKuWhEEL0f0aos62_dhr4RamQ00JRlFoSI-_P3gL9cH9IF6m7Xg2QAgAAAFtSAAAAAmgBB5kDWwjKINvAimoej5WIWq1tJ6sVpTyOwvkolGLQomk4EGBoxHIRgMIjl8llNs4h6fH40F25jBabp6yOf88dHyw-x9Nlrgc72DiE2XOV28oCFZY9F2--AP_o7YQJOSS88lI11E2x0xs-ghmSOXH_ns8_jSdKN20gODmR9hqgLogiA41ltxko2A3CJ9Z_CRGo2Ym5X7pYnNTYcEEEfau9b5FGnJm5pNxztGWyEQp9Poexf2xfd3_3h0DNcrJ5dWozdb-5T-LvLSzbqz3rhp7OuX8_-qb8-9Saz_JPFHQ-0wI35NFUUl4YGVdrGI2LeVfdulL-9mZ1xA8naDS-ZSTEndoh3GjpfPI6f7-8u9p7JC9T8yIv5p6UxUW_sJ9_VT1u2T9EQh3zcka230Jd72TMGmIR4jq_0Dcb4P1zCpl1bfKT5OjKg_RCn_QVtRGoOUjeYfQhPMEt7LCsjJcSDzubMb7fLR4QHaYY-fyu4yX--wjO1o_PdvnrAORBR43MhMxSvLeGPXpSuxk0Fma2HpDppndPweLJZCg1QEJIHPwUHMJZJDcD4r0r-8A18bKvS1UniAgR4Ie5bWOWS2weSUeGCA25_Hbygyk29cIrz4EKe8Hz9xTbJaGhHMUcPBVtflZXoDhzbhVPMatUlctKlhqGJLEG1ZVOA8UzDwZMbBOMTXcssFcLuR9-vTgMKuVnTYuHXnWW7qt9D1wK6moW26g57XBQ1Ig7cHiXbqqtGT-9jOLkPkuOUEoGAShnLzhYqOpGCN21NATsKUYUVMVh-EefIyvS6n2o_KXaKiyIsqq5IQ1uQouNmn5bCVaBwVBVCZp9DbyGJOneBfjbQ9gc5x-3x7OImS1aIo7sQ8mW84qXhQo27O4TYhPz0s_FFj-TyHR6lYQ8Qm4t2XTPcjgcolY-sLlo-_PeCi1Aq7f3BHRh_yZkZCU6dESWiZ1dLqMPqEt8Z_BRmkG77VpzifeHUelUJ4_QQwAtwigf5Xu20FzhjZAC0e2X7byYkZJFO2Zbi9fEj8GOHzXYT2Qxk4mvyZfy5oz_8EXVZ7v09jnvf4ibeVTQ9H54YgkIWFojNYKWlHSzTdv3vu3jHDwNTicg1hpBb18yKnvyPOjoubmAaX_Af8RbNgbVWqOG1uPac7vrKFc

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D5B1 6 KB
3 KB 52ms
51ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:35:23 GMT
expires: Sun, 01 Dec 2024 17:35:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cc.jpeg
px.vliplatform.com/imp-v4/ 0
500 B 166ms
166ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/imp-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNTtZTUerU-tqBM-PBrY-Marw-wMZwAwZPtPyZRqxeNRwNcso_YYRhNARlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRwkhNzkxtRmNUMKZZRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFX6EofoyCS4sD7geDtmRzv9prh8mE1PcOdBeOl%2Bct%2Bct59Gk6dHAyi6U0yMOYrM28sLbC9dGJ%2BrcZXSg0lW66RS8Pt8USf9IvYJdeC6SjSZbC%2BCjeNLKVuz%2BB2oAAoH8AMScoGiHI%2BPAMgDju6NJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f553872ba3ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 7E30 4 KB
2 KB 31ms
31ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

0fb39fe4ea78ebef29289b618b2bb42daebd845d412a78caa8de7fcacfafee88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1474
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame D66A 0
0 127ms
126ms Document
text/plain 67.202.105.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-105.static.steadfastdns.net
Software: 33XP015 /
Resource Hash

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

date: Sat, 02 Dec 2023 17:35:24 GMT
server: 33XP015
x-33x-status: 2020008

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6E80 16 KB
6 KB 36ms
36ms Document
text/html 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=92586
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sat, 02 Dec 2023 17:35:25 GMT
expires: Sun, 03 Dec 2023 19:18:31 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3

200

setuid
u.4dex.io/
Redirect Chain

https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
https://u.4dex.io/setuid?bidder=improvedigital&uid=ba99305a-3117-49d4-ba16-96cae3c64a39

0
15 B

37ms
36ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=improvedigital&uid=ba99305a-3117-49d4-ba16-96cae3c64a39
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

location: https://u.4dex.io/setuid?bidder=improvedigital&uid=ba99305a-3117-49d4-ba16-96cae3c64a39
access-control-allow-origin: *
date: Sat, 02 Dec 2023 17:35:25 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 928D 31 KB
12 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkFtjlvk1H2RRgnvuxwEhodlnsD-IPxitWc2xVa1kqIIztBeq16GnQNY9fLAhIThiHX0HLwdkEGMevO-GYmwTr2w4oI7KLRg3ri_BR-Hb-L2w6G2gvegmMnTkWj4kybwciExOJJKWODAY2jFY2LUVT0M1gaF9EbVKd9YDPP8Uz4v3j5vw&cry=1&dbm_d=AKAmf-CBU-dFCkrZxJJmUjCn-3NzQPToOUfp7Dy5D8nR7CJb7qMKQX_uDO9bNs65X3cvUg0qyyZcpUsX__BxhsKQhKQRpmOZIxvjFdl2PSskdG58Nt-PajEEB_rp6_F1rt39CU1cE9XzAsXjd5YDgjfzGN-qdRg4OCe74bbFSvj8DUFC1FL50fkjrD4Ljkw1iscKn9rQFhTKx3qdvpPKz3LQj4tfQCOpFLQCw_Yz5KOCt7nZjBKP2Hw_n_ZKCEqFa2LOfmzkRrO0RN7HGJm7f_d7drfgAG7aG_ZBt1o8LOBuZdvnDGFNGQZPSPTbC9chPOWLy88c2D48F8qsRCHO1AcC28KN70mdozMQ1w7x-CgvG9BviQjSJWguV9gq2qtXPCdrHQE5gLTb0yyGfmRV6P9q3FZdwFHYLhhYsbar9gk5nOnIFOmMwlk_DQNorbwfF8v-F-3skK9EvGIpyQEbvsNZ7TGVkLCc7W94G0fXK8b596Y1BogO5NhhhPFxofg2t2eeTJrhwQ2o4cYDsf0GaADJk3eyXbK3jooevVfiDh_xkkYD9ZpqGVnZAjZ7vHEcIlcn6zMYPeMxxhKPiofuJsInRH35pRS9eSnvPAigtw9jPq8pavNIqfGjNK2KEp1roCTGhm_uyQWPAF8FtbRgZDH8jBdipP9VKnBGLkcgeEEK6YO36OUxPhDYTbF-yN9TVNAg4qr2wKiVskFulAXfRhXHjWN6cZFdiq6oo2q3PYmAttWL3mgxNqM9dfgWeD0a40UWlae4J3tcckjUhVsOUr6VmGeP-BwGF7NcP0akFGxqJbFiAmVqgkeNHpIjJHQYDQCBUy9cYJ4TeStl6fMtmD7faMgN1ga8Es_EVz9Yxkn_3l88PiUkOrjbar54HTWP_8or8lKbPCda0RWeksd4wE9vzkyaWz9SoKLwUAlp7rf2Svm5OyZBY4FrZOKKI1aN-6XOe-l2kDtcuLIDIIekQMycAycDDOtJu4e1spyrsoKJqUsz0pqPQvAr700XW7D8CR2euIEzSvEgj3D5-JHZtfCpeiZlb5FNMU4nzoKdR09cpfRr88MuI3Ex1EIj3sN3PY9QpL6fOG_uAQcD8WcSYyBGQRe0EKU56NAEoLHaurTijEd8o4UTTqIiqL01Hvmt3VQIqMPABQkvzrA4TflnbvSVh7j1ikGzqhSQHYz9tMD_SAzftTvNwKSfAMPrWjEuwxvViVVYZz2T5yNAGaikHE4-Erq73IUYlf5WXbi6Q9XFmXHdDwXd2iGhFfWvVfDyAsD5-YbqBtWZ7HJPVTDXWrwdX8m8OJ6jkCDCoqouF2vlFbxHgr4EE3bIr_s0T2KGqFmvjPNjZldm3o3ZuF3rvSDafx6ByP8PYMUxtLkFGlbzltEwzCs1zg2YyJ9-LJvbK_J7vWZvCdD2Cq4ngV4T7KRw09b2i1xw9zjEJXy4JNVOG1FlzB_qO4ETT0uVYPGCUcUNA7a2zqi0ZfynbVGjOD0HkeuOzQVBdtJIKlL2XaiIHQWx5blW57_Kv15BDSrCnksT7fQUnZ1kJOfmO3kIC5jpoUhzMDPyg0gwDKfDGViCMR6vxO2_5e9tXNAX_JSpgUyj24clJeb7nUwg8GzXwutvVVttDJewAVMW56ayzXWKVnyrMnvsH8UmO52dgccFajLhAEO-2dLBYxxA0z2kYlFsfmk68NAA6s8u6cPiClrrxWlIrsN6tmozxW126pivNGX-0pUgcv-IQ791a-x3U_unR4XR5I5dTy0EmvhJ160Q-OaOIqvgLFzCX1j3Wc45gmrpOBwKqkFjlp3QpxX4b31ldyGPAu03RBjttkFP00oQU0FmFdlPA2lyFPzGgNj26nfx-AtfX6DlbEO5lmpVcLc4TVJOJR6Yf2FFkCFqBF4vY0MjbjeMthEgccp5b3g6IIIGKgr6PvVtEd0mmMKjR6ZkJ9QXlJo0jqmQUJJv9JjlZgy9KqZSWw6hheRKZMOgZzs4nDKJq9nkJNmoI__WDp74i7pqgO9UCxH2-6hpe6lxoM_Fz3FvmyN-mrpfbkkdMQ5uJYYtw2punOzELKjvJ8d4xrwFRL76LKN9Qkos5Gw4AxNEsXsdWIemUINmCTcGfpVGx7cw1ASnLuEfcFPpYgeFK5vzrtZF6iIb6GpNqwl2z9k-QWgW81m_PF1kQ9NzpRxr1X6pihp9i1m96RH51bE2TAQYnJFmYoTsgl3MLhpQv6Tfv-AxwYdIFdPDd3npqwRm5-X0LpFOUK28VjCcAx3KYfbZTvrwvAHvCMAeJkv8KKDOvflLNsIURft6jAwLAp3ZhLyyC3OiWHVQBSgx2ML8nzGttJf0dxtQJNaPGAxkL7lYGR195_BgB7KabbHPcGot3ZrMKmUuTzdLAV9qBJq2Yj061IHiywH49CP0H930mzwmj7m4LzPEGG96r50aP2Odsz4Q6r8w6cqlpRJjIbeVq_zqiAmv5PpVKjSazljJML_ZpDB28kpVopDOExG8vUjP-RBvvoO8seejTF0WoDM2_Jhg0_lOTVygQDYVTEwtEWB2AaFJRH-M_umTzq3kpyGfdKpYOwUs3gEPPOjyU7gccc4DHbnvBNlzYQQLy011veHj_gyc6KbEslzm0XRjHDfuGVOpgRx0m6s7ZNEf8C4ZO0PmeeWzE6SqLg-UqLHO52icgnXJ1gJoEGymVKeXFUFKTBTwYuwcElE9T3d_qFYHAAQqyiub1SbDalHBvhCAxQLFscE5K5hU4vbZ_kKB2nJni0gS43baZlX4Ysg41fYk1L0sbheV6gfe4KEfmyvcu62Ix-g3UNSnpZbLYl90aLKVtbW4TPLTjfxndcZbwGlC4TeIRSVZPBR_Dy2kP-zNSvhYxLJkSvmne6lP8IIPCNxWbUW6K679VFT0WP5BhmCu85Hv9UKQXXHm7OKLu4fzU55XjZAKPSyH5X2CK7s2EYh2MJecj39vNddICY6b73WEhaCH4Ke6c73tXTLaLxSJ8s4wL2p6innl0PhcYiDuVacVH7P82909ZatIW17I1Q0EhGQaQmiL6XoukmaTR4lffu_esCawicQ-XJJfJF69UPGCLAe2QGg7VLmFn1pgMjjdFlcKwGsJbMBp5dbO97dqFE5-SGq0sbORL9uz4qSp6JkFkxFURSDdlv_1oHCXPpwpgAEFlzbaybousqyvGFbSV4O0cprrgIzwDFC2dcTfd_wwHg0MHciKeXGtzfqhxDFvE9XF6JSJxWHwFia3FLE6LWU3AwL0BNFE68A406T5j1jMCJaIYU07_l-Cukm87xW-jqsH5AEPYqYWXcNdh21OAtWgjbNjz7HMCjxyLUGO3afh_NIdNYXr5Ip0DLmVwC_gtAbzLdWvuAEOFnjRmYGS_AonmBFbyjr3Jb_Nz6n2wacpAGNZbgpCh6YiFYcY3Fbm1z3rXHY6BLTxJvm7N4PqPlCM94xpCV4M5x833K7mAZ6jbkktdwZJgrqQzK7cdhSvrhlKPvMAPoJrQEa4T1UoT0HAYX1dYgE_CSBwr72jPLDT93giVKl5wyBdaGHQ5q-oHUJpbB0lUUespENfW_sTQabMppig4247-IpsEyhOmL5-nRLjpn6q_U_WGlVHam3DHXBFkJyWS_85AfVZUzkeOcOTYcz3WWzqIFr27TzvY3eKFwJFYXwWofWb6Fs9cyZrzbCOUYl3pIfUtneJVfHau3hiAFHws8rerKL-EfEX4-F2c8lWw4HshbS6fAAoFTPNeWuo0-OCiBM_9BwA6XdQ__uz0XCSoi3waFQBE-RKgrHNbFyPCqw-hs2GbJYVhXgYOWi_dqqGJ1s-vz3P5t4NN-_gkgTNoDEaQEbGVfn9zSDQkU-M6cQptUfaoV9onxyq3kUeTunkZNn1yQzaBTRRYRuTKeJ_9M4A8pnl-r2ewPzuSvDfn4kvoYX_xtIZGQjtcJkRlwEiy4ueQ1R_4IzBAUSa_h46aTZRI7Pxv_3-hgxHFxeZKGoYqI3QmYPL7uxixqVDBtBf3jDD89azUYRJ1XwIMrh5n_R9TlWQnMxW_GXuO_iHilL79KFisM1fgGZE0V31_xim0voG2o1t4CkOyZiZXtx8xsIwGLjLQKQSbPpBy42ocqRfmKi3Fn6KNj7kmtOzY78DOWq58YrHBVcBkt9iHwxFNB6AcJAPS8RgVAf0NAO7NavSbD4UNfQut51mVn6MAErqCp-krjdjjqMz7fLj6RcUE8AWpnKV50ejdsPNmoXN9cwKvItN1vlb6yrr0CMzuowEHKIfSdi2hU5dIM8vGtE3sUvyAoBBgzntilS9h2h9HCt58mFfmCyegj8mJBQ8oVydG7uRyf63ax2jJhzVq1FfEFH46VzwjzZ6grdqZRi2NapnJ0svwlNvCrRT3bZmthBVSK5t81lGC6qbNqpgSg9fZYln0sB4rWUwKQ5yxNbuT_DK6PBcCkhqD2rHtTfo_wqnqYDvBLmdc57hnHntpV7Qf-9XyGRv_A7Xue4_clT0ZcUArZ6jSJ8KomeD7-LYi6KgzTq0b-Fm3MIsMnmZbeiPZVuBkDWCvTFelON2kogwWIfvWzDEitHUenwcZ9d56Weu3Q&cid=CAQSPADICaaN6rnV1u-5GxIZ-6jpOgiEdxL9-BwyBH-O9v76vCiZ1gghYH-RTiWwO_ImYbkEOM6HgPAq0UR6ORgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apkshub.com%2F&ds=l&xdt=1&iif=1&cor=15030478992588757000&adk=2013371551&idt=113&cac=0&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:51:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 928D 41 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTUzODUyNTI3OTczNgogIHNlcnZlcl9pcDogMTI2MDY2OTI1CiAgcHJvY2Vzc19pZDogNDE2MTE5OTU5Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTgyOTk5...
ad.doubleclick.net/ddm/activity/ Frame 928D 0
852 B 218ms
93ms Image
image/png 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTUzODUyNTI3OTczNgogIHNlcnZlcl9pcDogMTI2MDY2OTI1CiAgcHJvY2Vzc19pZDogNDE2MTE5OTU5Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTgyOTk5NQphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vbGVub3ZvLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAxNQpldmVudF9pbXByZXNzaW9uX2lkOiAxNjM0OTkyNjQwOTEzMDI2OTE2MQpkZWJ1Z19rZXk6IDEyNDg0NDI4MTc2Njk2MDM3NTEyCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wMiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODI5OTk1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzgxNzUyMzcxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMjU4ODEzNjM1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwNzg3OTYyMzQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTM0Njc1ODY4CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2xlbm92by5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9tb3Rvcm9sYS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9tb3Rvcm9sYS5jYSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x628fc887529b8c4b0000000000000000","13":"0x14ba70a379fdc5b60000000000000000","14":"0x2ae1ca022964a0e00000000000000000","15":"0x12f4ab7dc192d2fa0000000000000000"},"debug_key":"12484428176696037512","debug_reporting":true,"destination":"https://lenovo.com","event_report_window":"345600","expiry":"1296000","filter_data":{"14":[],"21":[],"8":["11829995"]},"priority":"0","source_event_id":"16349926409130269161"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 532C 640 B
262 B 71ms
70ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYhJGGvQEwAQ&v=APEucNUBsZlSSaKlxS31yOyEZRUQVWxzmNd4VscYugnq7xYTkygqQca014vOX9cI3qZVl0lINC_Evlt2-_YtVit79WTnv7qfHg

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:35:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D5B1 89 KB
31 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:25 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5B1 42 B
63 B 63ms
62ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A6KPmPmrPvO6eIoGqwlVcdJkM643ZVYpITSplyOOE51MaHECsltcueeX6tJODuzBdTZ3D2Pu407EzjxF_cDlqCSy3ThKeUhr-QLDjM_8yqp55uL7w

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5B1 0
20 B 68ms
68ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17612586581039860766&x=1&ct=77

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame D5B1 2 KB
1 KB 113ms
29ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4229544&sid=18330&dvregion=0&unit=300x250
Requested by: Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 07:41:51 GMT
Server: UploadServer
ETag: "4bec59ab2a9fb77e9ba1af294cf3504b"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Sun, 03 Dec 2023 17:35:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D5B1 3 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D5B1 20 KB
8 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D5B1 0
0 60ms
59ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaThVjstW_8smsRefS-C3_3XfQ3t8UcFFFVnmDJLE0rw2m9_i-dL5ONpPoCknk41b-LWqxDQVARasallIsAPMgaTLxszFg
Requested by: Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5B1 202 KB
64 KB 111ms
111ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:35:25 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/630/s1.adform.net/ Frame 928D 37 KB
17 KB 172ms
43ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=69706643;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C0EWD3GprZdHhGoGG7_UPh8avIKPk6Kx09cSQ2IMS4sm2m-JBEAEgk620fWD1hYCA_APIAQmpAocWcjmKQrI-qAMByAObBKoE-QFP0Av2J1RL0ypJKMNLTjDI-VvdE9KbDAsnYMP50ZwIs-X4ynf_0UPVV-Zpen92zx8LwUGprEkI5OffruIRYHgARbbn7rg0jYINqUcdu0a_OQMcUs2EXJgNxST_J323qsyMmfyc8Xkj9-rE1LoULjzI81HSrdc_VtFmXQw7YY2TC95FTVLKJpHUE8PwZnscXdJ6Y5WqmaBPZCHNGOFlfb8vq6CMOkVEV4GQu4CG2_IEBCQywKaAnr5n3Nkyyz1Jmxygk3706UO4PmOJcsyjuOQ5hzYb_KS8oWGwEqFsO--ip_itSqqkiHzkaUyKyMHx4pS2jjvb5mClDFjABLaNjcy6BOAEA4gF58O8uE2QBgGgBk2AB9PK9KsEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABGB0yAooCOgKAQEi9_cE6WLrIw_qk8YIDgAoBmAsByAsBgAwBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAqoNAkNI4g0TCPGpxPqk8YIDFQHDuwgdB-MLBLAT1PLTFdATANgTCtgUAdAVAfgWAYAXAegXAQ&ae=1&num=1&cid=CAQSPADICaaN6rnV1u-5GxIZ-6jpOgiEdxL9-BwyBH-O9v76vCiZ1gghYH-RTiWwO_ImYbkEOM6HgPAq0UR6ORgB&sig=AOD64_1pNxkgEiR59t4Fhdl4_y22xdofaA&client=ca-pub-7719500339410191&dbm_c=AKAmf-AJ6wSYLnRTsekJhkd6qsCW_zg8C3L3ojg41C4G0dJZHv3s4Fza3EUzFtEM9ablHiTu7dRZGIJhrH_kCR9O1EAfjqcrZp_X1B_hIrgSKfyEtO5_5PtLK6o27t9DnPJoHd41ndhBXnIqJnLyf1VxmkFttwQpwqNd0OiqIyEi5SAQyjN6C3c&cry=1&dbm_d=AKAmf-DGysJqfHn_8djJVcVBBNYStW5DO4TFkiHC_hOa6JEUVE1XkwnYFuzzosTatjh1oVkEBVU7Ax8EwZXmUu5cvdvZzDs_oMa-rDRoGmlU7UHF9Wewt1Oo3gAtwVa0CHhJZF9MY1pHnV4tUCIq9DBBGqeZ3fhNaZbL6pu74UHdfAVWW8HjNdMU-giy9IcHKmAxbvwPPGIxdWiv_CP7IyyG52Id_7M_OxFl-G-F9HcGfmHu2G6ZwDwz7aAJO--zk60A9gGA9jHmOTyqSqz8eVDz0w9m7DzGeoZ6WqOphbQ46TLkdRCd8J-4XUlPnYu9nElXZ6IyShTqtEp9PZvXCHorab_oQ-3vZvLr_oFILznwue8dB5e94ynPdHv3MxmbQsBjwVlnVwRvL8MiHR45E-xlPhxgkL187c8KSh3gWP5iXiYNAmcJfzvsvvP_T1vAcan0H4XEsSj8AYS9ZkfgnRO1OJj-UXVil0CZrhs8TAlcOC3EbAGOABOZ4FN3h2JzoHfRhR40ZGb2fjz4OTgYAwys8pgeXh2DOOfnhQl7smktxldal8paSXxT1dGH8pGAaF4UIZf20AwNCcCHIx8keFAzpM92WCGnRg&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: gzip
last-modified: Fri, 17 Nov 2023 10:42:02 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 18 Nov 2023 15:27:20 GMT

GET
H/1.1 204
No Content 73c1e1bfc3bde354d60b80e601ae3914.gif
cs.admanmedia.com/ Frame 7E30 0
176 B 5846ms
1296ms Image
text/plain 80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:31 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7E30
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZcOQwpa985xmnDWuNea4W439C0CU83Q

170 B
188 B

61ms
61ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZcOQwpa985xmnDWuNea4W439C0CU83Q

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZcOQwpa985xmnDWuNea4W439C0CU83Q
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E30
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=YXpHpSb83ng3QZR3QifiksztwZU6G8Malu8ug4b3tdA

43 B
479 B

120ms
120ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=YXpHpSb83ng3QZR3QifiksztwZU6G8Malu8ug4b3tdA

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ADW6N0EMFY3Y1VJJ524A
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=YXpHpSb83ng3QZR3QifiksztwZU6G8Malu8ug4b3tdA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7E30 70 B
148 B 52ms
49ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 7E30 43 B
443 B 38ms
36ms Image
image/gif 185.29.134.248
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1143 599e619 master cdg cdg-pixel-x10 config_version:"2120" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:25 GMT
Server: MT3 1143 599e619 master cdg cdg-pixel-x10 config_version:"2120"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Sat, 02 Dec 2023 17:35:24 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 7E30
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=2&uid=LPOC3RIX-4-J7RK&gdpr=0

0
340 B

29ms
29ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=2&uid=LPOC3RIX-4-J7RK&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://onetag-sys.com/match/?int_id=2&uid=LPOC3RIX-4-J7RK&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 579d6dd278f76ae39d067788043e4297
Expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 7E30
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
https://onetag-sys.com/match/?int_id=3&uid=84f5155833b72adc0b840d57bc3cc8d&gdpr_consent=&gdpr=0

0
340 B

30ms
30ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=3&uid=84f5155833b72adc0b840d57bc3cc8d&gdpr_consent=&gdpr=0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=3&uid=84f5155833b72adc0b840d57bc3cc8d&gdpr_consent=&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1701538525397021-501

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 7E30 42 B
840 B 32ms
30ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=Ot5T0Q2hRNAJT2WeZAcE-63L0ivngP9bVJ7MMzOPz6U
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame 7E30
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
https://onetag-sys.com/match/?int_id=107&uid=3589463590391086894

0
340 B

29ms
29ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=107&uid=3589463590391086894

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=107&uid=3589463590391086894
date: Sat, 02 Dec 2023 17:35:24 GMT
content-length: 0

GET
H3 400 711916.gif
id.rlcdn.com/ Frame 7E30 0
0 40ms
39ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2

200

/
onetag-sys.com/match/ Frame 7E30
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

0
340 B

30ms
30ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
date: Sat, 02 Dec 2023 17:35:23 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 157
content-type: text/html; charset=utf-8

GET
H2

200

/
onetag-sys.com/match/ Frame 7E30
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAn6iFtsf6DnRBmq98MstFs&google_cver=1

0
340 B

31ms
30ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAn6iFtsf6DnRBmq98MstFs&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAn6iFtsf6DnRBmq98MstFs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 7E30
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
https://ad.360yield.com/server_match?partner_id=446&gdpr=0&gdpr_consent=&bidswitch_ssp_id=onetag&bsw_custom_parameter=cc77a4b6-7e95-47ed-ba32-09569fa94366&r=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fd...
https://x.bidswitch.net/sync?dsp_id=446&user_id=ba99305a-3117-49d4-ba16-96cae3c64a39&ssp=onetag&gdpr=0&gdpr_consent=&ssp=onetag&bsw_param=cc77a4b6-7e95-47ed-ba32-09569fa94366
https://onetag-sys.com/match/?int_id=30&uid=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&us_privacy=

0
340 B

29ms
29ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=30&uid=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: //onetag-sys.com/match/?int_id=30&uid=cc77a4b6-7e95-47ed-ba32-09569fa94366&gdpr=0&gdpr_consent=&us_privacy=
date: Sat, 02 Dec 2023 17:35:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 200 setuid
u.4dex.io/ Frame 7E30 0
15 B 39ms
38ms Image
text/plain 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=onetag&uid=Ot5T0Q2hRNAJT2WeZAcE-63L0ivngP9bVJ7MMzOPz6U&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 515D 38 KB
13 KB 30ms
30ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 569805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 532C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFpfaHcpeynWzYh4X2lWdPs&google_cver=1

43 B
61 B

37ms
37ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFpfaHcpeynWzYh4X2lWdPs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYhJGGvQEwAQ&v=APEucNUBsZlSSaKlxS31yOyEZRUQVWxzmNd4VscYugnq7xYTkygqQca014vOX9cI3qZVl0lINC_Evlt2-_YtVit79WTnv7qfHg
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFpfaHcpeynWzYh4X2lWdPs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 532C
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmZmYzAzNTYtOWNlNy0yMTcxLWZjYjMtNWZlMjkwNTZkN2Fk

170 B
188 B

60ms
60ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmZmYzAzNTYtOWNlNy0yMTcxLWZjYjMtNWZlMjkwNTZkN2Fk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYhJGGvQEwAQ&v=APEucNUBsZlSSaKlxS31yOyEZRUQVWxzmNd4VscYugnq7xYTkygqQca014vOX9cI3qZVl0lINC_Evlt2-_YtVit79WTnv7qfHg

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmZmYzAzNTYtOWNlNy0yMTcxLWZjYjMtNWZlMjkwNTZkN2Fk
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame 532C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEMq-Wom92snkgYT1xY-tAms&google_cver=1

23 B
278 B

129ms
61ms

Image
image/gif

2.19.85.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEMq-Wom92snkgYT1xY-tAms&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYhJGGvQEwAQ&v=APEucNUBsZlSSaKlxS31yOyEZRUQVWxzmNd4VscYugnq7xYTkygqQca014vOX9cI3qZVl0lINC_Evlt2-_YtVit79WTnv7qfHg
Protocol: H2
Server: 2.19.85.30 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-85-30.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Sat, 02 Dec 2023 17:35:25 GMT
pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEMq-Wom92snkgYT1xY-tAms&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 532C
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDhmYmEwY2EtZGMwYi00YzE1LWEzZTgtNGQxM2FkOTYxYzY4

170 B
188 B

63ms
63ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDhmYmEwY2EtZGMwYi00YzE1LWEzZTgtNGQxM2FkOTYxYzY4

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: pekko-http/1.0.0
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDhmYmEwY2EtZGMwYi00YzE1LWEzZTgtNGQxM2FkOTYxYzY4
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Sat, 02 Dec 2023 17:35:25 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 515D 39 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 08:15:15 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5B1 0
20 B 63ms
63ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4758859299043&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5B1 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4758859299043&version=m202309260101&ct=77&x=1&cor=17612586581039862000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D5B1 20 KB
14 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbYhxrmdtS6MpPqizZJJVKKvZ7O4TO4ZxSYWnyp705dOqQhfgnCv2rXSD-hme_xhfdEc0ZIpD0dkGFQwmer8xklKbpWoaFo3jNaXqWb9h-rieZpgNfNoyJw4LBepktlxnCNTXnPSSZG6TbMkssrGbA67xJCRpMWaaTWixTnf0quNIO7Cs&cry=1&dbm_d=AKAmf-BKJzzwL4HGxIuMIjYIDIfDQMw8hq4pKQBTjLdWCwr-KKhXUyhCeXESvqRCjoCNFtobtdRmBjRwa9ws4nLEMmQrb1k4H28dQus-e4LjPcLp7LwtYHPQk-KaYQbALbt9X8OlReNeyzjfX_9WDDuEzZSjGECqAbyI53AmfWcbREXJEftOSYuQXRFzSMOb6DgPzzXv8wgge1A_XccHQK_VQm2RN5z-eejyn3HvSp_Ae2knPfAzUUnEOA7-nJiPMKZ3j-NCg9x02vtOsyzWwgJFGk_4aYBS9BLTNPY3pCR0IlBPw1aJ6DxAHo8H-L42v8zSvb0WrgjSR0quOXOf3OP1gUfy-z9WD_dohC-0zMR7b5KkwMZYqtQIlkXN59XTvVmr40Dbtp5MbrzN2dCXGN51F5WvhpXDRnMOGoDsFHrOfTABSS2jL0vaGtrRvKb4iFKpzk_ddPLtuQpaf8gi8Cul1-hqoLB20IwJmbTgmFshAGVN_kgW4OAiUPUWv1wp3Ppz5Zbb3WTRjRiSYejANtOW8Y5IqT-I9lnwwZ1mcHL4-woj7oFu1Ekp1KRj8VxIXUg2OI11NfWEvol73pH8TQS3gIkZQtD_JpiTHln_5T_e_oAYP1degAbQOAeQ8XhhMGRdoo9PjBRTxNzEA0ia2vjI8Z68J9c_H2wGsH7zPaJoYD_FOu0M_Se3kqcqfyIr83L4YykeAxa6jjXnmVfCAoR_SQm5lGdEq8oXEU5bsbxx6qwXadvruayEMsHxuCyCuaPUDUs0S4pmf4DAm5JonwYMRos553xw6M2LL-kCsfEcsUkCZLIazTk-rtwuqBYC9Im_kwFmm1PF0WsKqMRvBJUQN6w2Cs4IKqn_m1KJTKqRZhQUB_88gzYISMGg2iDQlUn-pwdZ9MFN3w4fiDKf6DiLIxYsctbVZySGfZusj3eECj4R1tpoWJFMvpnsjVyZ0ZkkbgCx7ryORGkQCqZ5fzaZaajB7pFx_tAbpZ_x8BdxPorgZq0RrWVLGMueOLSoYd47JT4DshS87Z6OkUAPXMkmRPo1i0VWu48KHmGFDKKvthKbwOYQBFSM4gWQqN-EZkmVmgyn2mKLbCZ3Gnmp7fV3gRzfjl4z2hmas92qBctgtIQgngh-XQv3I6w6K6EAQSh6jvoeFrrDdyGvQdTleTl-H0g_9RCOxchnxiyrYXmp2a9AIgR8zw06N5ds6S7IZkeVnBJNwvJlU8lSKCDyc6QMVdkjDOFvLcjEV9S-ok8H5x5N3t9k9_GcN8N2vQXfG7Z3GrP5kd0vrrzi5pjZ2CPGYbw-3RbFSV0rfomvgPL5taUYypfXyNG3NBsiGLAO6JBbljS4utkJCagHWyUkBNwPi6hvq-27rAUtrsPABxgFDrQp6_RST77wdj8Nq_UpsTOxG51ANqinR53YMUqrpECTram__lTqdhqRHntllUWMWNuSZiYiJaeXbtrHT9ivVzhH90rn65GJrM8JeQ7_79o4DYBnKXdWc9eP2K0fbn_SDJdW5Z_BTYffsyrBi1kBcCivnoHP2z4pd3Pls7MuzDyta8mDaosROaCx1l79uRM0o6W5yr18U4gNiwiIaJYkOMtY2UELrs_Y8HXnaWxFlzvFmrDiDNm_I0CghbnwgexBzTVZqJVtbypsQYYFtLVgJ0J5l6KpmteLNyKr0fIcWOBsivuQtVMu68nGNa1wD3aaSJGpPjuv9JoPaw71nnj1LdDak9_GxhzfvnzKYWtgS19cHIgwjts5-uSHpXcWKjiu3w7u_RjwwjyEP9Xpb1Cazgjko0Ky_wqmQwkSVYK4uQTMMubrS_z9H_rmAT5Z505sQ-D6ce1hirqgkwRO0XRAOletkIg4qtus59DePWNMJJycxvUTHNo76tFnFaCBs1bTpAUq11CxvcitFExB_uyDsOZ26GYcPHCNGqQgaxKLUwY7auykCJyAx1gdtHTojb-gjwEF5kwzK6lGH0K4YZ10QRjBh_cNxbGMbAXRxu5s9CPZOst2-uMdIWkPFqln8KmzHoZCcMmYX1AwVAD1a4y53K6S_o8nZTpTn-5L52V71SuvojGP-ICnHu5qmRRDlXJLY2e4Wav2LdxMJEYsWyT5R295T4K4LW2j031PPwy0BhD7ZGIVZKBiJ-_OfpFRTAEW3jtgJON4OV96Y5RpTDjSKdf1rqY-rPHM-2OmZAhF-JQN3Kqxeg2boyIRaFbpPyKhBB8d2YNOyKzf_SKAQgXjNt_DXgqna-WT-ximwcDmiLPc5mCzKwP0qggJ4xFJZeUWnZZ83_kovHO_S657uN41x9-WfQMykAA-40lOUjPgUzYYYKDlPd-ChfKAK9YV5914WomKM-1w-Qh6CeP5wlLOV1Ma0_eqhnsIlhYaVc8ZMVcB6TnHHSA7OZnT-dNKWQjJFBh_xGV0hEnC-oQSor5W2dR4HQFkQrZLjpYwKN6vD2gCZbgCUd2ZSzIt9Gz41KQ3ux4ykT5NLkSKtWW8fwxc6ikmdyhctT2tJq4LNjl2YV7arCmHf32DAhMaj1fQka1Fso2q6M4WbWVLdsd_v8-r9LRJ4ljc_cb3JJr45CGIloW1wF1kTUKd8KLyjckFkS0XaIS6Bj0yOHfgc5m0S56Jz4rLodW-DFk--Eap89v-b-wmz4qb2X6lldXwpQwKLFeyAVlCum1j7RZ3c8VByyfYWkHK_NkrWeCLPfVvWHX18ByyM142uyEUUR-9O9ger-UnBOx4XNAWaz93qwZakulRmE3XJ-Xgbg5ocqPHqbCh9B1I9VsE9johDUvDz0bQI413lHsYznOd_LU2mrpG1pLzXufrNhRTqIQj4_nCsKpstRYD5BBEZC6YR3NJFTc05Hph8JEfBRu3iK5T9BLScgj14PuPAmkUmeWI_C0teD_JayTGknRlkv37ljrVJG6_jmWM8xT-AviP3fbafxau1-S3SAsYytDcbo-gIhf2WPj-O7bhlNq7Uw4fWK3tILh0Xn3DL2uxowQ7QJm31qlteySVyAbpKE5KMaXt3-ycuuPX5zR0SRcJfQYF_uHNix7HEwu7324uc9Xm7FUHaKBfeVvzUVQarcAU3z8r6h46ZHgfKmvuxSt_ucPL69UbKOI5Rp-DvUgjH4li8Cp6_b-LJ6-9M1nfIuedhbsjI-xOm7x4AOh0xikbP6zj4T2lTgOy-uFv7fsO1mYlVdZGc_bZGdKNQP9vqkx0oeLntjUX0ZQQ-1bzEANGYXLmZ8ExcUKoC24w4v6CXhGvaNuE84WcEiRMuNwXh6JWuBbSiYQqhV5rGjvDDYoeNBchnSqndDRVdLf0aup0mVlgJ9FDfZN5pID1_uomQgGkPREZEElrWJcSfvKE3Rw3hQEiXJU5lNjeTKrDf2j_lqfIOrDSlgB7wloLeCsDd_eKI-Sjx9Rz7dTfvlgfb60C3QA_k8osKo4TZ6-QORRN7Qlh9uHsVQpwqyET2jI9kFSOliyxXkVFvu-M8MkVqptEO-j9O5u__6RysbfQWC4MlwYR_pqQW2svtqfFrqckh3aEJbt6IhfQTOG4k-Lsv9LCSyi9TaRWc6ydYIB_N4e3W7gi4y3pdfLHl3TOs2cJYFtfDiiE3UcgeXt8cQgKXKLZumOUiD2ytH1NQ1ZioWgr_GZ9m3-sF3qfrAmDhNPJpn2PqrHtVxVbo4zGtZRE-gOyHaxQHBuAn7Ys7kKeG-ZISXP0tOMEVuO5ipZvQCy0JcQiFFvyncZSkmNT1mGdhINb2oWIdfigc9od8LMpfJ9EAkqqosCXdjaZcV9_PHKr8otJk0NVAqYz4wxngGRAVTaifSALDLdzozZ2UG8ti1cbvkJv53mCqa4BsG6sFswWVKMNl8-sgK69K3JowFSQ4AVabAb8FKOYbgErfrXUcsGfhiDgMkrQvszII2bHkgB2Mq1as2hOthbr1U_lAb8Z7wL2Jei0s2OJ0M4pKrTVQa25x5EhCh7vzAIR-h6kkRAAcmF0ZxHUJgxoP2I5PfgJmSuH-R2KHPEPHjqO6W_PjJf9QtixoAjgs_BLP5rZuNG8QsNWBfvZoQgk7qUQeSQ7PUW9jKR0e7jl5yS-7vJ63GCRqQdb2Ag&cid=CAQSOwDICaaNpppoKWWRDkkpALMRn16b04M32x8MNBANultjdSRODl71B3s6YW8qfRXEHbslHp3njIFiqEnFGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apkshub.com%2F&ds=l&xdt=1&iif=1&cor=17612586581039862000&adk=4020099329&idt=123&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733d6fd23802fc23bcbfb3b52003d5440e0d70cfb7085dcd1e9891aa675ecfe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13935
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 515D 0
20 B 68ms
68ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bw1BI3WprZbiJEe3BjuwP7bubwA8AAAAAOAHgBAI&bg=!PzylPHPNAAY3kmNgF5I7ADQBe5WfOB7FcMBxdsQiGPulzZW8dvpqntsiSeTuMyBgHrKp3wqZyZj8TfVkdpc2193w9cmyAgAAADVSAAAAAWgBBwoAAuoUmQL9pjU7URB21GLMNo0fH7uLb_Uq6_RVtpkNJwcb_hdnyZK8bKzimi8unW9Vr2DEEKUdwpnPd6Azy3EJNNnByJl5WZnPBxuALch-74POasdvrk3SdmLZARihwdGXM3DL_jYEdymgOH9jlTiW4Ga2m3i827P9It1z65hoMxpo4gQ_-7TSDy3VgjVZ-DmAx9bShOPHnwlu3Zn4ewKz6SkdOVGVUftKHap7EDadk34_DuyJlDxyXqyqMu-bFeGgMSxNAa066G44WnYABipBP58TkUOrrEBMNoC8jlxKCKF9O-YOIq5k8uxB_QIdF_QMO_bpS4EgNXnYefpo6qWCUE3VIjx9KAnWNQrAkO4zBlrclWHRcCXsU-bU2JeQiKMR9L4CQ5bFpSyzfI6jKp7osUbucM1OLoQBqVuBSyAR08VWdUjUSU4F8YHO9vyTTK4PuXtMBF4M_S3kowgEKOGBaJCd9JbaBIdGdZIb1atyuzY7Um_j4sfe36-dMXXiYPSx6akiBxty-v6uWpMokP5K0r5fN6hG1PosByGkllCjL-B6WJ49LhzAs5uMiAKVFPAha2GoDjv5m4kOL74RSIQ9RW7jLGZXKNH6ntwv2H9kDpPuJInh1cmPLyPWRrLrdJVr9GaUsB_wvidhXq7_ioaX62-jG73lxBMjgYhYzIX5O_Z08S-GLPU132uOh1FQHRTSZ--qRzReChvBNh1q2FpKhHBxbgKUHTksvT1Zwe2IajtQrWbVXJrtzO5kKjDmlSdmqd0Wwy5ySluk4whp0cxnbYXdGLMzPYrGA7FXIAhU2dppN_FVirWfG5HQzv-HfVkqGBiS9BhhRsX1qo24DKd_SpnDnu7gZ0CG4loCjKOyYuE0UwyqyQvUbsuMghflH-Lz7IcGudnMSczbJu41gOXJDStPMB257pbKyFCCWqsSO8Xv9r5p7FQx1DXbOJZTzgvt_M36Z78mig9em58e-d4su_0HwlOXATcCpp_O7U0gBfverQcjdYnbTMy0cnzYMshRYHLz

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D5B1 41 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbYhxrmdtS6MpPqizZJJVKKvZ7O4TO4ZxSYWnyp705dOqQhfgnCv2rXSD-hme_xhfdEc0ZIpD0dkGFQwmer8xklKbpWoaFo3jNaXqWb9h-rieZpgNfNoyJw4LBepktlxnCNTXnPSSZG6TbMkssrGbA67xJCRpMWaaTWixTnf0quNIO7Cs&cry=1&dbm_d=AKAmf-BKJzzwL4HGxIuMIjYIDIfDQMw8hq4pKQBTjLdWCwr-KKhXUyhCeXESvqRCjoCNFtobtdRmBjRwa9ws4nLEMmQrb1k4H28dQus-e4LjPcLp7LwtYHPQk-KaYQbALbt9X8OlReNeyzjfX_9WDDuEzZSjGECqAbyI53AmfWcbREXJEftOSYuQXRFzSMOb6DgPzzXv8wgge1A_XccHQK_VQm2RN5z-eejyn3HvSp_Ae2knPfAzUUnEOA7-nJiPMKZ3j-NCg9x02vtOsyzWwgJFGk_4aYBS9BLTNPY3pCR0IlBPw1aJ6DxAHo8H-L42v8zSvb0WrgjSR0quOXOf3OP1gUfy-z9WD_dohC-0zMR7b5KkwMZYqtQIlkXN59XTvVmr40Dbtp5MbrzN2dCXGN51F5WvhpXDRnMOGoDsFHrOfTABSS2jL0vaGtrRvKb4iFKpzk_ddPLtuQpaf8gi8Cul1-hqoLB20IwJmbTgmFshAGVN_kgW4OAiUPUWv1wp3Ppz5Zbb3WTRjRiSYejANtOW8Y5IqT-I9lnwwZ1mcHL4-woj7oFu1Ekp1KRj8VxIXUg2OI11NfWEvol73pH8TQS3gIkZQtD_JpiTHln_5T_e_oAYP1degAbQOAeQ8XhhMGRdoo9PjBRTxNzEA0ia2vjI8Z68J9c_H2wGsH7zPaJoYD_FOu0M_Se3kqcqfyIr83L4YykeAxa6jjXnmVfCAoR_SQm5lGdEq8oXEU5bsbxx6qwXadvruayEMsHxuCyCuaPUDUs0S4pmf4DAm5JonwYMRos553xw6M2LL-kCsfEcsUkCZLIazTk-rtwuqBYC9Im_kwFmm1PF0WsKqMRvBJUQN6w2Cs4IKqn_m1KJTKqRZhQUB_88gzYISMGg2iDQlUn-pwdZ9MFN3w4fiDKf6DiLIxYsctbVZySGfZusj3eECj4R1tpoWJFMvpnsjVyZ0ZkkbgCx7ryORGkQCqZ5fzaZaajB7pFx_tAbpZ_x8BdxPorgZq0RrWVLGMueOLSoYd47JT4DshS87Z6OkUAPXMkmRPo1i0VWu48KHmGFDKKvthKbwOYQBFSM4gWQqN-EZkmVmgyn2mKLbCZ3Gnmp7fV3gRzfjl4z2hmas92qBctgtIQgngh-XQv3I6w6K6EAQSh6jvoeFrrDdyGvQdTleTl-H0g_9RCOxchnxiyrYXmp2a9AIgR8zw06N5ds6S7IZkeVnBJNwvJlU8lSKCDyc6QMVdkjDOFvLcjEV9S-ok8H5x5N3t9k9_GcN8N2vQXfG7Z3GrP5kd0vrrzi5pjZ2CPGYbw-3RbFSV0rfomvgPL5taUYypfXyNG3NBsiGLAO6JBbljS4utkJCagHWyUkBNwPi6hvq-27rAUtrsPABxgFDrQp6_RST77wdj8Nq_UpsTOxG51ANqinR53YMUqrpECTram__lTqdhqRHntllUWMWNuSZiYiJaeXbtrHT9ivVzhH90rn65GJrM8JeQ7_79o4DYBnKXdWc9eP2K0fbn_SDJdW5Z_BTYffsyrBi1kBcCivnoHP2z4pd3Pls7MuzDyta8mDaosROaCx1l79uRM0o6W5yr18U4gNiwiIaJYkOMtY2UELrs_Y8HXnaWxFlzvFmrDiDNm_I0CghbnwgexBzTVZqJVtbypsQYYFtLVgJ0J5l6KpmteLNyKr0fIcWOBsivuQtVMu68nGNa1wD3aaSJGpPjuv9JoPaw71nnj1LdDak9_GxhzfvnzKYWtgS19cHIgwjts5-uSHpXcWKjiu3w7u_RjwwjyEP9Xpb1Cazgjko0Ky_wqmQwkSVYK4uQTMMubrS_z9H_rmAT5Z505sQ-D6ce1hirqgkwRO0XRAOletkIg4qtus59DePWNMJJycxvUTHNo76tFnFaCBs1bTpAUq11CxvcitFExB_uyDsOZ26GYcPHCNGqQgaxKLUwY7auykCJyAx1gdtHTojb-gjwEF5kwzK6lGH0K4YZ10QRjBh_cNxbGMbAXRxu5s9CPZOst2-uMdIWkPFqln8KmzHoZCcMmYX1AwVAD1a4y53K6S_o8nZTpTn-5L52V71SuvojGP-ICnHu5qmRRDlXJLY2e4Wav2LdxMJEYsWyT5R295T4K4LW2j031PPwy0BhD7ZGIVZKBiJ-_OfpFRTAEW3jtgJON4OV96Y5RpTDjSKdf1rqY-rPHM-2OmZAhF-JQN3Kqxeg2boyIRaFbpPyKhBB8d2YNOyKzf_SKAQgXjNt_DXgqna-WT-ximwcDmiLPc5mCzKwP0qggJ4xFJZeUWnZZ83_kovHO_S657uN41x9-WfQMykAA-40lOUjPgUzYYYKDlPd-ChfKAK9YV5914WomKM-1w-Qh6CeP5wlLOV1Ma0_eqhnsIlhYaVc8ZMVcB6TnHHSA7OZnT-dNKWQjJFBh_xGV0hEnC-oQSor5W2dR4HQFkQrZLjpYwKN6vD2gCZbgCUd2ZSzIt9Gz41KQ3ux4ykT5NLkSKtWW8fwxc6ikmdyhctT2tJq4LNjl2YV7arCmHf32DAhMaj1fQka1Fso2q6M4WbWVLdsd_v8-r9LRJ4ljc_cb3JJr45CGIloW1wF1kTUKd8KLyjckFkS0XaIS6Bj0yOHfgc5m0S56Jz4rLodW-DFk--Eap89v-b-wmz4qb2X6lldXwpQwKLFeyAVlCum1j7RZ3c8VByyfYWkHK_NkrWeCLPfVvWHX18ByyM142uyEUUR-9O9ger-UnBOx4XNAWaz93qwZakulRmE3XJ-Xgbg5ocqPHqbCh9B1I9VsE9johDUvDz0bQI413lHsYznOd_LU2mrpG1pLzXufrNhRTqIQj4_nCsKpstRYD5BBEZC6YR3NJFTc05Hph8JEfBRu3iK5T9BLScgj14PuPAmkUmeWI_C0teD_JayTGknRlkv37ljrVJG6_jmWM8xT-AviP3fbafxau1-S3SAsYytDcbo-gIhf2WPj-O7bhlNq7Uw4fWK3tILh0Xn3DL2uxowQ7QJm31qlteySVyAbpKE5KMaXt3-ycuuPX5zR0SRcJfQYF_uHNix7HEwu7324uc9Xm7FUHaKBfeVvzUVQarcAU3z8r6h46ZHgfKmvuxSt_ucPL69UbKOI5Rp-DvUgjH4li8Cp6_b-LJ6-9M1nfIuedhbsjI-xOm7x4AOh0xikbP6zj4T2lTgOy-uFv7fsO1mYlVdZGc_bZGdKNQP9vqkx0oeLntjUX0ZQQ-1bzEANGYXLmZ8ExcUKoC24w4v6CXhGvaNuE84WcEiRMuNwXh6JWuBbSiYQqhV5rGjvDDYoeNBchnSqndDRVdLf0aup0mVlgJ9FDfZN5pID1_uomQgGkPREZEElrWJcSfvKE3Rw3hQEiXJU5lNjeTKrDf2j_lqfIOrDSlgB7wloLeCsDd_eKI-Sjx9Rz7dTfvlgfb60C3QA_k8osKo4TZ6-QORRN7Qlh9uHsVQpwqyET2jI9kFSOliyxXkVFvu-M8MkVqptEO-j9O5u__6RysbfQWC4MlwYR_pqQW2svtqfFrqckh3aEJbt6IhfQTOG4k-Lsv9LCSyi9TaRWc6ydYIB_N4e3W7gi4y3pdfLHl3TOs2cJYFtfDiiE3UcgeXt8cQgKXKLZumOUiD2ytH1NQ1ZioWgr_GZ9m3-sF3qfrAmDhNPJpn2PqrHtVxVbo4zGtZRE-gOyHaxQHBuAn7Ys7kKeG-ZISXP0tOMEVuO5ipZvQCy0JcQiFFvyncZSkmNT1mGdhINb2oWIdfigc9od8LMpfJ9EAkqqosCXdjaZcV9_PHKr8otJk0NVAqYz4wxngGRAVTaifSALDLdzozZ2UG8ti1cbvkJv53mCqa4BsG6sFswWVKMNl8-sgK69K3JowFSQ4AVabAb8FKOYbgErfrXUcsGfhiDgMkrQvszII2bHkgB2Mq1as2hOthbr1U_lAb8Z7wL2Jei0s2OJ0M4pKrTVQa25x5EhCh7vzAIR-h6kkRAAcmF0ZxHUJgxoP2I5PfgJmSuH-R2KHPEPHjqO6W_PjJf9QtixoAjgs_BLP5rZuNG8QsNWBfvZoQgk7qUQeSQ7PUW9jKR0e7jl5yS-7vJ63GCRqQdb2Ag&cid=CAQSOwDICaaNpppoKWWRDkkpALMRn16b04M32x8MNBANultjdSRODl71B3s6YW8qfRXEHbslHp3njIFiqEnFGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.apkshub.com%2F&ds=l&xdt=1&iif=1&cor=17612586581039862000&adk=4020099329&idt=123&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTUzODUyNTUyMzA5NwogIHNlcnZlcl9pcDogMTgyNDY0NTI3CiAgcHJvY2Vzc19pZDogMTg2MjkxNTc3MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUy...
ad.doubleclick.net/ddm/activity/ Frame D5B1 0
499 B 90ms
90ms Image
image/png 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTUzODUyNTUyMzA5NwogIHNlcnZlcl9pcDogMTgyNDY0NTI3CiAgcHJvY2Vzc19pZDogMTg2MjkxNTc3MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZG9iZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMjI3NDAxNTQ3NjMyMTI5Nzg5NQpkZWJ1Z19rZXk6IDE1Mzc5ODE0NjMwMzMyMzg1NjU1CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wMiIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDkyMTIyNTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMjI2NjA1NTUKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDczOTk0ODk2NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1Njg2ODYyMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM5NjQ2MjIxMgogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZG9iZS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mbGFzaHRhbGtpbmcuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZnJhbWUuaW8iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x6831198dd729bd8c0000000000000000","13":"0xe99dfe202e0ed7ea0000000000000000","14":"0x2af2c114511b30a50000000000000000","15":"0x1e2b1544589990220000000000000000"},"debug_key":"15379814630332385655","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"2274015476321297895"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal124.js Show response
cdn.doubleverify.com/ Frame D5B1 60 KB
20 KB 31ms
31ms Script
application/javascript 2a02:26f0:3500:d::1732:83c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4229544&sid=18330&dvregion=0&unit=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 07:41:53 GMT
Server: UploadServer
ETag: "36b6087525da09e8974d3f2aa1f7282d"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19649
Expires: Sun, 01 Dec 2024 17:35:25 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 928D 8 KB
4 KB 44ms
44ms Script
text/javascript 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=69706643;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C0EWD3GprZdHhGoGG7_UPh8avIKPk6Kx09cSQ2IMS4sm2m-JBEAEgk620fWD1hYCA_APIAQmpAocWcjmKQrI-qAMByAObBKoE-QFP0Av2J1RL0ypJKMNLTjDI-VvdE9KbDAsnYMP50ZwIs-X4ynf_0UPVV-Zpen92zx8LwUGprEkI5OffruIRYHgARbbn7rg0jYINqUcdu0a_OQMcUs2EXJgNxST_J323qsyMmfyc8Xkj9-rE1LoULjzI81HSrdc_VtFmXQw7YY2TC95FTVLKJpHUE8PwZnscXdJ6Y5WqmaBPZCHNGOFlfb8vq6CMOkVEV4GQu4CG2_IEBCQywKaAnr5n3Nkyyz1Jmxygk3706UO4PmOJcsyjuOQ5hzYb_KS8oWGwEqFsO--ip_itSqqkiHzkaUyKyMHx4pS2jjvb5mClDFjABLaNjcy6BOAEA4gF58O8uE2QBgGgBk2AB9PK9KsEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABGB0yAooCOgKAQEi9_cE6WLrIw_qk8YIDgAoBmAsByAsBgAwBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAqoNAkNI4g0TCPGpxPqk8YIDFQHDuwgdB-MLBLAT1PLTFdATANgTCtgUAdAVAfgWAYAXAegXAQ&ae=1&num=1&cid=CAQSPADICaaN6rnV1u-5GxIZ-6jpOgiEdxL9-BwyBH-O9v76vCiZ1gghYH-RTiWwO_ImYbkEOM6HgPAq0UR6ORgB&sig=AOD64_1pNxkgEiR59t4Fhdl4_y22xdofaA&client=ca-pub-7719500339410191&dbm_c=AKAmf-AJ6wSYLnRTsekJhkd6qsCW_zg8C3L3ojg41C4G0dJZHv3s4Fza3EUzFtEM9ablHiTu7dRZGIJhrH_kCR9O1EAfjqcrZp_X1B_hIrgSKfyEtO5_5PtLK6o27t9DnPJoHd41ndhBXnIqJnLyf1VxmkFttwQpwqNd0OiqIyEi5SAQyjN6C3c&cry=1&dbm_d=AKAmf-DGysJqfHn_8djJVcVBBNYStW5DO4TFkiHC_hOa6JEUVE1XkwnYFuzzosTatjh1oVkEBVU7Ax8EwZXmUu5cvdvZzDs_oMa-rDRoGmlU7UHF9Wewt1Oo3gAtwVa0CHhJZF9MY1pHnV4tUCIq9DBBGqeZ3fhNaZbL6pu74UHdfAVWW8HjNdMU-giy9IcHKmAxbvwPPGIxdWiv_CP7IyyG52Id_7M_OxFl-G-F9HcGfmHu2G6ZwDwz7aAJO--zk60A9gGA9jHmOTyqSqz8eVDz0w9m7DzGeoZ6WqOphbQ46TLkdRCd8J-4XUlPnYu9nElXZ6IyShTqtEp9PZvXCHorab_oQ-3vZvLr_oFILznwue8dB5e94ynPdHv3MxmbQsBjwVlnVwRvL8MiHR45E-xlPhxgkL187c8KSh3gWP5iXiYNAmcJfzvsvvP_T1vAcan0H4XEsSj8AYS9ZkfgnRO1OJj-UXVil0CZrhs8TAlcOC3EbAGOABOZ4FN3h2JzoHfRhR40ZGb2fjz4OTgYAwys8pgeXh2DOOfnhQl7smktxldal8paSXxT1dGH8pGAaF4UIZf20AwNCcCHIx8keFAzpM92WCGnRg&adurl=;js=1;adfxid=1x;6373;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Fwww.apkshub.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

39f62c7251e7c4d822f8ea2ce605cbdcb8f436f00d363bac9ea87c9d3e468c70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3859
expires: -1

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame B9E7 0
260 B 145ms
44ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BCCA 38 KB
13 KB 28ms
28ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 569805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame D5B1 1 KB
943 B 189ms
47ms Script
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_30518270182&jsTagObjCallback=__tagObject_callback_30518270182&num=6&ctx=1828362&cmp=115845&plc=4229544&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=30518270182&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=119&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=25&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=171&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D2A%3CD9F3%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D2A%3CD9F3%5D4%40%3ETar9EEADTbpTauTau7g4gdcf36h4b65_3c3g%602dddfcdg26dd%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=7.00&callbackName=__verify_callback_30518270182
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: eaacc861091ac18ec1b5fca350eaaf33e358b5ebef777581d6cfa58799197d8a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:25 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 12/01/2023 17:35:25

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 73F4 1 KB
643 B 28ms
28ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 24195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Sun, 03 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 928D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 023948a2c1ea4ff56862ee8c0088c8f14667c0de50b9422206ea488587d93f45

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame BCCA 39 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 08:15:15 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 73F4 43 B
452 B 193ms
191ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEHrWFWZYLXxIJuTT8V1MekA&google_cver=1&google_push=AXcoOmT50NiVsIQZfw2qh9gMN1NbUNkr9tdzqXMJN9XQv2qVmpJLOidBUdcRrZh3Uimc-NBudHJoQ0xP8qT6dC_Zpu1IhWr1OIBGGzVR&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT50NiVsIQZfw2qh9gMN1NbUNkr9tdzqXMJN9XQv2qVmpJLOidBUdcRrZh3Uimc-NBudHJoQ0xP8qT6dC_Zpu1IhWr1OIBGGzVR%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82f553898f44f0cb-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 73F4
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIr8tkXS5Tr85NMviEYBgHQ&google_cver=1&google_push=AXcoOmTc2gtJKPbSgwrQdEcFXnHzXKJPekh9L-dKndRj63_p8rKqwUvMotvnxVFZMXtXYfNvHYx7eQYrhXlmqcEj9DQDd2MzimooANmw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9F68658DE08F4C9D99328411EBF0F593&google_push=AXcoOmTc2gtJKPbSgwrQdEcFXnHzXKJPekh9L-dKndRj63_p8rKqwUvMotvnxVFZMXtXYfNvHYx7eQYrhXlmqcE...

170 B
188 B

61ms
61ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9F68658DE08F4C9D99328411EBF0F593&google_push=AXcoOmTc2gtJKPbSgwrQdEcFXnHzXKJPekh9L-dKndRj63_p8rKqwUvMotvnxVFZMXtXYfNvHYx7eQYrhXlmqcEj9DQDd2MzimooANmw

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 02 Dec 2023 17:35:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9F68658DE08F4C9D99328411EBF0F593&google_push=AXcoOmTc2gtJKPbSgwrQdEcFXnHzXKJPekh9L-dKndRj63_p8rKqwUvMotvnxVFZMXtXYfNvHYx7eQYrhXlmqcEj9DQDd2MzimooANmw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 01 Dec 2023 17:35:25 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 73F4
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEKH0RmPxS0RgU-kxHAIgdD4&google_cver=1&google_push=AXcoOmQC6mH9LcPU3_yl0i7P3bVzB1vEPEcw4PTLp3U3_P88ZiWJG9etdY2psz0iyuGMQ3YmMsPiJwq...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=OYSPDiXXTmKb9kxQKuVFBGVrats

170 B
188 B

61ms
61ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=OYSPDiXXTmKb9kxQKuVFBGVrats

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=OYSPDiXXTmKb9kxQKuVFBGVrats
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 73F4
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOhSd4n7qFR5aQZCAJfC-o8&google_cver=1&google_push=AXcoOmQ9ewJTIUrk4kNx7-tmacl-7L_kbDBMgtli2M5wG4Mr02_2Hg-io1Zd5DmBiIHytt5X86Q6Xa-9...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTYwMTg1MDQ0MjY4ODk1Mzc4Nw&google_push=AXcoOmQ9ewJTIUrk4kNx7-tmacl-7L_kbDBMgtli2M5wG4Mr02_2Hg-io1Zd5DmBiIHytt5X86Q6Xa...

170 B
188 B

61ms
61ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTYwMTg1MDQ0MjY4ODk1Mzc4Nw&google_push=AXcoOmQ9ewJTIUrk4kNx7-tmacl-7L_kbDBMgtli2M5wG4Mr02_2Hg-io1Zd5DmBiIHytt5X86Q6Xa-98x1IjAs0Gg39GBQibsKuk6r5

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTYwMTg1MDQ0MjY4ODk1Mzc4Nw&google_push=AXcoOmQ9ewJTIUrk4kNx7-tmacl-7L_kbDBMgtli2M5wG4Mr02_2Hg-io1Zd5DmBiIHytt5X86Q6Xa-98x1IjAs0Gg39GBQibsKuk6r5
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 73F4
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELkSqx8H-qKpXgR7Pm6YIJw&google_cver=1&google_push=AXcoOmRwiTKmxYWlwX6pUsXxvAz5QiB_2-BIY4giAND4FZURNeZVIga4YycxabC1Gf0Dw8AuqtsGHly5OhSQ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZetkt6gYlmH3vEJVtLmjRuh5tjf63tA&google_push=AXcoOmRwiTKmxYWlwX6pUsXxvAz5QiB_2-BIY4giAND4FZURNeZVIga4YycxabC1Gf0Dw8AuqtsGHly5Oh...

170 B
188 B

62ms
62ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZetkt6gYlmH3vEJVtLmjRuh5tjf63tA&google_push=AXcoOmRwiTKmxYWlwX6pUsXxvAz5QiB_2-BIY4giAND4FZURNeZVIga4YycxabC1Gf0Dw8AuqtsGHly5OhSQSQpQu7NRunkr4VwzgiYB

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZetkt6gYlmH3vEJVtLmjRuh5tjf63tA&google_push=AXcoOmRwiTKmxYWlwX6pUsXxvAz5QiB_2-BIY4giAND4FZURNeZVIga4YycxabC1Gf0Dw8AuqtsGHly5OhSQSQpQu7NRunkr4VwzgiYB
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET googleredir
googlecm.hit.gemius.pl/ Frame 73F4 0
0

GET
H2

200

report
sync.teads.tv/um/ Frame 73F4
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHHw5rc62y2r...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=OTJhMzU0YTUtNmZlNy00ZTcyLWE2NDUtNTI1NTUwYjRkNGVl&google_push=AXcoOmRRsNoOkIV_BtOfJHhbqlNxcuLipatT3H1Fy_6uJOL_xb1Q2FOuDbVbGjs_6eBW7...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

56ms
56ms

Image
image/gif

2.19.85.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Server: 2.19.85.30 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-85-30.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Sat, 02 Dec 2023 17:35:25 GMT
pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 73F4 0
12 B 60ms
59ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDYw_RxlyayLuX8bekbERRm8Kk-_juCxxIboC8EQznjsTwk79JbXH6ZBvy_v-gkdmIDvRndLE

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 Standard Show response
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 928D 85 KB
36 KB 57ms
57ms Script
text/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: cbe7865410512e11935fb2051abdfc3f1d10dc8936066df03ab42829b1d5f6b3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: gzip
last-modified: Fri, 17 Nov 2023 10:42:02 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 18 Nov 2023 15:27:21 GMT

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 6709 0
0 127ms
127ms Document
text/plain 67.202.105.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-105.static.steadfastdns.net
Software: 33XP011 /
Resource Hash

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
server: 33XP011
x-33x-status: 2020008

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BCCA 0
20 B 67ms
67ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BVjkc3WprZdn2H4_ggAe7raf4BgAAAAA4AeAEAg&bg=!ExClEF_NAAY3kmNgF5I7ADQBe5WfONq4DuaIlCSuSLkp7AlmHhT5tEGnRKZ747UuEyjjlqFaRpO5p8nBFKA9NHaJ8eQgAgAAAC5SAAAAAWgBB5kDAt9mclYB8hSuNjWqrfh616cHeodLdgWOKL-WyXj_jesMBAMTDAbdeGyvVeYN8b2BExuK3XI6fco_GAq6JqKXgaguGuSiFclEsmfR3I-vP_tnxjHgs6JBhGwKRlz3TSAiNWptwQJkVtT_h31XViOGO3KLlye2OyGTrPHF58YXHgaZt-ocsqlAIFo-FuLh5ny0etNvY8apXYpQrToWyZdetNhrIoihk1Oa7chtv7ws-vOVdnnDQX7RIvrLXOO5N5XDsBGfQ_9t04fUJZNIe8iicbsXstFiiedCJJnpJsDIHCFXCd-2Wp2LhYJiEsZ0ZGaHVQ3cn3pUhSygLX3blkkotJZd0uhTK54B3sqdA2wSo1O3VfKysVgyFz-0WobI6QjBA0lAyvtBdgFFCkDNHGl4Bu6iOoXc_iWtbtcfXAVDxkHLxzH3b92IhB_CyP1EiaenkkYZdnNL52by7TYLAsLFrvUlidVXw9UNFpOT5g3SirQYgQ1mmLlWcVIZGd1hDDiuo3ENcPCipxMW3zLsP7XZqSTQCHSHINJle-q4yf9rXAJ23gHSw1xqLe90-myVDH10Bg3u2RGvi87RSkFPNAvHyUjHZvZnuJJZmHx2IKvJb_rQTBV4n28gqOxFlhZGZnyf4YsQHigAPnp76LiHBvuBxxsJa0d7OI892tkVxyfQE7FJa9b9s9Q_O_zT_4b2SaUIQzPd-WopjTlWTiLJSzruX7p0Z90B4dJRp5OJXmNOUOLFD9bawdhGpjfedFpdMUpywMXsDXAG6oButdhaLzBuNcB3LJvn0BBHJVWYew0WAe6sikzj0zUbuzyy9cTPeHE0-_GqAAHnDOrxTUErKtJCJx07OfvpZMYTmTGWWEZqu9LyzyonvpvPYaGETaFJaqWfZQARoBVPOodCBWWLMfgD0GAP4ui7Ln5AZ5N8TzMfyVgsfI7wAzeF1jb0pmG5IbWntEsrzCsrcNpTDneTn3j4hzbYK_ZKihKeJckKkHWSRLmQp539RnsO2I8qudIDmhHKkCot

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 928D 35 B
626 B 43ms
43ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=69706643&csi=KFqoEsz-Y4cDfTVScKxd7bmC2URZvMznWQekj1QOJooJDwKV3Zer3KjVBls02CiokddqUetn11AOcxoZhuPu0t6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 61436558.jpg
s1.adform.net/Banners/61436558/ Frame 928D 40 KB
41 KB 57ms
57ms Image
image/jpeg 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/61436558/61436558.jpg?bv=1
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 39d4e15782db1b5f3a3b5330e050d2d1bd20d679ae1d133e07a2543b2e76985e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
last-modified: Mon, 20 Nov 2023 09:40:57 GMT
server: nginx
x-amz-request-id: tx000003d3566fe05248180-00656ab9d4-3295f919-default
etag: "e0b73245fd470b9c3b5784306562d968"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 41440

POST
H/1.1 204
No Content bsevent.gif
rtbc-ew1.doubleverify.com/ Frame D5B1 0
345 B 86ms
37ms Ping
text/plain 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=c01ed6d6cfbc4435a4698bcd114c2959&vfdur=190&cbust=1701538525805888
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:25 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-12-01T17:35:25

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame D5B1 18 KB
8 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 02 Dec 2023 17:48:29 GMT

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame D5B1 59 KB
23 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 12:23:27 GMT

GET
H2 200 B9689862.280410797;dc_ver=99.292;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=4149170;ord=7bk7wg;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.apkshub.com%2F$0;xd... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame D5B1 67 KB
30 KB 91ms
91ms Script
text/javascript 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=4149170;ord=7bk7wg;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.apkshub.com%2F$0;xdt=1;crlt=4Jaha3w*s6;stc=1;chaa=1;sttr=67;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

af3809589419defde5846dd75f78d2899781b5ca7116647978a90ec9402f01d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30691
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK EBYXd_UiIbnwVRNmRLEsE28fTOEZkSTFa5KdoXuBqRvh8D_Jj1_cqBOQjRxbExem72MfYCSPd-FixVk7Xe1tJkGifxj0NlJak9EXwDnVYokhlFPDP2UEdDNohbnQK7XIbPB_8_6GyxxG2FFWS19VLB4KoUqPAXfBEApLM3wS2WORFj4_jiGUqMdJD-4zVWtvD5fxy...
pdc.bidswitch.net/groupm_vimp/ Frame 15E5 43 B
220 B 198ms
32ms Image
image/gif 18.153.147.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdc.bidswitch.net/groupm_vimp/EBYXd_UiIbnwVRNmRLEsE28fTOEZkSTFa5KdoXuBqRvh8D_Jj1_cqBOQjRxbExem72MfYCSPd-FixVk7Xe1tJkGifxj0NlJak9EXwDnVYokhlFPDP2UEdDNohbnQK7XIbPB_8_6GyxxG2FFWS19VLB4KoUqPAXfBEApLM3wS2WORFj4_jiGUqMdJD-4zVWtvD5fxy__j_FTppoXyednY409yeQjBFZcAbFBXZmsh3LxqIG89Ox383rHQE0_LkDyzm_EwMqzp6BNp8WIstsuHIE8wUN9pRXllNWDeVjR_B8HvXgxhW8YzLVwmf_D6_0NQfsnH6xVaaVPsUtLJYo6NacaUgpF0d7yaAoWly35dwUJb1K3H7tnyVD9fQSXE-fhqepRpJDJRCuoqr1zTel3Q99xRMx_aiSIL-XyTECvjRzbMpKDQXu9TYkFUHyggnjba8klPlUc-kvA2VWIaOdTfKBzcMPsVo3EoY4Q
Requested by: Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.147.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-147-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK EBYXd_UiIbnwVRNmRLEsE28fTOEZkSTFa5KdoXuBqRvh8D_Jj1_cqBOQjRxbExem72MfYCSPd-FixVk7Xe1tJkGifxj0NlJak9EXwDnVYokhlFPDP2UEdDNohbnQK7XIbPB_8_6GyxxG2FFWS19VLB4KoUqPAXfBEApLM3wS2WORFj4_jiGUqMdJD-4zVWtvD5fxy...
pdc.bidswitch.net/mrc_vimp/ Frame 15E5 43 B
220 B 197ms
31ms Image
image/gif 18.153.147.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdc.bidswitch.net/mrc_vimp/EBYXd_UiIbnwVRNmRLEsE28fTOEZkSTFa5KdoXuBqRvh8D_Jj1_cqBOQjRxbExem72MfYCSPd-FixVk7Xe1tJkGifxj0NlJak9EXwDnVYokhlFPDP2UEdDNohbnQK7XIbPB_8_6GyxxG2FFWS19VLB4KoUqPAXfBEApLM3wS2WORFj4_jiGUqMdJD-4zVWtvD5fxy__j_FTppoXyednY409yeQjBFZcAbFBXZmsh3LxqIG89Ox383rHQE0_LkDyzm_EwMqzp6BNp8WIstsuHIE8wUN9pRXllNWDeVjR_B8HvXgxhW8YzLVwmf_D6_0NQfsnH6xVaaVPsUtLJYo6NacaUgpF0d7yaAoWly35dwUJb1K3H7tnyVD9fQSXE-fhqepRpJDJRCuoqr1zTel3Q99xRMx_aiSIL-XyTECvjRzbMpKDQXu9TYkFUHyggnjba8klPlUc-kvA2VWIaOdTfKBzcMPsVo3EoY4Q
Requested by: Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.147.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-147-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK W3xIVQEoXPwmdqjDRhyCUf5FZUN5UIWGzmLchQHKfMxKvI1qyGXE-Lh1IrwYcfvkKB082Ix57dYv907s72EKZpQKAWgLL9XFgB8TaGB1RqqB8QNjGJDvG36sTzGc6QHOTpJCOj3gMhPhK7gVOaDoAfoVYONTbj4XpjZC4Gt4NkO1hnAE9PKdfXBcHSNan0KWjRTmk...
pdc.bidswitch.net/mrc_vimp/ Frame BC07 43 B
220 B 140ms
31ms Image
image/gif 18.153.147.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdc.bidswitch.net/mrc_vimp/W3xIVQEoXPwmdqjDRhyCUf5FZUN5UIWGzmLchQHKfMxKvI1qyGXE-Lh1IrwYcfvkKB082Ix57dYv907s72EKZpQKAWgLL9XFgB8TaGB1RqqB8QNjGJDvG36sTzGc6QHOTpJCOj3gMhPhK7gVOaDoAfoVYONTbj4XpjZC4Gt4NkO1hnAE9PKdfXBcHSNan0KWjRTmktksKIgGSyWDKWU_cep_U5YzUWsfeAjfEuMxPbp0wXg-MBdvZZQSgEgXc6SXkL63RxUTywqm1kO0KRAgDzNKr4VI8YDI8LfsgnHDQtZDL6LzfDtiOdgZ0xeUhWoQlETr9t219jLM4ryuEnH1UcBeqZ8IlfziXbpMZh98iYju2g-wYtbvd7dMAaum9BF5evxbB3c50iaZSODECwD0RW9q5BYUHsKeyKUvPYVuiKTR7xr3GHSlqdVPhJ5VzADh6nMMMegmMQwgCKRSkVWropB6HWgs0t1_zFM
Requested by: Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.147.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-147-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK W3xIVQEoXPwmdqjDRhyCUf5FZUN5UIWGzmLchQHKfMxKvI1qyGXE-Lh1IrwYcfvkKB082Ix57dYv907s72EKZpQKAWgLL9XFgB8TaGB1RqqB8QNjGJDvG36sTzGc6QHOTpJCOj3gMhPhK7gVOaDoAfoVYONTbj4XpjZC4Gt4NkO1hnAE9PKdfXBcHSNan0KWjRTmk...
pdc.bidswitch.net/groupm_vimp/ Frame BC07 43 B
220 B 171ms
29ms Image
image/gif 18.153.147.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdc.bidswitch.net/groupm_vimp/W3xIVQEoXPwmdqjDRhyCUf5FZUN5UIWGzmLchQHKfMxKvI1qyGXE-Lh1IrwYcfvkKB082Ix57dYv907s72EKZpQKAWgLL9XFgB8TaGB1RqqB8QNjGJDvG36sTzGc6QHOTpJCOj3gMhPhK7gVOaDoAfoVYONTbj4XpjZC4Gt4NkO1hnAE9PKdfXBcHSNan0KWjRTmktksKIgGSyWDKWU_cep_U5YzUWsfeAjfEuMxPbp0wXg-MBdvZZQSgEgXc6SXkL63RxUTywqm1kO0KRAgDzNKr4VI8YDI8LfsgnHDQtZDL6LzfDtiOdgZ0xeUhWoQlETr9t219jLM4ryuEnH1UcBeqZ8IlfziXbpMZh98iYju2g-wYtbvd7dMAaum9BF5evxbB3c50iaZSODECwD0RW9q5BYUHsKeyKUvPYVuiKTR7xr3GHSlqdVPhJ5VzADh6nMMMegmMQwgCKRSkVWropB6HWgs0t1_zFM
Requested by: Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.147.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-147-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame D5B1 11 KB
4 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=4149170;ord=7bk7wg;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fwww.apkshub.com%2F$0;xdt=1;crlt=4Jaha3w*s6;stc=1;chaa=1;sttr=67;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:58:01 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D5B1 0
0 66ms
66ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6tUgOAKNRJcni5sA4XnhjmIR4kDByCEvUOdX0fIrfg4Wv1kJFSrPmKsUlhFSRVCIOwX_pPJNwlEeVNnuEM5c5x3ASOhpWc0sQstyfiyh3euB26WNZVM4IBYqSka3e6OxQJQ6rC_axfawQRpPMqUv1nDvD9ITBo3IP7vY&sai=AMfl-YTtpKkhamjNyu_inCfIlLxEZZU2fUHvVRA_u8CyKxRc06IkT8D7T9oDNzTc37Ot_IvSNSPuyW5V3lh8lOE6fg8TjDhpo447JGhbtw&sig=Cg0ArKJSzIJFDiYa3v9nEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231129.70553&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 12224131752392196093
s0.2mdn.net/simgad/ Frame D5B1 144 KB
144 KB 30ms
30ms Image
image/png 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12224131752392196093

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

sffe /

Resource Hash

e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:48:30 GMT
x-content-type-options: nosniff
age: 107216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147304
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 20:18:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Nov 2024 11:48:30 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1B08 38 KB
13 KB 28ms
28ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 569806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6DF3 1 KB
643 B 28ms
28ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 24196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Sun, 03 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D5B1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f19885a294553a5d41046c55e14e55bfe48c1d5705a32cd04b4c1e3a6d923f67

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK vu3DwdNgISO_EMjpLrtuVY5jDCE8V3GacjCrFGO_UbPsHr-uqi4WMwLt1TDwldLTLg4xv8Neb-JjvRRpwF66U75dvssMvZ4mSQkdmTHnmKxgr-fuFUeLpTOiryy5S3MfG4qsJRb4DaJWNYbjP4t_KwBvUDBcjOUtqYzcXYI8RnE9GXSAc97R8_d1EDqBQT3iKmpZ6...
pdc.bidswitch.net/mrc_vimp/ Frame ACA5 43 B
220 B 77ms
30ms Image
image/gif 18.153.147.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdc.bidswitch.net/mrc_vimp/vu3DwdNgISO_EMjpLrtuVY5jDCE8V3GacjCrFGO_UbPsHr-uqi4WMwLt1TDwldLTLg4xv8Neb-JjvRRpwF66U75dvssMvZ4mSQkdmTHnmKxgr-fuFUeLpTOiryy5S3MfG4qsJRb4DaJWNYbjP4t_KwBvUDBcjOUtqYzcXYI8RnE9GXSAc97R8_d1EDqBQT3iKmpZ6rutaWAVEW3fkwrkb6pbwu8p3k3y6Nt1J_AQw4CBFsxlf0D74LK6urFVaj50NHxx4gWU7AuH_JWwtjdL3Z-JEFC1nkchuiyEW4DjH3ou0jKEa3Xtjkmfv4VT1VmJYc_oEmZt0CBXruYBE6UgSjmcBDjG1glfEv0_BXexohD3IlTRWudf2b3F_mfidldBgni9FcxYrrsLNDSOybM3ak53YrxMF_VyNBZuEPpXgcgKOc-2tTdZbVOJRcf2rJhpIPd3ET8WqECaMPd-1JG976-rYgRw6RmcNFE
Requested by: Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.147.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-147-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK vu3DwdNgISO_EMjpLrtuVY5jDCE8V3GacjCrFGO_UbPsHr-uqi4WMwLt1TDwldLTLg4xv8Neb-JjvRRpwF66U75dvssMvZ4mSQkdmTHnmKxgr-fuFUeLpTOiryy5S3MfG4qsJRb4DaJWNYbjP4t_KwBvUDBcjOUtqYzcXYI8RnE9GXSAc97R8_d1EDqBQT3iKmpZ6...
pdc.bidswitch.net/groupm_vimp/ Frame ACA5 43 B
220 B 77ms
30ms Image
image/gif 18.153.147.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdc.bidswitch.net/groupm_vimp/vu3DwdNgISO_EMjpLrtuVY5jDCE8V3GacjCrFGO_UbPsHr-uqi4WMwLt1TDwldLTLg4xv8Neb-JjvRRpwF66U75dvssMvZ4mSQkdmTHnmKxgr-fuFUeLpTOiryy5S3MfG4qsJRb4DaJWNYbjP4t_KwBvUDBcjOUtqYzcXYI8RnE9GXSAc97R8_d1EDqBQT3iKmpZ6rutaWAVEW3fkwrkb6pbwu8p3k3y6Nt1J_AQw4CBFsxlf0D74LK6urFVaj50NHxx4gWU7AuH_JWwtjdL3Z-JEFC1nkchuiyEW4DjH3ou0jKEa3Xtjkmfv4VT1VmJYc_oEmZt0CBXruYBE6UgSjmcBDjG1glfEv0_BXexohD3IlTRWudf2b3F_mfidldBgni9FcxYrrsLNDSOybM3ak53YrxMF_VyNBZuEPpXgcgKOc-2tTdZbVOJRcf2rJhpIPd3ET8WqECaMPd-1JG976-rYgRw6RmcNFE
Requested by: Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.147.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-153-147-252.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 15E5 42 B
64 B 125ms
67ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_zkmCcFoW7fJe_BO8O1QoDrqHGuGBJRsjxtx5UiNA-DV5NtiXYoM4bU4EkbzT2xmxTU4ZwBZL-Ljf6fE0iFEuD7TA6knPh3FdehueeB3l6hEWSeFf3ZX0CNc2&sig=Cg0ArKJSzJHTzSkWr9CiEAE&id=lidar2&mcvt=1021&p=0,0,90,728&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701538524486&rpt=621&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/iv-v4/ 0
502 B 164ms
164ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-TtZTUerU-tqBM-PBrY-Marw-wMZwAwZPtPyZRqxeNRwNcso_YYRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNUMKZZRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66169wNQDHkiJNmFInDOsTpEDBtWb%2BwD9g%2FjAG67kUgzK2Mru%2BDjQvUR%2FCb2xV4UERnUiZnWHvw1oKJrjnjnRsKZizQ1LoxzaS0ft%2FxQFb3YYshqzYqOHqTPQFls4CTG%2BTsIp3pAq613OoH91QX1UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5538c7a63ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 cc.jpeg
px.vliplatform.com/iv-v4/ 0
501 B 173ms
173ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-ZMByTKUr-TAPw-PTUM-wweM-UTZyrrMKPUKrRqxeNco_TUBMTUMKZY_YRwNekoztgRlmNKYMbaARdzNwqfftkRrdzNRmNUMKZYRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2MhL9gT9jhkUdP%2BkmyMoeIcofXXNiOLFVHLWtwdthJ6HlnZXtRdMXrFf4AAfrl1YzeyYRpWRk3qlfZ5Ehm5rOD5usO%2BJgbAjK%2Bd9MwSfK%2FC8c0FlKiFovggj9IZG9GMjfiiZEGjYXIk%2BcZ9wwHXEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5538c7a66ba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 i.match
a.tribalfusion.com/ Frame 6DF3 43 B
667 B 319ms
318ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEE-YCxEVwlc2PkEXEM40djk&google_cver=1&google_push=AXcoOmT8V2Rpc0o3-NhLfiH0vINq55w4ZvFA6qx88vAg5g6xlJOCyFfAvzzPUoGv4xrKpWhgdxsX1Fkm7GPW7j4cvUpV-UItHkDOQ0o&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT8V2Rpc0o3-NhLfiH0vINq55w4ZvFA6qx88vAg5g6xlJOCyFfAvzzPUoGv4xrKpWhgdxsX1Fkm7GPW7j4cvUpV-UItHkDOQ0o%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82f5538c7c3f3c81-CDG
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6DF3 70 B
148 B 51ms
49ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIV1n8WkaNh9H2UOCe6hGK4&google_cver=1&google_push=AXcoOmQ4oZgNDXy6NlTkIwV97pLkxHREZu4WSSVp-zrCed3dpzM4-cgoeod9JZUfAL1_szA7scZ7VBhnstaqrT5UjOg2UzDpr9UpM10
Requested by: Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6DF3
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEIkLTGMUQ0apo4sGlr7M0aw&google_cver=1&google_push=AXcoOmSHuK4ekQaiAAkfjAmpNUUUVtdwrh61YXO__tQ8ltD2_SvENsnG7b9va2o38Qrxyfee1_DaBZKhb1x2ju_B6AIoTz9wt...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=859583548143&us_privacy=1---

170 B
188 B

61ms
61ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=859583548143&us_privacy=1---

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=859583548143&us_privacy=1---
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6DF3
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDLhdweFlX5H6JFbwQs2NqU&google_cver=1&google_push=AXcoOmSe4janqNRDoRQsqIxxBmLjgqhktaxkrYawqDkPkUH7xY5Y_8zxqfS1DJq-Ef6_5qQeXKUMUoCuY7WPp_C...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=w0SheZI2Xk5mBkU8GEz5-rnDR90&google_push=AXcoOmSe4janqNRDoRQsqIxxBmLjgqhktaxkrYawqDkPkUH7xY5Y_8zxqfS1DJq-Ef6_5qQeXKUMUoCuY7WPp_...

170 B
188 B

61ms
61ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=w0SheZI2Xk5mBkU8GEz5-rnDR90&google_push=AXcoOmSe4janqNRDoRQsqIxxBmLjgqhktaxkrYawqDkPkUH7xY5Y_8zxqfS1DJq-Ef6_5qQeXKUMUoCuY7WPp_CQt1pWaXzIwPix8lo

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=w0SheZI2Xk5mBkU8GEz5-rnDR90&google_push=AXcoOmSe4janqNRDoRQsqIxxBmLjgqhktaxkrYawqDkPkUH7xY5Y_8zxqfS1DJq-Ef6_5qQeXKUMUoCuY7WPp_CQt1pWaXzIwPix8lo
Date: Sat, 02 Dec 2023 17:35:26 GMT
Connection: keep-alive
Content-Length: 245
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6DF3
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEDoAI4K8E9TQm6gfavKJcxQ&google_cver=1&google_push=AXcoOmTBs6HrYQJJbtd01Wdb3Yy7HzTfKnmRJaCRMhG3-UjZwc-7T2mDDfuzR7pwQBvwrT0YuUiM1Ai2hjNciv9Giltb6T-uw...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTBs6HrYQJJbtd01Wdb3Yy7HzTfKnmRJaCRMhG3-UjZwc-7T2mDDfuzR7pwQBvwrT0YuUiM1Ai2hjNciv9Giltb6T-uwLX7ED6j&google_hm=9d9fcb00fa...

170 B
188 B

63ms
61ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTBs6HrYQJJbtd01Wdb3Yy7HzTfKnmRJaCRMhG3-UjZwc-7T2mDDfuzR7pwQBvwrT0YuUiM1Ai2hjNciv9Giltb6T-uwLX7ED6j&google_hm=9d9fcb00faa355bb2myzw400lpoc3rpb

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmTBs6HrYQJJbtd01Wdb3Yy7HzTfKnmRJaCRMhG3-UjZwc-7T2mDDfuzR7pwQBvwrT0YuUiM1Ai2hjNciv9Giltb6T-uwLX7ED6j&google_hm=9d9fcb00faa355bb2myzw400lpoc3rpb
date: Sat, 02 Dec 2023 17:35:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6DF3 0
12 B 59ms
59ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L1TOzeV-YeBLHLuJz7ZF_yCMFLtXfdO5LA5ElKwffTa-rz3ljvPaF1iIH5

Requested by

Host: f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
URL: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D5B1 0
0 67ms
67ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6tUgOAKNRJcni5sA4XnhjmIR4kDByCEvUOdX0fIrfg4Wv1kJFSrPmKsUlhFSRVCIOwX_pPJNwlEeVNnuEM5c5x3ASOhpWc0sQstyfiyh3euB26WNZVM4IBYqSka3e6OxQJQ6rC_axfawQRpPMqUv1nDvD9ITBo3IP7vY&sai=AMfl-YTtpKkhamjNyu_inCfIlLxEZZU2fUHvVRA_u8CyKxRc06IkT8D7T9oDNzTc37Ot_IvSNSPuyW5V3lh8lOE6fg8TjDhpo447JGhbtw&sig=Cg0ArKJSzIJFDiYa3v9nEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=103&vt=11&dtpt=102&dett=2&cstd=0&cisv=r20231129.70553&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B08 39 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:15:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 08:15:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 681A 0
0 190ms
88ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8tb8pP-YRTYlD24FjWbZxArbfLqWLh4j8t_fY8iPgZXtMtTTdAW-hcG76T7EstV5zsySNg2_NyacINGpmWwQmHsZU9BYetTeL6fqe0ULd1rBjma17rjmyOd0bPHoMhlBBwptlhYK1IBYInkoCeLjOGOK19BDoGSeDOlOCkOCEbKG9QqID0FuAFoq2sl4NvlmcwdWG-IzZfKpKXm9b6l4wdhcOqeRPa0BVtSj2DHFE9in0tbPGGAOETNh003xiSO-_wNfntFqsTDWRGV-LZmUt-DfIBzx5BEuPhuIUJj-3eoXvcXlouspoMg3YkPCDWb-Jenv1PbhlwkrBjAJB28AxHUFRZNSvc1DwJxz59Ir-AM61zhZZg_uA9p4&sai=AMfl-YRtZBmK3GxXIdX1UpSRZd-pZVBOoMTA2s_5C6L6xoHEVWZJa1LYDzLKKmBB6HANSqR0S84hJ20O_EwVbc3gtXsyc6z6JJQZ3kOdAH9OThS5v_V5WSi-rwXTD7PS_C5oiuEVwfRoex8Dew&sig=Cg0ArKJSzP9WalVOiUCJEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 17:35:26 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BC07 42 B
64 B 68ms
68ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZWcV8IX6d3txMZXb1nB_xIZS5gAVTO9GcJgWVcgKgDFPaiVEeewHtFXVAhwvONePAQsyytoj4CyDZgYp6hmHKQv3WhPRMaDZPJRSejP3qzn_E-xY6p8zvAuU5&sig=Cg0ArKJSzO04srqFGV4_EAE&id=lidar2&mcvt=1013&p=0,0,90,728&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701538524589&rpt=606&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 543F 0
0 158ms
89ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzmPkqY3fkXhdsltWyxKYRuMfTSNszqCmM-EqbhMGmNUFEjeKa1fsQYW5cxRg-pXDjIjNOImFfiW-YiF6h0XJP_l6b80VHCaxTC3UhGYImsGDnMqZnE_q_ID1wvOusBrKOEm15eb6w-rwEKaxm2yCrHMZoB7NDMT5XPJ1u1_xVsErfgkloD3Ifra9WOvYAT9LN6glUKJXqvg6Pxgxz-ZTC5Lu1y4WVfPw2Xtji8xaMY1slYCXXNmTcIwETkn16WEgczsF_JCVc4L4OkNOIVkTud82oTc6YYpEkvMhQTunP5I8YYXL2mF-XfWRiGwcocf8E93tsm54gZsNmKSBcGSRI_FwmJCHp0P5Ns4Ld-2WPw5vpg_4g8iwwIXE&sai=AMfl-YS7zRQQFTwkl7lzL2qLtgXO5kP0x4TUzAJ9nJqynkVyOQIOtQs1p2VoZnC_zZETZtzfkTh91g4YdSaY4qgNTFNyOtK3uJ8hz6h1vA2TcMmtYDehaS7hD9kIaXIEOcXjyiP9uOTL_Eqhjw&sig=Cg0ArKJSzHae8qtwi2n-EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 17:35:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7ED0 0
0 154ms
88ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKPRLFE5gFCK0psxSj20TwFk1RLk8oJ8NtnhDORfR0-Mpk65Fon_lOEdzPOD_dKTwX6PzUOIyaoAjaiHr412gsbPWELKGhNbsCFU8pkotQlME6yTh2vAcqR1WiJQoHcTzsMVh5ozL1YjPxmaS5AFHX_m8lM3eYw1nCpkgbXmzyehbPMcNaVxXC3g5zPjQrP0k1rWFrBuAJiYHjlod2lkyXiGAuhhdfTD-4IX-MMNrrCGuF8fhV0QSr4ziSGU90yiEVfMZMySrH0StTz6qZ2-xZ4qP8s15BviUIFifbGAIzLw3iCr8xWzeU4Ih2i20FblUezd4SKK87_UYHSoi_B3oOWKz6P6GzWxdhgp7s6WCxeQrWw6jO0P_W1Tk&sai=AMfl-YQvueHzcDkqjNPYMDhJGUmu1v-20zgZm73OUZdDGM9M0-WdF0EZm9Nu4JP9FNU9hx5ugpUgZF3348M7268ubxgGCbHzAYCjnWOY8Vybw5SWtIgtLu_6SBFHEZkktkXrY9h_eyM_gZ2l&sig=Cg0ArKJSzNulKAX15vt1EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 17:35:26 GMT

GET
H3 200 cc.jpeg
px.vliplatform.com/iv-v4/ 0
500 B 168ms
167ms Image
image/jpeg 2606:4700:3037::ac43:9e3b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.vliplatform.com/iv-v4/cc.jpeg?e=rNTUBMTRrtNrtl0zghRzodtgxzNTAAAR_qkyNBAAAAR_ksdNloufqsR_hgeNgfR_cysNgfR_udgrNqsvqnlR_qszNsqmn_sgqrR_hwkNoykqdtR_wktjNryhR_cktjNryhR_qdmNgfRzdNoc-UKyTPMYB-YKZB-PwqY-MPKe-atZaeMtZeZPTRqxeNRwNcso_YYRlmNxfrtyoftrbxfrtyoftrRdzNwqfftkRrdzNuggustRmNUaAaPRleNplR_yszuNzkxt
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: MISS
last-modified: Sat, 02 Dec 2023 17:35:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjMt7lD9tm28UZ6z2KAem3JN%2FxZF%2FoPfWA5clQG1U%2FZbnAsGFcq2Fe5gzbYL15dDJY1CWhY3KrRiaJmwemE%2FSHKzfx%2F8baHAnZHFc8dEK8H1IdKsfXD7ajly%2Fv0gsEwsTFJL2jZftYJcA79OaEcjHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=864000, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nosnippet
cf-ray: 82f5538d2b3eba97-MXP
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B08 0
20 B 65ms
65ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bjja-3WprZc_fOcaMgAeiqI6IBQAAAAA4AeAEAg&bg=!bm2lbSLNAAY3kmNgF5I7ADQBe5WfOKC5YiQDqCYvpogt2H4TrK7knkSFjMJD3USsmtojABfOhMHyqrQzruasv3fave2YAgAAADtSAAAAAWgBB5kDDQMX0krCdWM3GHsWZ7OEShSetajjiIjdIuGUa8k6mFwbsrbOLE_PpZR1HdQn0chRZkKejmm9WuYXhRJKzzyZQ1iuiaGIg-cwm6BiZqeOKuBGI0FEBQVECh7RshEDmQhkgoQ5zvB6uXsMJwwrH7bN7x5_Y0IWPslGmRgbYeyVUfs5HtuJPOY4ZPH-453TVOk2EdgD1wZGimPnP-BmZfx9ongaNED3YC6O9tcC3yDxqnEag3zs7zt5kIccV_JEdxOUCy5FdczADINnG80q6gWH6yHMweFjEnPjkIrg6YnaxQk7xyUbwnHI1hKTtdHJa3aWAHv9-iONLeI3PwWEZQtCE2Qwm2wZduiiX43acDH3qmcExw_Gn7rU4ngfuWWWcViOcYQbBmoAU24JpEdmmsDUGvXRB_QnRk02Q-V8eS05aQWgAREfCXGCK8-oWal2Vzb9_a59PdYOgoFZmP7-2VDdH37OO4TFz-1t6S9C8MRV4B_Vt_pX863UlRc9TYYX4scBrTitgD0kVyje1rHdQZ2Bhdf1NyPaLgxDZ1cO0N5lsfUc5n_WwYf62KzZFJ1QhGnFwkVdKD1f892IMzkk6WpvIFJYliN4iFzaNNDTTuXzaUb-iCk60s-gbMJ4sND3-oiw_ibk1aGkn7pXFqbMTsswhAbOlUyNxs8MXQ0YlrSAEQ_yZv9voVc4DFS5ZsZAdZvKo1GDVPy4p2RhOAJaGt1AUyG-SPoSDHYnxdb34gK4qlu--_jA_w_P6ZIBkBxHqlUMPfXZfjzlBvERku34UVEk1JNehZLXO3XxdHOqtbNRwtDrZMRKT9bk_rWFgjZydlogBAAF9gWArWdv7nPkohy8ZyZPqVA3eKXPtpzQ9eKqSnAW768g0Rn5MogFA-cOgWV6JWjxxT0bOTOmD5k1cN92NlCHxBsNGvOpSx1TJH79Aul2OhBR0Ambr0KjPqltWKRFzKpFvczo81WPKdXxLCh-dA48nDG2st4_KLgdmcHosrkla3ibHhs3r7ccJudjazAjDkq6GeFIa2JTUDd3WWc

Requested by

Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ACA5 42 B
64 B 66ms
66ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6uFmjn-Gzy9cdLdBcAjCmNsJiQHvR2gKOJqPtoMTVHOD3aVnmSLy121oGZRdt2PKUl1sG65kff2T7W41MymO5Xte22DAb5JJIAWJ97G4BLg0WRS0GJZZEcTi8&sig=Cg0ArKJSzDbgsZ5EhT6yEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701538524641&rpt=655&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

setuid
u.4dex.io/
Redirect Chain

https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
https://u.4dex.io/setuid?bidder=improvedigital&uid=ba99305a-3117-49d4-ba16-96cae3c64a39

0
15 B

38ms
38ms

Image
text/plain

34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.4dex.io/setuid?bidder=improvedigital&uid=ba99305a-3117-49d4-ba16-96cae3c64a39
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H3
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: 0

Redirect headers

location: https://u.4dex.io/setuid?bidder=improvedigital&uid=ba99305a-3117-49d4-ba16-96cae3c64a39
access-control-allow-origin: *
date: Sat, 02 Dec 2023 17:35:26 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 13B9 0
0 127ms
127ms Document
text/plain 67.202.105.22
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip22.67-202-105.static.steadfastdns.net
Software: 33XP019 /
Resource Hash

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
server: 33XP019
x-33x-status: 2020008

GET
H2 200 be96b820e5daac93 Show response
ads.us.e-planning.net/uspd/1/ Frame 1C9C 1 KB
780 B 38ms
38ms Document
text/html 193.3.178.3
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 1f35fe07ee9cdc5e3d278f54643dc4a241251516913ecbae70c10e9bcd65dc18

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Sat, 02 Dec 2023 17:35:26 GMT
expires: Sat, 02 Dec 2023 17:35:26 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-937

GET
H2

200

um
u-ams03.e-planning.net/ Frame 1C9C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4fd6bb8359078cf2%26uid%3D%24UID
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=4fd6bb8359078cf2&uid=7476920855595883743

42 B
103 B

34ms
34ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=4fd6bb8359078cf2&uid=7476920855595883743
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

server: openresty
date: Sat, 02 Dec 2023 17:35:26 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
an-x-request-uuid: 8aa99d17-26b1-4e84-9c58-88f6a28d6aa3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=4fd6bb8359078cf2&uid=7476920855595883743
x-proxy-origin: 185.195.71.221; 185.195.71.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame 1C9C
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D4fd6bb8359078cf2%26uid%3D%24UID&partner=eplanning
https://bh.contextweb.com/bh/rtset?pid=562894&ev=1&us_privacy=&rurl=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D29%26buyeruid%3D%25%25VGUID%25%25%26r%3DCid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02Z...
https://ssp.disqus.com/match?bidder=29&buyeruid=qNYNIJZGIGkZ&r=Cid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubmV0L3VtP2RjPWU2NGY3MzU2OG...
https://ads.betweendigital.com/match?bidder_id=45188&callback_url=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D32%26buyeruid%3D%24%7BUSER_ID%7D%26r%3DCid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIw...
https://ssp.disqus.com/match?bidder=32&buyeruid=e5535dcc-f3db-5250-8c3c-4e97e957244b&r=Cid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASp1aHR0cHM6Ly91LWFtczAzLmUtcGxhbm5pbmcubm...
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=4fd6bb8359078cf2&uid=ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3

42 B
103 B

35ms
35ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=4fd6bb8359078cf2&uid=ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

server: openresty
date: Sat, 02 Dec 2023 17:35:26 GMT
content-type: image/gif

Redirect headers

location: https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=4fd6bb8359078cf2&uid=ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3
pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2

200

um
u-ams03.e-planning.net/ Frame 1C9C
Redirect Chain

https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D4fd6bb8359078cf2%26uid%3D%5BUID%5D
https://u-ams03.e-planning.net/um?dc=e52415579699e09f&fi=4fd6bb8359078cf2&uid=cd0b382c-a65f-4465-b1cd-9585907a0170

42 B
103 B

34ms
34ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=e52415579699e09f&fi=4fd6bb8359078cf2&uid=cd0b382c-a65f-4465-b1cd-9585907a0170
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

server: openresty
date: Sat, 02 Dec 2023 17:35:26 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-81
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://u-ams03.e-planning.net/um?dc=e52415579699e09f&fi=4fd6bb8359078cf2&uid=cd0b382c-a65f-4465-b1cd-9585907a0170
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
u-ams03.e-planning.net/ Frame 1C9C
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4fd6bb8359078cf2%26uid%3D%24%7BUID%7D
https://u-ams03.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4fd6bb8359078cf2&uid=3a4d5f53-ec0f-4c3c-82df-c54edbefdb40

42 B
103 B

35ms
34ms

Image
image/gif

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4fd6bb8359078cf2&uid=3a4d5f53-ec0f-4c3c-82df-c54edbefdb40
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H2
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

server: openresty
date: Sat, 02 Dec 2023 17:35:26 GMT
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://u-ams03.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4fd6bb8359078cf2&uid=3a4d5f53-ec0f-4c3c-82df-c54edbefdb40
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145

GET

81a66732ddece2b186cdce7b6a45cef8.gif
cs.videowalldirect.com/ Frame 1C9C
Redirect Chain

https://x.bidswitch.net/sync?ssp=eplanning
https://cs.videowalldirect.com/81a66732ddece2b186cdce7b6a45cef8.gif?puid=cc77a4b6-7e95-47ed-ba32-09569fa94366&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D472%26user_id%3D${UID}%26ssp%3Dep...

0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B935 16 KB
6 KB 35ms
34ms Document
text/html 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4fd6bb8359078cf2%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=92585
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sat, 02 Dec 2023 17:35:26 GMT
expires: Sun, 03 Dec 2023 19:18:31 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3 200 usermatch Show response
ssum.casalemedia.com/ Frame 94CE 2 KB
1 KB 48ms
48ms Document
text/html 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4fd6bb8359078cf2%26uid%3D
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72093b1e4846e898d48b490f9fb87f870570545a749de5bd6d8b0852454b1195

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82f5538deafc24c4-ZRH
content-encoding: br
content-type: text/html
date: Sat, 02 Dec 2023 17:35:26 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Tihb4%2BHPnOyKk67VHi1kanTDMw4VLDD5iKLtbnhrrAn0E%2BowR3LjLXNW9quWXwFsW%2BiFyQPwlkG5qtGqb1Jyiu0EckOsH3JJECOUhmyPyh7IWEIEjKSsTAuUTIqb%2Fippgbj4rWv"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
spl.zeotap.com/ Frame 31E4 552 B
773 B 50ms
50ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Requested by

Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f21e7e38dc724c0c8a98b59ece760d1c9797f654920dfa976dea4a8e198c177

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.us.e-planning.net
cf-cache-status: DYNAMIC
cf-ray: 82f5538dfb3d0e0f-MXP
content-encoding: br
content-type: text/html
date: Sat, 02 Dec 2023 17:35:26 GMT
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
via: 1.1 google
x-content-type-options: nosniff

GET
H3 200 setuid Show response
u.4dex.io/ Frame E7C0 0
15 B 37ms
36ms Document
text/plain 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/setuid?bidder=eplanning&uid=AA7NNaOm5s-M4Czd
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26uid%3D%24UID
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 02 Dec 2023 17:35:26 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B935 1 KB
2 KB 34ms
34ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39655402&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4fd6bb8359078cf2%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: ed6743fd507e9e3630719e44fc4992c925633429ab723ab19866fd7615092848

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 02 Dec 2023 17:35:26 GMT
content-length: 1479
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

28292
i.liadm.com/s/ Frame 94CE
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWtq3MY2JQc-5CL6qMuo0QAA%265166&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-iUS8xd9IcCUlI_TFYhEPgCe0cFKeaagUgWD4WQ

43 B
573 B

120ms
120ms

Image
image/gif

34.197.138.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-iUS8xd9IcCUlI_TFYhEPgCe0cFKeaagUgWD4WQ

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4fd6bb8359078cf2%26uid%3D

Protocol

HTTP/1.1

Server

34.197.138.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-138-42.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:26 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 8
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-iUS8xd9IcCUlI_TFYhEPgCe0cFKeaagUgWD4WQ
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 724256
content-length: 0
expires: Sat, 02 Dec 2023 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 94CE
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7476920855595883743

43 B
732 B

44ms
43ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7476920855595883743
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4fd6bb8359078cf2%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wVZdQPDaHM3pA4sz9LTmv%2BOf6PpN%2BoZAdmUzJLvJsphbX6P3SlCXLS8b0nZuJPfHRnyR5ZoEkZhHn7Tqqa0UOldwZ3pUIhd0nZtT3aPCVf29jPyEOr9nqWJLFMOQ5nCOV8Rx75gUV6TdA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f5538e9c6c24c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
an-x-request-uuid: 26b985d0-53f1-44d5-8168-590a5a430b9e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7476920855595883743
x-proxy-origin: 185.195.71.221; 185.195.71.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 94CE 43 B
601 B 84ms
82ms Image
image/gif 2a05:d018:d29:3601:357b:9971:3f66:201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4fd6bb8359078cf2%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:357b:9971:3f66:201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 94CE
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://pr-bh.ybp.yahoo.com/sync/casale/ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB

43 B
601 B

52ms
51ms

Image
image/gif

2a05:d018:d29:3601:357b:9971:3f66:201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4fd6bb8359078cf2%26uid%3D

Protocol

Server

2a05:d018:d29:3601:357b:9971:3f66:201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB
date: Sat, 02 Dec 2023 17:35:26 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame 94CE 42 B
181 B 155ms
48ms Image
image/gif 2a05:d018:cc3:fe05:b057:3007:c56f:c3e9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4fd6bb8359078cf2%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:b057:3007:c56f:c3e9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.1
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 94CE 0
0 61ms
60ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4fd6bb8359078cf2%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 94CE
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

43 B
734 B

56ms
56ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4fd6bb8359078cf2%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BeGxWoG3A9jKipjb9pOzuqiKvVPqvFSnhUVlWEQi68XpZ%2F8lRUkTu%2BMtvDZXRHPkv10tEFQo4UDOsYFr9Y5YPTbnu%2BVP6rqr6uRiXYwIuTHAqB2scOvr6D%2FSSkCmiiqw8hVDR561qu5qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f5538efd7024c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 94CE
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=3589463590391086894&gdpr=0&gdpr_consent=

43 B
730 B

47ms
46ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=3589463590391086894&gdpr=0&gdpr_consent=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4fd6bb8359078cf2%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tAkAS7qdcls7SEzQiTLFUBSltVZEyuKNvs61VbxKJdMOXLFF6Rg6dibKEqfcNXuSVQKCWWpw6KpLlxlD1jLJLhj5lwGo0nZgpwaWPZ2XRjXq7TIGwhTjixNjhQBFXFJiMMVj404TiCjHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f5538e8c3024c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=3589463590391086894&gdpr=0&gdpr_consent=
date: Sat, 02 Dec 2023 17:35:26 GMT
content-length: 0

GET
H2 200 um
u-ams03.e-planning.net/ Frame 94CE 42 B
103 B 35ms
34ms Image
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=4fd6bb8359078cf2&uid=ZWtq3MY2JQc-5CL6qMuo0QAA%265166
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4fd6bb8359078cf2%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

server: openresty
date: Sat, 02 Dec 2023 17:35:26 GMT
content-type: image/gif

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 31E4
Redirect Chain

https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D273bb...
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=bb3c3443-8175-48a0-701b-410725c52256&zdid=1361

95 B
154 B

48ms
48ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=bb3c3443-8175-48a0-701b-410725c52256&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82f5538e9c4a0e0f-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

location: https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=bb3c3443-8175-48a0-701b-410725c52256&zdid=1361
date: Sat, 02 Dec 2023 17:35:26 GMT
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 31E4 95 B
154 B 52ms
51ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=bb3c3443-8175-48a0-701b-410725c52256&zdid=1361

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 82f5538e4bdb0e0f-MXP
access-control-allow-headers: *
content-length: 95

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 61D8 35 B
591 B 43ms
43ms Document
image/gif 37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4fd6bb8359078cf2%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sat, 02 Dec 2023 17:35:26 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 i.match Show response
a.tribalfusion.com/ Frame A96D 43 B
673 B 189ms
189ms Document
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4fd6bb8359078cf2%26uid%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 82f5538e88063c81-CDG
content-length: 43
content-type: image/gif; charset=utf-8
date: Sat, 02 Dec 2023 17:35:26 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

GET pubmatic
ad.mrtnsvr.com/sync/ Frame 789B 0
0

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame 418F 0
0 138ms
44ms Document
text/plain 162.55.120.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.196.120.55.162.clients.your-server.de

Software

nginx/1.23.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Connection: keep-alive
Date: Sat, 02 Dec 2023 17:35:26 GMT
Server: nginx/1.23.3
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame CC38
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9F68658DE08F4C9D99328411EBF0F593&gdpr=0&gdpr_consent=

1 B
53 B

43ms
42ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9F68658DE08F4C9D99328411EBF0F593&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4fd6bb8359078cf2%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 17:35:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Sat, 02 Dec 2023 17:35:26 GMT
expires: Fri, 01 Dec 2023 17:35:26 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9F68658DE08F4C9D99328411EBF0F593&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 7C39
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2309410440

70 B
148 B

50ms
50ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2309410440
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4fd6bb8359078cf2%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Sat, 02 Dec 2023 17:35:26 GMT
server: Kestrel

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Sat, 02 Dec 2023 17:35:26 GMT
etag: RX87f506037304436ca0d69713341d1547003
expires: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2309410440
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma: no-cache

GET
H2 200 um Show response
u-ams03.e-planning.net/ Frame EFC6 42 B
103 B 35ms
34ms Document
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=4fd6bb8359078cf2&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4fd6bb8359078cf2%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: image/gif
date: Sat, 02 Dec 2023 17:35:26 GMT
server: openresty

GET
H2 200 mw
mwzeom.zeotap.com/ Frame B935 95 B
172 B 52ms
50ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 82f5538e8c2f0e0f-MXP
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame B935
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

50ms
49ms

Image
image/gif

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4fd6bb8359078cf2%26uid%3D
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:37 GMT
frontend-id: 2
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:37 GMT
frontend-id: 8
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame B935
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
148 B

50ms
49ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4fd6bb8359078cf2%26uid%3D
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B935 47 B
167 B 34ms
34ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45549409&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4fd6bb8359078cf2%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 02 Dec 2023 17:35:26 GMT
content-length: 47
content-type: text/html; charset=UTF-8

GET
H2 200 um Show response
u-ams03.e-planning.net/ Frame 9274 42 B
103 B 41ms
41ms Document
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=4fd6bb8359078cf2&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4fd6bb8359078cf2%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: image/gif
date: Sat, 02 Dec 2023 17:35:26 GMT
server: openresty

GET
H3 200 setuid Show response
u.4dex.io/ Frame D8FC 0
15 B 36ms
36ms Document
text/plain 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 02 Dec 2023 17:35:26 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 928D 42 B
64 B 67ms
66ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLOWGfHQ4Mtpzy6BN92PJr5UiePjjn28beYE65TqHI-X93F3TNYH9KAVTv1H58qRFkPNLgnuhcQgEj65mcP6qftBgWUi7OiLk90EtzMpR_TNiqeeyuKpDA233Hm_BH&sai=AMfl-YRhxF870r6nRCQd4cLzvxNFY94n91Q3JZruWT9YKCiy8KY1oHRcIG9jv6d4NJcij8apeCKQL3uKnihMyEjCjnjvUQCsMxchK_t-RJdnihWsp7DphYAZQzYEY8sL0C1IobZVoaIUPGI&sig=Cg0ArKJSzBH21xjAKhi6EAE&cid=CAQSPADICaaN6rnV1u-5GxIZ-6jpOgiEdxL9-BwyBH-O9v76vCiZ1gghYH-RTiWwO_ImYbkEOM6HgPAq0UR6ORgB&id=lidar2&mcvt=1000&p=1110,436,1204,1164&mtos=126,1000,1000,1000,1000&tos=126,874,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1640917815&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701538525044&rpt=605&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 107ms
36ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.apkshub.com%2F&domain=www.apkshub.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.apkshub.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 02 Dec 2023 17:35:26 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 178926
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
id.a-mx.com/sync/ 66 B
267 B 165ms
37ms Fetch
application/json 131.153.158.209
SECUREDSERVERS-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.apkshub.com/app/com.scottgames.fnaf2&tl=https://www.apkshub.com/app/com.scottgames.fnaf2&nf=0&rt=true&v=8.21.0&av=2.0&vg=vlipb&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.158.209 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software: /
Resource Hash: 0719f0ffe84f413a6500e4ee695b762d336ddd4cece88ab4a3703b285c07e750

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 2 Dec 2023 17:35:26 GMT
access-control-allow-credentials: true
content-length: 66
content-type: application/json

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
374 B 125ms
42ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.apkshub.com%2F&domain=www.apkshub.com&cw=1&pbt=1&lsw=1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.apkshub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 203822
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
416 B 96ms
29ms Fetch
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 928D 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8534027430659&version=m202309260101&ct=77&x=1&cor=15030478992588757000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 38FA 6 KB
2 KB 59ms
49ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f5538ff8a559bf-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:35:26 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 pbjs Show response
sync.quantumdex.io/usersync/ Frame 4FAA 5 KB
1 KB 140ms
131ms Document
text/html 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/pbjs
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 259407129bb9d822c1e1b7fc09f4e9c468f9adcb77ffeb86681c325ae7e77e20

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 82f5538ff9b64c44-MXP
content-encoding: gzip
content-type: text/html
date: Sat, 02 Dec 2023 17:35:26 GMT
server: cloudflare

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A63A 16 KB
6 KB 77ms
76ms Document
text/html 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157940
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=92585
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sat, 02 Dec 2023 17:35:26 GMT
expires: Sun, 03 Dec 2023 19:18:31 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 isyn
prebid.a-mo.net/ Frame D792 0
0 35ms
35ms Document
text/plain 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Sat, 02 Dec 2023 17:35:25 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 4F03 37 B
139 B 30ms
30ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 02 Dec 2023 17:35:26 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 3D58 3 KB
2 KB 91ms
35ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 1081
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 82f553904b51021d-ZRH
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:35:26 GMT
expires: Sat, 02 Dec 2023 21:35:26 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sync.html Show response
cdn.aralego.net/ucfad/cookie/ Frame F66A 2 KB
1 KB 101ms
36ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer: https://www.apkshub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 9214
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 82f553905e9b4c49-MXP
content-encoding: br
content-type: text/html
date: Sat, 02 Dec 2023 17:35:26 GMT
last-modified: Wed, 16 Dec 2020 08:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvVoih8XPCjuP0rIXkj8pbUlKF28S2bWxZtoKOLigIvlx84RgvbyGUDKlP%2FNHq%2BwA%2Fn4BQ7GyeKDMRBydx%2BTlWlSGebMnpbPnICC3Hb7O29x1xQc%2BkoDuRszZ1nIL8pA%2F28FZtb36nW1QqKXSA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 204
No Content pixel
ap.lijit.com/ 0
277 B 121ms
42ms Image
text/plain 216.52.2.16
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: www.apkshub.com
URL: https://www.apkshub.com/app/com.scottgames.fnaf2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.apkshub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 02 Dec 2023 17:35:26 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
275 B 96ms
30ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a2e2cc1dfca9d404c9acf713666be5174c6b2a529e3c60ffafdf948c6916cbad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 01D0 1 KB
1 KB 54ms
54ms Document
text/html 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.apkshub.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6473b32de7c5604a3c0c0c8fc00d02f00b78333f61a978f7d178fc0c910bb1c4

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82f55390890324c4-ZRH
content-encoding: br
content-type: text/html
date: Sat, 02 Dec 2023 17:35:26 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEbbiu70Mc%2Fg7SRnS6wgr4V4tdmtGqotj8ABr9RHDQAxWpCRQOgW5GN1ELL9ygyfDajxfwmfgNqTV46VeRe1KcEj%2B%2B3NE26vRDJ8e%2BCHVtWenwm0mi%2FrDCi9ZmxLkPTW5KGXuEL3OjceHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame F66A 35 B
302 B 486ms
116ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?
Requested by: Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:27 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 38FA 48 KB
12 KB 45ms
36ms Script
application/javascript 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 308574
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 82f55390b9d659bf-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

204
No Content

45f6616f8301569fb3628edffa5edae8.gif
cs.admanmedia.com/ Frame 4FAA
Redirect Chain

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid...

0
176 B

4638ms
793ms

Image
text/plain

80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtMTZkM2YyODAtYmEzYS0zZTdmLWJlNDgtNmUyMDVlNDdhNWYzMgIYBjgB&gdpr=&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

HTTP/1.1

Server

80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:31 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Connection: keep-alive

Redirect headers

location: https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xNmQzZjI4MC1iYTNhLTNlN2YtYmU0OC02ZTIwNWU0N2E1ZjMQ____________ASpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtMTZkM2YyODAtYmEzYS0zZTdmLWJlNDgtNmUyMDVlNDdhNWYzMgIYBjgB&gdpr=&gdpr_consent=
pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2 200 0.gif
id5-sync.com/i/495/ Frame 4FAA 43 B
921 B 87ms
29ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 02 Dec 2023 17:35:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4FAA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7476920855595883743

43 B
94 B

135ms
135ms

Image
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7476920855595883743
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f553910b7f4c44-MXP
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
an-x-request-uuid: eb225504-578b-4e4f-96cb-1a9487f30b99
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7476920855595883743
x-proxy-origin: 185.195.71.221; 185.195.71.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content b6931342ce0a4afaad148709b51fe102.gif
cs.admanmedia.com/ Frame 4FAA 0
176 B 4030ms
701ms Image
text/plain 80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cs.admanmedia.com/b6931342ce0a4afaad148709b51fe102.gif?gdpr=&gdpr_consent=&ccpa=[CCPA]&coppa=[COPPA]&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dillumin%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Connection: keep-alive

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame 4FAA 0
34 B 29ms
28ms Image
text/plain 3.68.140.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.140.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-140-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4FAA
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://sync.quantumdex.io/setuid?bidder=between&uid=e5535dcc-f3db-5250-8c3c-4e97e957244b

43 B
117 B

134ms
134ms

Image
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=e5535dcc-f3db-5250-8c3c-4e97e957244b
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f553911b954c44-MXP
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=e5535dcc-f3db-5250-8c3c-4e97e957244b
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4FAA
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=smaato&uid=429f70146d

43 B
95 B

133ms
131ms

Image
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=smaato&uid=429f70146d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f553913bb64c44-MXP
content-length: 43
content-type: image/gif

Redirect headers

date: Sat, 02 Dec 2023 17:35:26 GMT
via: 1.1 a6a1a17bbe377bf7c4423397c71959da.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR50-P1
x-cache: Miss from cloudfront
location: https://sync.quantumdex.io/setuid?bidder=smaato&uid=429f70146d
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: TQrRZHwuyfd_uaIoVmtIr4eRGp3JInKICoLX4-TVeGO0Z1FXEfI9dA==

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 4FAA 0
277 B 53ms
44ms Image
text/plain 216.52.2.16
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 02 Dec 2023 17:35:26 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

setuid Show response
sync.quantumdex.io/ Frame FB00
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=

43 B
105 B

130ms
130ms

Document
image/gif

2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 82f553910b864c44-MXP
content-length: 43
content-type: image/gif
date: Sat, 02 Dec 2023 17:35:26 GMT
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Sat, 02 Dec 2023 17:35:26 GMT
etag: OPTOUT
expires: 0
location: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
pragma: no-cache

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 6AD3 1 KB
1 KB 59ms
59ms Document
text/html 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e8f7efe553dbaa0539fdb6954d629d89298982746eeeb88b17640e8b4d8a9ed

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 82f55390d9bd24c4-ZRH
content-encoding: br
content-type: text/html
date: Sat, 02 Dec 2023 17:35:26 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQtbJtzI97%2F1BPOZSRoQaXbDmJXLME2QiyxjBBlfoDeU%2B1rcf0n9dPD8cxBF39jMInNE9O5ttxbRrta90dN5fluLcuDGXE3uASjVu6eVXHjk5uH4kcMFr6rfaGjoGeC8DHFOYT7HSU69ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame E6B2 0
134 B 139ms
36ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=185416&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Sat, 02 Dec 2023 17:35:26 GMT
Server: nginx

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame F51C 0
134 B 135ms
35ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=148144&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Sat, 02 Dec 2023 17:35:26 GMT
Server: nginx

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame 5ACF 0
134 B 133ms
34ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=149271&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxapads-mw%26uid%3D%7BUID%7D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Sat, 02 Dec 2023 17:35:26 GMT
Server: nginx

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 1C2E
Redirect Chain

https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1

1 KB
2 KB

30ms
30ms

Document
text/html

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: f0c916c00b48588257ba59d3bc9d50693104f651db3c040ed12a34a7de7d6432

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1339
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 17:35:26 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 02 Dec 2023 17:35:26 GMT
location: /sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame 0D5C 0
134 B 133ms
35ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=184388&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dxap-184388%26uid%3D%7BUID%7D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Sat, 02 Dec 2023 17:35:26 GMT
Server: nginx

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6CE5 16 KB
6 KB 35ms
34ms Document
text/html 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=92585
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sat, 02 Dec 2023 17:35:26 GMT
expires: Sun, 03 Dec 2023 19:18:31 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 2C63 3 KB
2 KB 30ms
30ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

1235ccd07fe540a91488aee70638b1a6bd0abfe0a7cfa77d9a05e2bd4faec728

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1311
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame C99F 563 B
1015 B 345ms
114ms Document
text/html 54.147.45.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.147.45.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-45-225.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: bc42487d0a1e49c5dd867df0a384b605646e262aafe8ca47031bc4f19e34d5f7

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://sync.quantumdex.io/
content-length: 563
content-type: text/html
date: Sat, 02 Dec 2023 17:35:27 GMT
server: istio-envoy
x-envoy-upstream-service-time: 2

POST
H2 200 696.json Show response
id5-sync.com/g/v2/ 251 B
531 B 76ms
30ms Fetch
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/696.json

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-8.21.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

54727f0ae3e8c74996dfd80bce2cadcd1515d37ac87aea10a40e73104985a9b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.apkshub.com
date: Sat, 02 Dec 2023 17:35:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK 31327
i.liadm.com/s/ Frame 01D0 43 B
573 B 114ms
114ms Image
image/gif 34.197.138.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWtq3MY2JQc-5CL6qMuo0QAA%265166&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.apkshub.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.197.138.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-138-42.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:26 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 01D0
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dSEpwnV1e8JudSnBdXEylHR1KpduIimRcHZsTPN_

43 B
737 B

43ms
43ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dSEpwnV1e8JudSnBdXEylHR1KpduIimRcHZsTPN_
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.apkshub.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FuBEIz5YiHrWJY1Gwa00tDQ%2FIiss%2F7w9JjV%2B4jhcxe2Zn5pM9MxbEoJ%2BDllzXqx3bEr0QtVDvm56K819XT36OvECfTwVq65Tkudp6IyuBB7z55AVeueAGF5F%2FJ0MzDaRb39%2FgrTx3wxFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f553912a6724c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dSEpwnV1e8JudSnBdXEylHR1KpduIimRcHZsTPN_
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 01D0
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=84f5155833b72adc0b840d57bc3cc8d&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umo1a91_7309179327098850208&gdpr=0&gdpr_consent=
https://pr-bh.ybp.yahoo.com/sync/stickyads/84f5155833b72adc0b840d57bc3cc8d?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-J2kI1P5E2oMhBR.8K_vtBzsZachjorXJN6o1mYcm~A
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1

70 B
148 B

50ms
50ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.apkshub.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:27 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:27 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1701538527173082-592

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 01D0
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADVBE7K1tYAABRxDUIUDA&expiration=1702748126

43 B
735 B

45ms
44ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADVBE7K1tYAABRxDUIUDA&expiration=1702748126
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.apkshub.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qW1g5OQFHrSdI3syKhX7s%2BOoZmC%2BgHza%2FykzljOMGh6tbKoIfhqTnUJb4uXcC7ry54yCy8dAVzacAGXG7vpuuXs1kqhRF0VVQZKSQF4cb7yVbOUlwC6ZHIfzXyUTP4tG4X%2FkD7N7NqbAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f553913aa024c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADVBE7K1tYAABRxDUIUDA&expiration=1702748126
Date: Sat, 02 Dec 2023 17:35:26 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 01D0
Redirect Chain

https://cm.ctnsnet.com/int/cm?exc=19
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2a26c756cd8a4d1a9330ac946f062be5&expiration=1704130526

43 B
732 B

83ms
82ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2a26c756cd8a4d1a9330ac946f062be5&expiration=1704130526
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.apkshub.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCLPRGOvqR1l3%2Bxa399EAImKkbpQEDEm4Qu1okJ6mjTaK0vjeiVg2FuSgIIHbn5o9OoXzg711%2FTsOpbNsqdHZOokPB8lwbMq7Qyy8SZcFTYeW8Uesb0Y0OMFvd%2FZhPdZMXdTdNHWJHW2cA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f553913a8c24c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2a26c756cd8a4d1a9330ac946f062be5&expiration=1704130526
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum.casalemedia.com/ Frame 01D0
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=26e4b729-9c95-c5fd-e4893fcb

43 B
722 B

44ms
44ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=26e4b729-9c95-c5fd-e4893fcb
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.apkshub.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5zMy5yMQyaAPag4UPxLsc6oQKBXucnWpfa4cuXTwI4UC2vm2pRgC3FnPFS8RFJaAEQSCzBm%2BIsBdfkeR18KcGKbq3CGWs%2BT9nEdm8XOYlGkmyrIp%2FrojPSmH4uQzXK0GT2DeLsy"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f553920c7724c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Sat, 02 Dec 2023 17:35:26 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=26e4b729-9c95-c5fd-e4893fcb
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 01D0
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685631101846490

43 B
731 B

60ms
60ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685631101846490
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.apkshub.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oY4OrxZTayuBdMWPCb6W9F3f35dNmRZbKdgxBSlxTguC97a9rqo6f7pf%2FZO1RRDNtCskO%2B5c3ysQmwCkSLyNtfR5sq05cT85n8ZymVeivLuZNJ4tr5%2FMamJoSy0kj2cUgwIfxR6Bd2zq1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f553916b0d24c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685631101846490
Date: Sat, 02 Dec 2023 17:35:26 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 01D0
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=2c891469-bd4a-4bb3-ab5b-efab3a251bf6

43 B
732 B

52ms
52ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=2c891469-bd4a-4bb3-ab5b-efab3a251bf6
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.apkshub.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QWlTvGT0TCcZcTcO82fqBjsVIuVwewzc3wbZ5W3IOZLofFG9PZlvn8UcicFge9QAWDyWVwFtZHcSTINGPK0Pdaxe0UTVyCLiQG%2Fd2%2Fb0i9aMx2Caxuy%2BqLq70p9TWGbtK5VoGncI4UzBw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f553917b3c24c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=2c891469-bd4a-4bb3-ab5b-efab3a251bf6
date: Sat, 02 Dec 2023 17:35:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
content-type: text/html; charset=utf-8

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 01D0 43 B
229 B 46ms
34ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZWtq3MY2JQc-5CL6qMuo0QAA%265166
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.apkshub.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 41605
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82f55390fc73021d-ZRH
content-length: 43
expires: Sun, 03 Dec 2023 17:35:26 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 24F8 0
319 B 51ms
51ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f55390fa2d59bf-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:35:26 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

200

3589463590391086894 Show response
csync.smilewanted.com/set_partner_userid_get/smart/ Frame B6E2
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://csync.smilewanted.com/set_partner_userid_get/smart/3589463590391086894

0
90 B

54ms
53ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/smart/3589463590391086894
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f553913a8d59bf-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:35:26 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 0
date: Sat, 02 Dec 2023 17:35:26 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/smart/3589463590391086894

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2C63
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZdrANFj9lsi4Qri_QO5XSGFSzwerftQ

170 B
188 B

61ms
61ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZdrANFj9lsi4Qri_QO5XSGFSzwerftQ

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABjCuZdrANFj9lsi4Qri_QO5XSGFSzwerftQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 2C63 42 B
840 B 32ms
30ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=YXpHpSb83ng3QZR3QifiksztwZU6G8Malu8ug4b3tdA
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content 73c1e1bfc3bde354d60b80e601ae3914.gif
cs.admanmedia.com/ Frame 2C63 0
176 B 4356ms
978ms Image
text/plain 80.77.87.161
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

80.77.87.161 Clifton, United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:31 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Connection: keep-alive

GET
H3 400 711916.gif
id.rlcdn.com/ Frame 2C63 0
0 38ms
37ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2C63
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3RuEIfZWE5pVkpzOahyCdiY4x5Kbueb5I_imtt2lVcs

43 B
479 B

117ms
117ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3RuEIfZWE5pVkpzOahyCdiY4x5Kbueb5I_imtt2lVcs

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8RVC2SRCVHZ7SC2XXB6A
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=3RuEIfZWE5pVkpzOahyCdiY4x5Kbueb5I_imtt2lVcs
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 2C63 0
39 B 34ms
33ms Image
text/plain 198.47.127.18
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.18 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:25 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 2C63
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAn6iFtsf6DnRBmq98MstFs&google_cver=1

0
340 B

30ms
30ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAn6iFtsf6DnRBmq98MstFs&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEAn6iFtsf6DnRBmq98MstFs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2C63 70 B
148 B 50ms
49ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 2C63 43 B
145 B 30ms
29ms Image
image/gif 3.68.49.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.49.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-49-182.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 setuid
sync.quantumdex.io/ Frame 2C63 43 B
94 B 131ms
130ms Image
image/gif 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=onetag&uid=YXpHpSb83ng3QZR3QifiksztwZU6G8Malu8ug4b3tdA
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f553911b944c44-MXP
content-length: 43
content-type: image/gif

GET
H2 200 setuid Show response
sync.quantumdex.io/ Frame E71C 43 B
94 B 134ms
133ms Document
image/gif 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 82f553912ba74c44-MXP
content-length: 43
content-type: image/gif
date: Sat, 02 Dec 2023 17:35:27 GMT
server: cloudflare

GET
H/1.1 200
OK ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame B22B 43 B
479 B 60ms
60ms Document
image/gif 67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UID0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 02 Dec 2023 17:35:26 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 5X990SXKDE9Q9KXW4GCT

GET
H/1.1 200
OK 31327
i.liadm.com/s/ Frame 6AD3 43 B
573 B 182ms
116ms Image
image/gif 34.197.138.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZWtq3MY2JQc-5CL6qMuo0QAA%265166&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.197.138.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-197-138-42.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 17:35:27 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 4
Content-Type: image/gif

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6AD3
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717349727&external_user_id=5f46de92-5cf5-48b5-982e-e8ad5fc21f60

43 B
735 B

50ms
49ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717349727&external_user_id=5f46de92-5cf5-48b5-982e-e8ad5fc21f60
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7ICmEWgRuspk2Q0Atc8P%2B8nyrSrbBYDJ9IUxpMUkDevmU7ejlcNGdqB4D%2FuEttljGR%2BwcknmT4yrbdLKRhKJwEaL1EHPMbXooytPU3SK5coxO%2F%2FDk5jNOJPlysZe8kA9lEdqQHA9biMxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f553927d5324c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Sat, 02 Dec 2023 17:35:27 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1717349727&external_user_id=5f46de92-5cf5-48b5-982e-e8ad5fc21f60
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H3

200

rum
dsum.casalemedia.com/ Frame 6AD3
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://casale-match.dotomi.com/match/bounce/current?DotomiTest=4d7cccbdb7be160f&is_secure=true&networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI30aiSltglgMVomr_AAAAAAA&expiration=1701624926&is_secure=true

43 B
720 B

48ms
47ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI30aiSltglgMVomr_AAAAAAA&expiration=1701624926&is_secure=true
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFH2xP26uE5tKoQ3yh60VVfOByT0tGM15iIXBaHHcbGJj9MU2R18kL3zV40gAbLz662sVIWrihXyy0UeYVRyTwEFlNRBHu0%2BOJ44eiw8a24Dp470n3NzW97pZU8aZcLTZvyG%2FhQ6"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f55391cbf924c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI30aiSltglgMVomr_AAAAAAA&expiration=1701624926&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6AD3
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWtq2wAEAN3S7QBU

43 B
734 B

45ms
45ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWtq2wAEAN3S7QBU
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsE3OsQSnUPfQm0EfP39cznG2PnM%2Fcr3nfG74%2BWswGrPP9fDDeNZ%2FuNQH6o4mHHn3c8EMIwfX%2B%2FHb4Xys4F7bN99E1IuH2rRQHtMo2zDuViIlZNzGibRMp8LdB1NkxOdplSWwm8eveoYYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f553916b0424c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

x-served-by: cache-mxp6957-MXP
pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1701538527.920027,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZWtq2wAEAN3S7QBU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6AD3
Redirect Chain

https://cm.ctnsnet.com/int/cm?exc=19
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2a26c756cd8a4d1a9330ac946f062be5&expiration=1704130526

43 B
735 B

45ms
44ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2a26c756cd8a4d1a9330ac946f062be5&expiration=1704130526
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XF%2BMv7Qw0iCxa25SAvkhdhFflXI9jV7eFaIQnN%2Fc03rWaG9oTFs%2BGC3OXYGiwU74YanqC6FCbP7%2FrYCG7DtqsqM4UaHlTQpMfxEzd8GYrrZgiawOZbJk9SENrTTLZE6b%2Fgt5DaYjm6Eywg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f553917b2e24c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:25 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2a26c756cd8a4d1a9330ac946f062be5&expiration=1704130526
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6AD3
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dSEpwnV1e8JudSnBdXEylHR1KpduIimRcHZsTPN_

43 B
730 B

43ms
43ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dSEpwnV1e8JudSnBdXEylHR1KpduIimRcHZsTPN_
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OUCY5kvAU1lbCheO2agoMtPQs9KFXLaVu%2Fc6pciWGzIf1ZoTGsr%2BCWtM9oIhdi4sCFQs6ph0BcuqooxqN9ibjGSe2LCz5pXqDXqVBpCCg1%2FknpOIIYYoiVhA4VweEb7Q8lVqpsGQJOSsg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f553916b1824c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=dSEpwnV1e8JudSnBdXEylHR1KpduIimRcHZsTPN_
pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6AD3
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685631101846490

43 B
740 B

52ms
52ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685631101846490
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkcXixFUE%2B16v8xO%2FUvasjRA7MjUjUhfPplEtohajr2ivUF6nHcBqOR%2B3UqjlM%2FPdFYKTdo8zfDHszahYNsB213Lz%2FKRtHMy5ADTGYKJ%2FL%2FGccb3e5rU6GXty2yyZkTkEw79RkwCk5yv%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82f55391ab9724c4-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685631101846490
Date: Sat, 02 Dec 2023 17:35:26 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame 6AD3 42 B
180 B 51ms
48ms Image
image/gif 2a05:d018:cc3:fe05:b057:3007:c56f:c3e9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:b057:3007:c56f:c3e9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.1
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2 200 setuid
sync.quantumdex.io/ Frame 6AD3 43 B
94 B 131ms
128ms Image
image/gif 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f553913bc24c44-MXP
content-length: 43
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1C2E 70 B
148 B 51ms
49ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

ebda
eb2.3lift.com/ Frame 1C2E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzNDgyNjc1MzkzMDgxMTEwMDE5
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

30ms
30ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 1C2E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGYs20n3y5dXqQeAqwL7AHw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
353 B

31ms
31ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGYs20n3y5dXqQeAqwL7AHw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 02 Dec 2023 17:35:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEGYs20n3y5dXqQeAqwL7AHw&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C2E
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzNDgyNjc1MzkzMDgxMTEwMDE5

170 B
188 B

62ms
62ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzNDgyNjc1MzkzMDgxMTEwMDE5

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjYzNDgyNjc1MzkzMDgxMTEwMDE5
date: Sat, 02 Dec 2023 17:35:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 1C2E 0
143 B 209ms
208ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=263482675393081110019&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5873586DC8FC4B5FB5D8328A695E4D93 Ref B: ZRHEDGE1020 Ref C: 2023-12-02T17:35:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYLik95SZ+AuTLW2Gqaeg==

GET
H2

200

xuid
eb2.3lift.com/ Frame 1C2E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/263482675393081110019?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-6C7.dwFE2oREoKYDRBAXDh4I.K9ZndBkVYFtLryflQ--~A&dongle=0883

37 B
139 B

30ms
30ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-6C7.dwFE2oREoKYDRBAXDh4I.K9ZndBkVYFtLryflQ--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Sat, 02 Dec 2023 17:35:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-6C7.dwFE2oREoKYDRBAXDh4I.K9ZndBkVYFtLryflQ--~A&dongle=0883
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 1C2E
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=263482675393081110019&gdpr=0&gdpr_consent=${GDPR_CONSENT}
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=cc77a4b6-7e95-47ed-ba32-09569fa94366
https://x.bidswitch.net/sync?dsp_id=340&user_id=8fa3e66d-b499-4ce2-a188-1252cb75862d&expires=10&ssp=triplelift&bsw_param=cc77a4b6-7e95-47ed-ba32-09569fa94366
https://eb2.3lift.com/xuid?mid=2409&xuid=cc77a4b6-7e95-47ed-ba32-09569fa94366&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=

37 B
353 B

32ms
31ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=cc77a4b6-7e95-47ed-ba32-09569fa94366&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 02 Dec 2023 17:35:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: //eb2.3lift.com/xuid?mid=2409&xuid=cc77a4b6-7e95-47ed-ba32-09569fa94366&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
date: Sat, 02 Dec 2023 17:35:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 1C2E
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
https://eb2.3lift.com/xuid?mid=2711&xuid=a77d3f7e-ac3b-48f5-a8a6-953a11b916b7&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=

37 B
353 B

31ms
31ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=a77d3f7e-ac3b-48f5-a8a6-953a11b916b7&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 02 Dec 2023 17:35:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://eb2.3lift.com/xuid?mid=2711&xuid=a77d3f7e-ac3b-48f5-a8a6-953a11b916b7&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 631677
content-length: 0
expires: Sat, 02 Dec 2023 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 1C2E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=7476920855595883743&dongle=4d58&gdpr=0&gdpr_consent=

37 B
353 B

31ms
31ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=7476920855595883743&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 02 Dec 2023 17:35:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
an-x-request-uuid: 5d78c163-cd6f-46d2-91bc-81d96e49164e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://eb2.3lift.com/xuid?mid=3335&xuid=7476920855595883743&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin: 185.195.71.221; 185.195.71.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/prebid/ Frame 1C2E 43 B
1 KB 33ms
32ms Image
image/gif 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=263482675393081110019

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:26 GMT
an-x-request-uuid: de91fc0b-260d-48df-b65d-4006ce5cb4c4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.195.71.221; 185.195.71.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

7476920855595883743 Show response
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame B32E
Redirect Chain

https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7476920855595883743

0
384 B

52ms
52ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/appnexus/7476920855595883743
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f553917ad659bf-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:35:26 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: c81e6d88-9ad0-49a2-bc5c-59f65ca7c571
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 17:35:26 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/appnexus/7476920855595883743
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 185.195.71.221; 185.195.71.221; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

LPOC3RIX-4-J7RK Show response
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 5FB2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LPOC3RIX-4-J7RK?gdpr=0

0
398 B

52ms
52ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LPOC3RIX-4-J7RK?gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f55391cb3d59bf-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:35:27 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LPOC3RIX-4-J7RK?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
content-length: 0

GET
H2 200 setuid Show response
sync.quantumdex.io/ Frame 0E75 43 B
94 B 130ms
130ms Document
image/gif 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 82f55391cc974c44-MXP
content-length: 43
content-type: image/gif
date: Sat, 02 Dec 2023 17:35:27 GMT
server: cloudflare

GET
H/1.1 200
OK ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 6E74 43 B
479 B 58ms
57ms Document
image/gif 67.220.226.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UID0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 02 Dec 2023 17:35:27 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: PSVFTCY81R9BMHSFXTN3

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 85DA 16 KB
6 KB 34ms
34ms Document
text/html 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=92584
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sat, 02 Dec 2023 17:35:27 GMT
expires: Sun, 03 Dec 2023 19:18:31 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 0AB2A09F-9931-4A50-9D2C-B498B5C62DB0 Show response
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 7802 0
445 B 52ms
52ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f553923bd559bf-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:35:27 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

200

ba99305a-3117-49d4-ba16-96cae3c64a39&partner_id=1010 Show response
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 0185
Redirect Chain

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
https://csync.smilewanted.com/set_partner_userid_get/improve/ba99305a-3117-49d4-ba16-96cae3c64a39&partner_id=1010

0
511 B

51ms
50ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/improve/ba99305a-3117-49d4-ba16-96cae3c64a39&partner_id=1010
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f553928c4259bf-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:35:27 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Sat, 02 Dec 2023 17:35:27 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/improve/ba99305a-3117-49d4-ba16-96cae3c64a39&partner_id=1010
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

a6d9120a-65f5-414b-af26-c2b72408b1bf Show response
csync.smilewanted.com/set_partner_userid_get/openx/ Frame 1723
Redirect Chain

https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
https://csync.smilewanted.com/set_partner_userid_get/openx/a6d9120a-65f5-414b-af26-c2b72408b1bf

0
756 B

52ms
52ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/openx/a6d9120a-65f5-414b-af26-c2b72408b1bf
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f55392ecc359bf-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:35:27 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 0
content-type: text/html
date: Sat, 02 Dec 2023 17:35:27 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/openx/a6d9120a-65f5-414b-af26-c2b72408b1bf
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D5B1 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4758859299043&version=m202309260101&ct=77&x=1&cor=17612586581039862000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D5B1 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstuupzr5ffUmN4CAt5wVyS8Z3tCW3o6KBeOorsr0YDLo17f2glJ3Ip4Gk1vux-faOMNP_Wz2sgTbX0FizE98gFTLCbo7OcA-r5LzE9NZVU0mtR7EGYu5c3Q5Q04gQVDg6yvQPMelH-ntA&sai=AMfl-YQj2u_N0q4CzVF03J-z618yGdqPEMrYjHX9kccFb8Yor1g733myjWSXMYOgmIdDqMJ_9_PYAGVJ9cKes0XBDwNSK2QvEXiOwL8Sig3-XzK65XSZadOZ-h4gDut0Givqn2U9En0imw&sig=Cg0ArKJSzHSHNGE5xxkEEAE&cid=CAQSOwDICaaNpppoKWWRDkkpALMRn16b04M32x8MNBANultjdSRODl71B3s6YW8qfRXEHbslHp3njIFiqEnFGAE&id=lidar2&mcvt=1011&p=76,985,330,1285&mtos=0,1011,1011,1011,1011&tos=0,1011,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=871115713&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701538525299&rpt=855&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D5B1 42 B
64 B 67ms
67ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttvLEMEM3jiC00lTY85BeWQhrBKyECNgnBVL3RTYlDzW_R_3G8kWyeJI-JjyEmG9LIaZCfYMQBg6jS7w6UNVXzcfpQZ-fT5C6sE7I_CH3ClT1IufB0L7koSQ&sig=Cg0ArKJSzNhGAXPfMat4EAE&id=lidar2&mcvt=1012&p=0,0,250,300&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=4149170&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701538525299&rpt=858&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0AB2A09F-9931-4A50-9D2C-B498B5C62DB0 Show response
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 841F 0
81 B 54ms
53ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f55392ecbc59bf-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:35:27 GMT
server: cloudflare
vary: Accept-Encoding

POST
H2 200 /
track.adform.net/serving/unload/ Frame 928D 35 B
626 B 44ms
44ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5601850442688953787@@69706643,2931819896320035431,100|1047|0|0|0|0|0|0|0||36|1|||||1|0|0|LTS70A5N_AvxBx_RTJEBJ1HWuWVERnEDtRmTTIDFGhD1sLXZJwkyvPL_QlhaeLlf0|||11||0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame D60A 0
0 42ms
42ms Document
text/plain 216.52.2.16
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Sat, 02 Dec 2023 17:35:27 GMT
X-Sovrn-Pod: ad_ap3ams1

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15E5 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5686079881191&version=m202309260101&ct=76&x=38&cor=2089081526269520000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cs
cs-server-s2s.yellowblue.io/ Frame C99F
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0

0
329 B

113ms
113ms

Image
application/javascript

54.147.45.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 54.147.45.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-45-225.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:27 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

location: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
date: Sat, 02 Dec 2023 17:35:26 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 115
content-type: text/html; charset=utf-8

GET
H2

200

cs
cs.yellowblue.io/ Frame C99F
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
https://cs.yellowblue.io/cs?aid=11601&id=84f5155833b72adc0b840d57bc3cc8d&gdpr_consent=&gdpr=0

0
329 B

53ms
52ms

Image
application/javascript

54.216.109.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11601&id=84f5155833b72adc0b840d57bc3cc8d&gdpr_consent=&gdpr=0
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol: H2
Server: 54.216.109.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-109-54.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:27 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 02 Dec 2023 17:35:27 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cs.yellowblue.io/cs?aid=11601&id=84f5155833b72adc0b840d57bc3cc8d&gdpr_consent=&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1701538527142072-603

GET
H2 204 v1
match.sharethrough.com/universal/ Frame C99F 0
34 B 30ms
29ms Image
text/plain 3.68.140.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.140.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-140-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:27 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame C99F 43 B
94 B 134ms
133ms Image
image/gif 2606:4700:10::6816:2560
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=rise&uid=L1a62I9-Cp_s
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82f553930e584c44-MXP
content-length: 43
content-type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 681A 42 B
64 B 66ms
66ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurq0ASMLWTlTtgGs_P3N1qMqNYgmI_8LH5CkQofxiZ2sL_gbFJhRa0YnCVzHbQ8bUUPDiCrAMgdUSZoAIAa3DOwo1C_KBr1_bGKGCIlti7xfacqvUB_GVnuZAT6iqJgG8GOWfBTbFJoQ&sai=AMfl-YSqsCaQCZDG34j3TULafFRZHZGVRnP45JQHzyn90fi-EBcZREk&sig=Cg0ArKJSzBp3c9kAMD5MEAE&id=lidar2&mcvt=1000&p=1022,436,1112,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=4224078187&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701538524331&rpt=1848&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BC07 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9848064768945&version=m202309260101&ct=76&x=38&cor=6183851008184346000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACA5 0
20 B 63ms
62ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=364916390722&version=m202309260101&ct=76&x=38&cor=8853819634153017000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7ED0 42 B
64 B 67ms
67ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjjatJQ2hnP_Ympyvr_MeNK5TgWb_QoZqrC-EP1tcqiXuZuM9eYrBtdJxZLz2aROztZvxQk3n80zIjaCNyqPPVJ2q30YELpqjVdVE-UftYtlRs6gEY_of7oVclYAlbAjPjJf2iz1LNCg&sai=AMfl-YSsL1zpnvvy6uEmp75_5WVnRlxTiR3B6g833TkQahkW3IktkCQ&sig=Cg0ArKJSzDMneLGNivZgEAE&id=lidar2&mcvt=1022&p=789,436,879,1164&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=4224078184&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701538524527&rpt=1690&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 543F 42 B
64 B 67ms
67ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLCJfYyZz4DvbzVl1Kne44zuPEMTVnwToftDWJ51IzQ8yZFb4GIn9dXZuVfGoagWFj1w3djDQMp1MphbOabdj86-lTaiI5nBSG2OEDk9xEf5YctZ1oNjdy7raIN3TAJh3oW_ZC2zrixw&sai=AMfl-YSdCQIRsOcEUrXcWoayxmBj-zmVka9FlpPp14AK0jm0TMZHy54&sig=Cg0ArKJSzC_X5-F7bpbxEAE&id=lidar2&mcvt=1024&p=508,436,598,1164&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=4224078185&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701538524480&rpt=1732&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

5601850442688953787 Show response
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 7BF1
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
https://csync.smilewanted.com/set_partner_userid_get/adform/5601850442688953787

0
575 B

51ms
51ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/adform/5601850442688953787
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f553941ebe59bf-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:35:27 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/plain
date: Sat, 02 Dec 2023 17:35:27 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/adform/5601850442688953787
server: nginx

GET
H2

200

/ Show response
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame BD01
Redirect Chain

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

0
113 B

52ms
52ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f553942ed459bf-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:35:27 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 92
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Dec 2023 17:35:27 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma: no-cache

GET
H2

200

oEXCCcN2jo7_Fex7d7JdS6YgXe3QI3Iuca0aTj6OCoU Show response
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame F78A
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/oEXCCcN2jo7_Fex7d7JdS6YgXe3QI3Iuca0aTj6OCoU?pi=smilewanted

0
610 B

70ms
69ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/oEXCCcN2jo7_Fex7d7JdS6YgXe3QI3Iuca0aTj6OCoU?pi=smilewanted
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82f553940ea159bf-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 17:35:27 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Sat, 02 Dec 2023 17:35:27 GMT Sat, 02 Dec 2023 17:35:27 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/oEXCCcN2jo7_Fex7d7JdS6YgXe3QI3Iuca0aTj6OCoU?pi=smilewanted
pragma: no-cache

GET
H2 200 um Show response
u-ams03.e-planning.net/ Frame BB78 42 B
103 B 35ms
35ms Document
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=21648002e00e80a7&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D21648002e00e80a7%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: image/gif
date: Sat, 02 Dec 2023 17:35:27 GMT
server: openresty

GET
H2 200 um Show response
u-ams03.e-planning.net/ Frame FE7C 42 B
103 B 34ms
34ms Document
image/gif 193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=21648002e00e80a7&uid=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D21648002e00e80a7%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: image/gif
date: Sat, 02 Dec 2023 17:35:27 GMT
server: openresty

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame 0CDD 35 B
250 B 52ms
51ms Document
image/gif 52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sat, 02 Dec 2023 17:35:27 GMT
Expires: 0
Pragma: no-cache

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame 25DC 35 B
250 B 52ms
52ms Document
image/gif 52.210.15.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Sat, 02 Dec 2023 17:35:27 GMT
Expires: 0
Pragma: no-cache

POST
H2 200 putRecords Show response
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ 146 B
373 B 179ms
178ms Fetch
application/json 52.25.123.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.25.123.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-123-43.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a8984b23629304ec51802acce839ecd0e47dba4a4978f8d70d68c07fcad0b2a1

Request headers

Referer: https://www.apkshub.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
x-api-key: 79db72eb0b5c7255afa54a253df24fb4a5ac916bf40b51c730df8850aa5665ca
Content-Type: application/json

Response headers

date: Sat, 02 Dec 2023 17:35:28 GMT
x-amzn-trace-id: Root=1-656b6ae0-3415031a10e005dc6cdd9282
x-amzn-requestid: f532422f-139b-4c65-b09f-d1463667d287
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: PU2jIHzgPHcEdag=
content-length: 146

OPTIONS
H2 204 putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame 0
0 508ms
166ms Preflight 52.25.123.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.25.123.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-123-43.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: POST
Origin: https://www.apkshub.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
date: Sat, 02 Dec 2023 17:35:28 GMT
x-amz-apigw-id: PU2jGFO0PHcEGPw=
x-amzn-requestid: d8e0a813-881c-4e33-bd95-8dc28d01f8d9

GET
H3 200 setuid Show response
u.4dex.io/ Frame 6289 0
15 B 45ms
45ms Document
text/plain 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 02 Dec 2023 17:35:28 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame B935 0
128 B 43ms
42ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4fd6bb8359078cf2%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:35:28 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 setuid Show response
u.4dex.io/ Frame 6D64 0
15 B 37ms
36ms Document
text/plain 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sat, 02 Dec 2023 17:35:28 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

POST
H2 200 /
track.adform.net/serving/unload/ Frame 928D 35 B
626 B 43ms
43ms Ping
image/gif 37.157.4.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5601850442688953787@@69706643,2931819896320035431,100|4642|0|0|0|0|0|0|0||158|1|||||1|0|0|LTS70A5N_AvxBx_RTJEBJ1HWuWVERnEDtRmTTIDFGhD1sLXZJwkyvPL_QlhaeLlf0|||01||0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 17:35:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: cm-supply-web.gammaplatform.com
URL: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: cs.videowalldirect.com
URL: https://cs.videowalldirect.com/81a66732ddece2b186cdce7b6a45cef8.gif?puid=cc77a4b6-7e95-47ed-ba32-09569fa94366&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D472%26user_id%3D${UID}%26ssp%3Deplanning%26bsw_param%3Dcc77a4b6-7e95-47ed-ba32-09569fa94366%26gdpr%3D%26gdpr_consent%3D%26gdpr_pd%3D

Domain: sync.tidaltv.com
URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Domain: engine.widespace.com
URL: https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHGrkXQf3BvP0yT7hf9LNTQ&google_cver=1&google_push=AXcoOmQd6xHbQNypZ3OJHzMp7P74no-TJpLa8eEuZHKi8WQ04zbO73EwPf_1Xq7RWJWN-pwAcVjgGpWTYIbTQJY7wJnJcyYKHCin_WInpA

Domain: cs.videowalldirect.com
URL: https://cs.videowalldirect.com/81a66732ddece2b186cdce7b6a45cef8.gif?puid=cc77a4b6-7e95-47ed-ba32-09569fa94366&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D472%26user_id%3D${UID}%26ssp%3Deplanning%26bsw_param%3Dcc77a4b6-7e95-47ed-ba32-09569fa94366%26gdpr%3D%26gdpr_consent%3D%26gdpr_pd%3D

Domain: ad.mrtnsvr.com
URL: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

191 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 18:48:34	Name: sync Value: CgoIoQEQqe3l3MIxCgoIkQIQqe3l3MIxCgoItAIQqe3l3MIxCgoI5gEQqe3l3MIxCgoIhwIQqe3l3MIxCgoItwIQqe3l3MIxCgkIOhCp7eXcwjEKCgiMAhCp7eXcwjEKCQhfEKnt5dzCMQoJCB8Qqe3l3MIx
www.apkshub.com/app	1969-12-31 23:59:59	Name: _gapid Value: GA1.Win32
i6.liadm.com/s	1970-01-20 17:22:10	Name: _li_ss Value: CgA
i.liadm.com/s	1970-01-20 17:22:10	Name: _li_ss Value: ChMKCQj_____BxDbFgoGCN0BENEW
www.apkshub.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: b9on9q2t7mt1gk7ur69jo4hkse
.apkshub.com/	1970-01-21 02:14:58	Name: _ga_8LBPJ6Z73J Value: GS1.1.1701538522.1.0.1701538522.0.0.0
.apkshub.com/	1970-01-21 02:14:58	Name: _ga Value: GA1.1.1865362612.1701538522
www.apkshub.com/	1970-01-20 18:05:22	Name: __ppIdCC Value: wpjaguv_xon217915385667.7
.apkshub.com/	1970-01-20 17:19:17	Name: sharedid Value: 865eb601-bd05-4141-b1e8-28c13b0a23e2
.apkshub.com/	1970-01-20 17:19:17	Name: sharedid_cst Value: zix7LPQsHA%3D%3D
www.apkshub.com/	1969-12-31 23:59:59	Name: ucf_uid Value: e7570e4a-9c64-4ccc-b687-d08c3592f5b7
prebid.a-mo.net/	1970-01-20 16:38:58	Name: _Amc_b Value: 0
.pubmatic.com/	1970-01-21 01:24:34	Name: KADUSERCOOKIE Value: 0AB2A09F-9931-4A50-9D2C-B498B5C62DB0
.prebid.a-mo.net/	1970-01-21 01:24:34	Name: __amc Value: 3_1701538523_1701538523
.rubiconproject.com/	1970-01-21 01:24:34	Name: khaos Value: LPOC3RIX-4-J7RK
.weborama.fr/	1970-01-21 02:04:53	Name: AFFICHE_W Value: 4w5POVCEXjrj12
.quantserve.com/	1970-01-21 02:09:12	Name: mc Value: 656b6adb-a6a6e-47a57-6613b
.adnxs.com/	1970-01-20 18:48:34	Name: uuid2 Value: 7476920855595883743
.adfarm1.adition.com/	1970-01-20 18:48:34	Name: UserID1 Value: 7308052309189916812
.simpli.fi/	1970-01-21 01:26:00	Name: suid Value: 9F68658DE08F4C9D99328411EBF0F593
.amazon-adsystem.com/	1970-01-20 21:44:15	Name: ad-id Value: A0zfAqLbsUoYmGAluXcI0lI
.amazon-adsystem.com/	1970-01-21 02:14:58	Name: ad-privacy Value: 0
.csync.loopme.me/	1970-01-20 18:50:00	Name: viewer_token Value: 74142d14-9719-466e-bd1b-6e506595c94a
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjQ0MLQwMTOxNBDiM9R1CYkPDneJLwrx8S8AADQlH2glAAAA
.rfihub.com/	1970-01-21 02:00:34	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjQ0MLQwMTOxNBDiM9R1CYkPDneJLwrx8S8AADQlH2glAAAA
.adform.net/	1970-01-20 17:23:36	Name: C Value: 1
.de17a.com/	1970-01-21 01:17:22	Name: guid Value: 1.460297751196113367
.bidswitch.net/	1970-01-21 01:24:34	Name: tuuid Value: cc77a4b6-7e95-47ed-ba32-09569fa94366
.bidswitch.net/	1970-01-21 01:24:34	Name: c Value: 1701538523
.bidswitch.net/	1970-01-21 01:24:34	Name: tuuid_lu Value: 1701538523
.everesttech.net/	1970-01-21 01:24:34	Name: everest_g_v2 Value: g_surferid~ZWtq2wAEAN3S7QBU
.adx.opera.com/	1970-01-21 01:24:34	Name: UID Value: OPUd60c7dc45aab4510b9137b80f9bd3457
.audrte.com/	1970-01-20 17:00:34	Name: arcki2 Value: e7buKAMDUiZRIOQx-ZMddIUuA!20220908!1701538523786!ip#185.195.71.221
.audrte.com/	1970-01-20 17:00:34	Name: arcki2_pubmatic Value: 0AB2A09F-9931-4A50-9D2C-B498B5C62DB0!20220908!1701538523786
.onaudience.com/	1970-01-21 01:24:34	Name: cookie Value: 1eabccd56dee0d80
.onaudience.com/	1970-01-20 16:40:24	Name: done_redirects104 Value: 1
.pubmatic.com/	1970-01-20 18:48:34	Name: KRTBCOOKIE_153 Value: 1923-CBk_BAhNbQQTTT8HCEkkUglNPFETGj9XDU7Ixhy_&KRTB&19420-CBk_BAhNbQQTTT8HCEkkUglNPFETGj9XDU7Ixhy_&KRTB&22979-CBk_BAhNbQQTTT8HCEkkUglNPFETGj9XDU7Ixhy_&KRTB&23462-CBk_BAhNbQQTTT8HCEkkUglNPFETGj9XDU7Ixhy_
.pubmatic.com/	1970-01-20 18:48:34	Name: KRTBCOOKIE_18 Value: 22947-5109685631101846490
.pubmatic.com/	1970-01-20 18:48:34	Name: KRTBCOOKIE_80 Value: 22987-CAESEAyfX5PYo4jU8uhYVojPqjg&KRTB&23025-CAESEAyfX5PYo4jU8uhYVojPqjg&KRTB&23386-CAESEAyfX5PYo4jU8uhYVojPqjg
.pubmatic.com/	1970-01-20 17:22:10	Name: KRTBCOOKIE_1323 Value: 23480-OPUd60c7dc45aab4510b9137b80f9bd3457&KRTB&23485-OPUd60c7dc45aab4510b9137b80f9bd3457&KRTB&23524-OPUd60c7dc45aab4510b9137b80f9bd3457
.pubmatic.com/	1970-01-20 17:22:10	Name: KRTBCOOKIE_336 Value: 5844-460297751196113367
.crwdcntrl.net/	1970-01-20 23:07:44	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 23:07:44	Name: _cc_id Value: 3e4651007b929497695f86809be6efcb
pixel-eu.rubiconproject.com/	1970-01-20 18:48:34	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:00:34	Name: uid Value: a77d3f7e-ac3b-48f5-a8a6-953a11b916b7
.sitescout.com/	1970-01-21 01:24:34	Name: ssi Value: 39848f0e-25d7-4e62-9bf6-4c502ae54504#1701538523849
.pubmatic.com/	1970-01-20 17:22:10	Name: KRTBCOOKIE_1101 Value: 23040-7308052309189916812&KRTB&23369-7308052309189916812
.pubmatic.com/	1970-01-20 18:48:34	Name: KRTBCOOKIE_57 Value: 22776-7476920855595883743&KRTB&23339-7476920855595883743
.adform.net/	1970-01-20 18:05:22	Name: uid Value: 5601850442688953787
.taptapnetworks.com/	1970-01-21 01:24:34	Name: SONATA_ID Value: csonata_f6a135e4-a0e0-478b-9274-f18e342a5f23
.pubmatic.com/	1970-01-20 17:22:10	Name: KRTBCOOKIE_391 Value: 22924-1679370238320300561&KRTB&23263-1679370238320300561&KRTB&23481-1679370238320300561
.bidr.io/	1970-01-21 02:07:28	Name: bitoIsSecure Value: ok
.audrte.com/	1970-01-20 17:00:34	Name: arcki2_ddp2 Value: e7buKAMDUiZRIOQx-ZMddIUuA!20220908!1701538523880
.blismedia.com/	1970-01-21 01:24:38	Name: b Value: 656B6ADBB72E4C4607B221F6BLIS
.mediago.io/	1970-01-21 01:24:34	Name: __mguid_ Value: 9d9fcb00faa355bb2myzw400lpoc3rpb
.yahoo.com/	1970-01-21 01:24:56	Name: A3 Value: d=AQABBNtqa2UCEL_AhWrXIHHlAlgKirD5iPIFEgEBAQG8bGV1ZQAAAAAA_eMAAA&S=AQAAAirCABG1ZJrpOchUfVucFyY
pixel.rubiconproject.com/	1970-01-20 18:48:34	Name: receive-cookie-deprecation Value: 1
.pubmatic.com/	1970-01-20 18:48:34	Name: KRTBCOOKIE_188 Value: 3189-39848f0e-25d7-4e62-9bf6-4c502ae54504-656b6adb-4348&KRTB&23418-39848f0e-25d7-4e62-9bf6-4c502ae54504-656b6adb-4348
.pubmatic.com/	1970-01-20 18:48:34	Name: KRTBCOOKIE_466 Value: 16530-cc77a4b6-7e95-47ed-ba32-09569fa94366
.ads.stickyadstv.com/	1970-01-20 17:22:10	Name: UID Value: 84f5155833b72adc0b840d57bc3cc8d
.contextweb.com/	1970-01-21 01:17:22	Name: V Value: qNYNIJZGIGkZ
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 68aaf2e4130d7fa4
.smaato.net/	1970-01-20 17:09:12	Name: SCM Value: 429f70146d
.smaato.net/	1970-01-20 17:09:12	Name: SCMaps Value: 429f70146d
.adsby.bidtheatre.com/	1970-01-20 16:49:03	Name: __kuid Value: 39505c59-85b8-41ed-9d88-2b270e17ad7d.470752523
.audrte.com/	1970-01-20 17:00:34	Name: arcki2_adform Value: 5601850442688953787!20220908!1701538523984
.pubmatic.com/	1970-01-20 17:22:10	Name: KRTBCOOKIE_409 Value: 22966-NOvcHvPGbnghjjQVUQnnaQSa
.bidr.io/	1970-01-21 02:07:28	Name: bito Value: AADVBE7K1tYAABRxDUIUDA
s2s.t13.io/	1970-01-20 18:48:34	Name: uids Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMUE9DM1JJWC00LUo3UksiLCJleHBpcmVzIjoiMjAyMy0xMi0xNlQxNzozNToyNC4wMjg5OTk4MzNaIn19fQ==
sync.srv.stackadapt.com/	1970-01-21 01:24:34	Name: sa-user-id Value: s%3A0-c344a179-9236-5e4e-6606-453c184cf9fa.bo9HtGmlTjNmWXIGn5Ehqzl%2FNEWeKZ0qQVxr4qdI6OE
.srv.stackadapt.com/	1970-01-21 01:24:34	Name: sa-user-id Value: s%3A0-c344a179-9236-5e4e-6606-453c184cf9fa.bo9HtGmlTjNmWXIGn5Ehqzl%2FNEWeKZ0qQVxr4qdI6OE
sync.srv.stackadapt.com/	1970-01-21 01:24:34	Name: sa-user-id-v2 Value: s%3Aw0SheZI2Xk5mBkU8GEz5-rnDR90.Q%2BQDlrdiNGcWal%2FB0jBfKCIAiMKFCe2HUBD0tVSND00
.srv.stackadapt.com/	1970-01-21 01:24:34	Name: sa-user-id-v2 Value: s%3Aw0SheZI2Xk5mBkU8GEz5-rnDR90.Q%2BQDlrdiNGcWal%2FB0jBfKCIAiMKFCe2HUBD0tVSND00
.connatix.com/	1970-01-20 17:22:10	Name: cnx_userId Value: 5307e8930c1f485ea047f2c19290ca77
.pubmatic.com/	1970-01-20 18:48:34	Name: KRTBCOOKIE_32 Value: 11175-AAAIZtbDYCV83wNL98ZJAAAAAAA&KRTB&22713-AAAIZtbDYCV83wNL98ZJAAAAAAA&KRTB&22715-AAAIZtbDYCV83wNL98ZJAAAAAAA&KRTB&23519-AAAIZtbDYCV83wNL98ZJAAAAAAA
.pubmatic.com/	1970-01-20 18:48:34	Name: KRTBCOOKIE_860 Value: 16335-w0SheZI2Xk5mBkU8GEz5-rnDR90&KRTB&23334-w0SheZI2Xk5mBkU8GEz5-rnDR90&KRTB&23417-w0SheZI2Xk5mBkU8GEz5-rnDR90&KRTB&23426-w0SheZI2Xk5mBkU8GEz5-rnDR90
.linkedin.com/	1970-01-21 01:24:34	Name: bcookie Value: "v=2&84d72b03-e2d4-40eb-865b-90654bfe6fcf"
.linkedin.com/	1970-01-20 20:58:10	Name: li_gc Value: MTswOzE3MDE1Mzg1MjQ7MjswMjFnPeEh6l8AApDWx2hqvGEaQq0ckk8CJ38IZ9I6WQVclA==
.linkedin.com/	1970-01-20 16:40:24	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2802:u=1:x=1:i=1701538524:t=1701624924:v=2:sig=AQHjBhxBsJAmw_LsoeezfrdqZnzJpdRd"
.yieldmo.com/	1970-01-21 01:24:34	Name: yieldmo_id Value: 3z__1ccQQYczXZH6vpBP%7C1701475200000%7C0
.ads.yieldmo.com/	1970-01-21 01:24:34	Name: ptrrc Value: LPOC3RIX-4-J7RK
sync.srv.stackadapt.com/	1970-01-21 01:24:34	Name: sa-user-id-v3 Value: s%3AAQAKIAXj1TSRxvvIyiaiU2HmCuG0uYGfrYT3UlVsVMlYZCHwEHwYBCDc1a2rBjABOgSVjvJGQgTT8ltK.xoO6dpcQNILC5qVmZCHSp3%2B7rlh0Yg4O2Er17UkVE9o
.srv.stackadapt.com/	1970-01-21 01:24:34	Name: sa-user-id-v3 Value: s%3AAQAKIAXj1TSRxvvIyiaiU2HmCuG0uYGfrYT3UlVsVMlYZCHwEHwYBCDc1a2rBjABOgSVjvJGQgTT8ltK.xoO6dpcQNILC5qVmZCHSp3%2B7rlh0Yg4O2Er17UkVE9o
.primis.tech/	1970-01-20 17:14:58	Name: csuuid Value: 656b6adc251ce
.omnitagjs.com/	1970-01-20 17:22:10	Name: ayl_visitor Value: cf110ba7eb0010ec91cd29c3c4f4c0c6
.tapad.com/	1970-01-20 18:05:22	Name: TapAd_TS Value: 1701538524174
.tapad.com/	1970-01-20 18:05:22	Name: TapAd_DID Value: 405b38aa-3058-4119-81e5-ae5bca179a45
.turn.com/	1970-01-20 20:58:10	Name: uid Value: 3282855308204290234
.targeting.unrulymedia.com/	1970-01-21 01:24:34	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-87f50603-7304-436c-a0d6-9713341d1547-003%22%7D
.quantumdex.io/	1970-01-20 16:53:22	Name: uid Value: 92383648-18e9-4b99-805d-baf6dcac8ec6
.tapad.com/	1970-01-20 18:05:22	Name: TapAd_3WAY_SYNCS Value:
.pubmatic.com/	1970-01-20 17:22:10	Name: KRTBCOOKIE_22 Value: 14911-3426970496280146106&KRTB&23150-3426970496280146106&KRTB&23527-3426970496280146106
prebid-s2s.media.net/	1970-01-20 18:48:34	Name: uids Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMUE9DM1JJWC00LUo3UksiLCJleHBpcmVzIjoiMjAyMy0xMi0xNlQxNzozNToyNC4yNTEzMTk3NjVaIn19LCJiZGF5IjoiMjAyMy0xMi0wMlQxNzozNToyNC4yNTA4NTU4MDVaIiwiaG9zdF91aWRzIjp7fX0=
.betweendigital.com/	1970-01-21 01:24:34	Name: dc Value: lux1
.betweendigital.com/	1970-01-21 01:24:34	Name: tuuid Value: e5535dcc-f3db-5250-8c3c-4e97e957244b
.betweendigital.com/	1970-01-21 01:24:34	Name: ss Value: 1
.liadm.com/	1970-01-21 02:14:58	Name: lidid Value: 4200375b-68f2-413a-b317-12775a432e8b
.ipredictive.com/	1970-01-21 01:24:34	Name: cu Value: 73c56baa-ff6c-4dd2-9835-7afda27df592\|1701538524361
.doubleclick.net/	1970-01-21 02:14:58	Name: IDE Value: AHWqTUnDivGmjoXKowssLhifjOKxM1YEvpkwDrdb9RNUH8XxKOC-ZfVS_tKpEEMgFvQ
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-21 02:14:58	Name: E Value: AA7NNaOm5s-M4Czd
.360yield.com/	1970-01-20 18:48:34	Name: tuuid Value: ba99305a-3117-49d4-ba16-96cae3c64a39
.360yield.com/	1970-01-20 18:48:34	Name: tuuid_lu Value: 1701538524
.aniview.com/	1970-01-20 16:53:22	Name: 1_C_5 Value: LPOC3RIX-4-J7RK
sync.aniview.com/	1970-01-20 16:53:22	Name: 1_C_5 Value: LPOC3RIX-4-J7RK
.casalemedia.com/	1970-01-21 01:24:34	Name: CMID Value: ZWtq3MY2JQc-5CL6qMuo0QAA
.casalemedia.com/	1970-01-20 18:48:34	Name: CMPS Value: 5166
.casalemedia.com/	1970-01-20 18:48:34	Name: CMPRO Value: 5166
.smartadserver.com/	1970-01-21 02:09:12	Name: pid Value: 3589463590391086894
.smartadserver.com/	1970-01-21 02:09:12	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 01:26:00	Name: csync Value: 127:AADVBE7K1tYAABRxDUIUDA
.zeotap.com/	1970-01-21 01:24:34	Name: zc Value: 273bb8a6-4099-483a-750f-05534654a0c0
.gumgum.com/	1970-01-21 01:24:34	Name: vst Value: e_7bdbcb18-7d52-4f3e-be07-9be385a915ed
.contextweb.com/	1970-01-21 01:24:34	Name: pb_rtb_ev Value: 3-1obo\|4is.0.CAESEDiTzIvlkJGnIQUvAlB0NC0\|7TY.0\|2N.0.AAAIP8JSS0KhngMP6n3EAAAAAAA\|3oy.0\|7bq.0.1\|7dN.0.AADVBE7K1tYAABRxDUIUDA
.w55c.net/	1970-01-21 02:10:39	Name: wfivefivec Value: JBo77Qk51R9tTK5
.adotmob.com/	1970-01-21 02:07:46	Name: uid Value: 09de220400913546a9ab7729
.adotmob.com/	1970-01-21 02:07:46	Name: uuid Value: 09de220400913546a9ab7729
.adotmob.com/	1970-01-21 02:07:46	Name: partners Value: IX%3A1701538524731
.pubmatic.com/	1970-01-20 18:48:34	Name: KRTBCOOKIE_699 Value: 22727-AADVBE7K1tYAABRxDUIUDA
.pubmatic.com/	1970-01-20 17:22:10	Name: PugT Value: 1701538524
ads.smartstream.tv/	1970-01-21 01:24:34	Name: DID Value: 5c4b1d4836243e37378eaeeb8bacebbe
ads.smartstream.tv/	1970-01-21 01:24:34	Name: idt Value: 100
ads.smartstream.tv/	1970-01-21 01:24:34	Name: permanent Value: 1
.openx.net/	1970-01-21 01:24:34	Name: i Value: d03fefc5-fc17-4022-b385-cdb33e932a30\|1701538524
.demdex.net/	1970-01-20 20:58:10	Name: demdex Value: 21955394203947692791556598419646193350
.go.sonobi.com/	1970-01-20 17:22:10	Name: __uis Value: cd0b382c-a65f-4465-b1cd-9585907a0170
.w55c.net/	1970-01-20 17:22:10	Name: matchcasale Value: 5
.metadsp.co.uk/	1970-01-21 01:24:34	Name: ruuid Value: 5ff53495-c341-4cbc-b412-cbfcda5e18bb
.metadsp.co.uk/	1970-01-21 01:24:34	Name: c Value: 1701538524
.metadsp.co.uk/	1970-01-21 01:24:34	Name: ruuid_lu Value: 1701538524
.agkn.com/	1970-01-21 01:24:34	Name: ab Value: 0001%3Al%2Bvi7PShD2WrbKKlVzX9btjSySs8Gieg
.creativecdn.com/	1970-01-21 01:24:34	Name: u Value: 0iRY6JpL89Kd1G9IOwIh
.creativecdn.com/	1970-01-21 01:24:34	Name: g Value: 0iRY6JpL89Kd1G9IOwIh_1701538524835
.creativecdn.com/	1970-01-21 01:24:34	Name: ts Value: 1701538524
.dpm.demdex.net/	1970-01-20 20:58:10	Name: dpm Value: 21955394203947692791556598419646193350
.doubleclick.net/	1970-01-20 20:58:10	Name: APC Value: AfxxVi6PrCif_y2QETqGmoQ65hT5wIbPY6D6UDJelr0eB8NYvEUSyA
.disqus.com/	1970-01-21 01:24:34	Name: zeta-ssp-user-id Value: ua-16d3f280-ba3a-3e7f-be48-6e205e47a5f3
cm.adsafety.net/	1970-01-21 01:24:34	Name: UID Value: CM120231202176a6020301bb2b13837f
.adsafety.net/	1970-01-21 01:24:34	Name: cm_uid Value: CM120231202176a6020301bb2b13837f
cm.adsafety.net/	1970-01-21 01:24:34	Name: cache0 Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvdFg5anFYRFU4Qlhsb2prLzFCcFhtb2tvdFZpMHA1aVlCZ0FNWG9YYW1leG9iSHNmT0UxUFcvOVVOcG0xbmcxdGR4TEI1WjhOYVMreFhSRklQUW5uVy9YOWxmMnh0a0s3OE1ZRGV3TXcxMTVrakxMVVM1WE84dTFSRjkrSFUzcGpReVNPK285YVF5cUFZMFc1dGgvQ3h0ZlorWEFiWVo2aElZblBRbHUySWxXYVdFMGtWRFJybG56b0xJS1ArbWRaQWc4SXFVNjdlRWhLVUtrc0dYbnpFZ0prVzR3YWFOYjNaMi9YYTd0RGp3SGQ5ZDlCakNoRXhGd2s0QzhsTU9TeDRTa3pNS3ZvRVFYeDdVNHVjYXdSUEJMelk5L0wwQXFEYUFISzVlcjlrVFA5REIycHVSMmJrcU1oNGNicUdkQWtRPT0%3D
.krxd.net/	1970-01-20 20:58:10	Name: _kuid_ Value: P833dRFr
.apkshub.com/	1970-01-21 02:00:34	Name: __gads Value: ID=d35bdec5f6ffb227:T=1701538523:RT=1701538523:S=ALNI_MZ0F6Furfr-CAWAf1Rt9Vd_qWUZfA
.apkshub.com/	1970-01-21 02:00:34	Name: __gpi Value: UID=00000d019f7485a6:T=1701538523:RT=1701538523:S=ALNI_Ma4jytJbGxeJisIdJetMzupzJaXBQ
.sxp.smartclip.net/	1970-01-20 17:22:10	Name: dspuuid Value: 10.CAESEBtpG7ikj5Fbzsq9Lu8qohU
.sxp.smartclip.net/	1970-01-20 17:22:10	Name: psyn Value: 19693.10
.mathtag.com/	1970-01-21 02:04:53	Name: uuid Value: a6e1656b-6adc-4600-9c10-55aaabba5f12
.sxp.smartclip.net/	1970-01-20 17:22:10	Name: uuid Value: 6b598247-dc6a-6b65-5bc4-1a79d4265717
.fwmrm.net/	1970-01-20 20:58:10	Name: _uid Value: umo1a91_7309179327098850208
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8681\|ZWtq4
.socdm.com/	1970-01-21 02:14:58	Name: SOC Value: ZWtq3cCo8XkAACFF9JQAAAAA
.doubleclick.net/	1970-01-20 17:22:10	Name: ar_debug Value: 1
.adform.net/	1970-01-20 16:49:03	Name: TPC Value: 1701538525589
.teads.tv/	1970-01-21 01:23:08	Name: tt_viewer Value: 92a354a5-6fe7-4e72-a645-525550b4d4ee
.sitescout.com/	1970-01-20 17:22:10	Name: _ssuma Value: eyI0NSI6MTcwMTUzODUyMzg5MSwiNjgiOjE3MDE1Mzg1MjU2ODV9
.acuityplatform.com/	1970-01-21 01:24:34	Name: auid Value: 859583548143
.acuityplatform.com/	1970-01-21 01:24:34	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRgpzFyGYmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYKcxchmI90aGlyZFBhcnR5VXNlcklkWkNBRVNFSWtMVEdNVVEwYXBvNHNHbHI3TTBhd/v7hnZlcnNpb27C+w=="
.zeotap.com/	1970-01-20 16:40:24	Name: zsc Value: 3%D0%17%85%052%3F%2AH%DE%A0%03%E6%F3%19%8EP%DFk%1D%3A%81k%05%3D%8E%7C%3D%04%BF%A8%11%1D%EAP%0B%F0%C0%DF%26%C0%0A%E0U%0F%12%CA%0B%A4%CF8%EF%29%96%28S%06%F8%FC%3F%3B2%90%FAS%02%90K%ED%9BM%ED%CD%BA%CD%F8%A3%15%7D%5B.%11-%ED%D0%A0%13q%3D%CF%B8K%9B%83%0APT%EBO%B7%B0.%D8v%C9%3E%ABp%86%DEf%E3%AC%5D%A2%C9%C5%07F%96%D8%E2%D8%1Bg0%A7T%AEVh%D5%F8X%0C%C1%81%22%ECrW%2F9%E6%C3A%C1N%DF%1F%40%7B%ACOb%C5%AB%D7%BCH%C2%12V%18w%29%E6%BE%ABG
.pubmatic.com/	1970-01-20 18:48:34	Name: DPSync3 Value: 1702684800%3A227_226_219_197_201_245_241_235
.pubmatic.com/	1970-01-20 18:48:34	Name: SyncRTB3 Value: 1702339200%3A63%7C1706659200%3A69%7C1704067200%3A203%7C1702684800%3A165_46_56_71_233_161_238_7_176_99_234_81_251_3_55_254_166_13_21_88_243_220_22_214_264_54_8_249%7C1702080000%3A2_15_223%7C1702771200%3A35
.analytics.yahoo.com/	1970-01-21 01:24:34	Name: IDSYNC Value: "194o~2fdt:18vk~2fdt:19e0~2fdt:19ah~2fdt:175w~2fdt"
.1rx.io/	1970-01-21 01:24:34	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-87f50603-7304-436c-a0d6-9713341d1547-003%22%2C%22nxtrdr%22%3Afalse%2C%22zdxidn%22%3A%221508%22%7D
.ads.pubmatic.com/	1970-01-20 16:40:24	Name: pubsyncexp Value: 1701560126575
.onaudience.com/	1970-01-20 16:40:24	Name: done_redirects147 Value: 1
.tribalfusion.com/	1970-01-20 18:48:34	Name: ANON_ID Value: ajnMQgOleq9PZabprywqnxRJithl2JK6K5LHeYYRn3lPV3xeoZbySprplOon6gQ2Go5uTQT7URZdPNGZc2VxR26Za9VH9rZbUEOF0oCceS47KbYyyUvKhYPjIWyr1Aia4ZaoCfDwQOFxwGh9aSHmISYQQjFft8LufkW
.semasio.net/	1970-01-21 01:24:34	Name: SEUNCY Value: 2B09D23015A1356B
.3lift.com/	1970-01-20 18:48:34	Name: tluid Value: 263482675393081110019
.onetag-sys.com/	1970-01-21 02:08:45	Name: OTP Value: 3RuEIfZWE5pVkpzOahyCdiY4x5Kbueb5I_imtt2lVcs
.betweendigital.com/	1970-01-21 01:24:34	Name: ut Value: ZWtq3gANJzCsgDl99XjbrUiDhKwWL6j_hvI0Ag==
.quantserve.com/	1970-01-20 18:48:34	Name: d Value: ECoBGQHIKvijC_vLEKvr8QA
.ads.stickyadstv.com/	1970-01-20 17:22:10	Name: uid-bp-34673 Value: ZWtq3MY2JQc_5CL6qMuo0QAAFC4AAAAB
.smaato.net/	1970-01-20 17:09:12	Name: SCMp Value: 429f70146d
.ctnsnet.com/	1970-01-21 01:24:34	Name: cid Value: 2a26c756cd8a4d1a9330ac946f062be5
.adnxs.com/	1970-01-20 18:48:34	Name: anj Value: dTM7k!M40*cvig%ghqdmU(3$-qN)u<#?nI]N:uKgRe4r:[f-zyRnu7%-[`K)q'b$NEhA!qv=G%![QT>yQ7ozu^LH3Y0Kc<2(EfKVgJuS9fn6bcn=yN'o?J^/YChE6oAT@nY-R@z/Crc4=DZ(/k^p^NgmYd$ig+DTi-Y1XcxL!?-cno?9RrTqqkFSN
.adnxs.com/	1970-01-20 18:48:34	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQT0MzUklYLTQtSjdSSyIsImV4cGlyZXMiOiIyMDI0LTAzLTAxVDE3OjM1OjIzWiJ9LCJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIyNjM0ODI2NzUzOTMwODExMTAwMTkiLCJleHBpcmVzIjoiMjAyNC0wMy0wMVQxNzozNToyNloifX0sImJpcnRoZGF5IjoiMjAyMy0xMi0wMlQxNzozNToyM1oifQ==
.dotomi.com/	1970-01-20 16:38:58	Name: DotomiTest Value: 4d7cccbdb7be160f
.rfihub.com/	1970-01-21 02:00:34	Name: eud Value: H4sIAAAAAAAA_9vEyGtobmBoamxhamRsbmj2C4lvZmlqAgAbB6BRIAAAAA
.rubiconproject.com/	1970-01-21 01:24:34	Name: audit Value: 1\|mOmK63gqT91kFQwVid9/P+wLuFAJ1EApjH1+jziDMf/9MbvQsxHvgJrwRCSioyUy3CqOVTLHg90iZ07GJqnMnujPGTiJ9gcmpmvllXEtYN4=
.brand-display.com/	1970-01-21 02:14:58	Name: _knxq_ Value: 26e4b729-9c95-c5fd-e4893fcb.1701538526.0.1701538526.1701538526
.company-target.com/	1970-01-21 02:14:58	Name: tuuid Value: 5f46de92-5cf5-48b5-982e-e8ad5fc21f60
.company-target.com/	1970-01-21 02:14:58	Name: tuuid_lu Value: 1701538527\|ix:0
.ads.stickyadstv.com/	1970-01-20 18:05:22	Name: uid-bp-36033 Value: umo1a91_7309179327098850208
.ads.stickyadstv.com/	1970-01-20 18:05:22	Name: MRM_UID Value: umo1a91_7309179327098850208
.smadex.com/	1970-01-21 01:17:22	Name: smxtrack Value: 8fa3e66d-b499-4ce2-a188-1252cb75862d
.smadex.com/	1970-01-20 16:53:22	Name: smxbds Value: 1
.yellowblue.io/	1970-01-20 17:22:10	Name: wrvUserID Value: L1a62I9-Cp_s
.pubmatic.com/	1970-01-20 18:48:34	Name: chkChromeAb67Sec Value: 10
.ads.stickyadstv.com/	1970-01-20 17:22:10	Name: uid-bp-717 Value: y-J2kI1P5E2oMhBR.8K_vtBzsZachjorXJN6o1mYcm~A
.aralego.com/	1970-01-21 01:24:34	Name: sspid Value: 52bcda53-5771-3a76-bd7e-89c7ae28a3d9
.smilewanted.com/	1970-01-21 01:24:55	Name: sw_user_params_infos Value: lzUQgR4XiL%2BVq%2FJdlqzknTGBd1LwWQEtRGoge5nUe0yMfY%2BBTG5%2BBvI1OjQRJVzoN0uWfYp%2B2RSeysSBVJF1%2FKDWzGDofDJdtSmJvF0f2CjoSbQMA6OXTa%2F2t2BWkT%2FrSgvZUjv4sZFyhDGovti5gT7YasvDswE8U6dIOm5NepiKcYcCLl4I4Ef46FepVmdCJnwnbSLJ1D%2BfnL%2BmnpJuoTCaqmrPtSLYPCZfPcPuB9T3zFRHAWiPTPV9QRX7EbuJ9E%2Bp6k3PDLTVZUSRraHre37zcyZsYNdSGkhsPPX4aTcVC4gPPGbKW%2FI3%2Bv42Fo8sQjBSqaehT3LDH%2BsemsVzTVpoeXCI2o9yGwHTvhEyVTsKhGlrS94jUkbwc42h5UU0Vzh6SkEuI5vD%2B2sA0WoYZzBbn9QJpljzPLyb9sUxSimNVj5qAHjsv7OIhdLS38avSPYpty4GjgYGZRDsGDQqAQn%2FICUSlSzgwm6lcUyT2Gg%3D
.pubmatic.com/	1970-01-20 17:22:10	Name: SPugT Value: 1701538528
.4dex.io/	1970-01-20 18:05:22	Name: uids Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjMtMTItMDJUMTc6MzU6MjMuNjc5NjM3MDEyWiIsImVwbGFubmluZyI6IjIwMjMtMTItMDJUMTc6MzU6MjMuMjIxNDI3MzcyWiIsImltcHJvdmVkaWdpdGFsIjoiMjAyMy0xMi0wMlQxNzozNToyMy4yMjA4Mjk3MTRaIiwib25ldGFnIjoiMjAyMy0xMi0wMlQxNzozNToyMy42Nzk2MzU1OTNaIiwicHVibWF0aWMiOiIyMDIzLTEyLTAyVDE3OjM1OjIzLjIyMDQzNjIxOFoiLCJydWJpY29uIjoiMjAyMy0xMi0wMlQxNzozNToyMy4yMjA2ODg5OTZaIiwic292cm4iOiIyMDIzLTEyLTAyVDE3OjM1OjIzLjY3OTY0MDgwOFoiLCJ1bnJ1bHkiOiIyMDIzLTEyLTAyVDE3OjM1OjIzLjY3OTYzOTg1OFoifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiM2Y5MTY2ZmQtMGMwNi00NGE3LTk4MzAtM2ZhY2YxN2VjOGJlIiwiZXhwaXJlcyI6IjIwMjQtMDEtMzFUMTc6MzU6MjMuMTkxNjAyMzc5WiJ9LCJlcGxhbm5pbmciOnsidWlkIjoiQUE3Tk5hT201cy1NNEN6ZCIsImV4cGlyZXMiOiIyMDI0LTAxLTMxVDE3OjM1OjI0LjUxNjE1NzQzN1oifSwiaW1wcm92ZWRpZ2l0YWwiOnsidWlkIjoiYmE5OTMwNWEtMzExNy00OWQ0LWJhMTYtOTZjYWUzYzY0YTM5IiwiZXhwaXJlcyI6IjIwMjQtMDEtMzFUMTc6MzU6MjYuNDA2NzAyMzQ1WiJ9LCJvbmV0YWciOnsidWlkIjoiVHgwQURrcklUbkZCdTlVTk5KbUpmNHhZa0FRaXhrQmFvZkZXMDl5bFlHVSIsImV4cGlyZXMiOiIyMDI0LTAxLTMxVDE3OjM1OjI0LjkzMzY2ODIxM1oifSwicHVibWF0aWMiOnsidWlkIjoiMEFCMkEwOUYtOTkzMS00QTUwLTlEMkMtQjQ5OEI1QzYyREIwIiwiZXhwaXJlcyI6IjIwMjQtMDEtMzFUMTc6MzU6MjguNTI1NDY3NzY4WiJ9LCJydWJpY29uIjp7InVpZCI6IkxQT0MzUklYLTQtSjdSSyIsImV4cGlyZXMiOiIyMDI0LTAxLTMxVDE3OjM1OjIzLjg3ODkwNDE1WiJ9fSwiYmRheSI6IjIwMjMtMTItMDJUMTc6MzU6MjMuMTkwMTczNjUyWiJ9

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.apkshub.com/images//static/default/v2.0/images/cn.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.apkshub.com/images//static/default/v2.0/images/us.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.apkshub.com/images//static/default/v2.0/images/nl.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.apkshub.com/images//static/default/v2.0/images/de.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.apkshub.com/images//static/default/v2.0/images/ko.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.apkshub.com/images//static/default/v2.0/images/es.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.apkshub.com/images//static/default/v2.0/images/br.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.apkshub.com/images//static/default/v2.0/images/it.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.apkshub.com/images//static/default/v2.0/images/jp.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.apkshub.com/images//static/default/v2.0/images/ru.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.apkshub.com/images//static/default/v2.0/images/tw.png Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.apkshub.com/app/com.scottgames.fnaf2 Message: Access to fetch at 'https://prebid.smilewanted.com/' from origin 'https://www.apkshub.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.apkshub.com/app/com.scottgames.fnaf2 Message: Access to fetch at 'https://prebid.smilewanted.com/' from origin 'https://www.apkshub.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.apkshub.com/app/com.scottgames.fnaf2 Message: Access to fetch at 'https://prebid.smilewanted.com/' from origin 'https://www.apkshub.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.apkshub.com/app/com.scottgames.fnaf2 Message: Access to fetch at 'https://prebid.smilewanted.com/' from origin 'https://www.apkshub.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://www.apkshub.com/images//static/default/v2.0/images/ar.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://www.apkshub.com/images//static/default/v2.0/images/fr.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cs.videowalldirect.com/81a66732ddece2b186cdce7b6a45cef8.gif?puid=cc77a4b6-7e95-47ed-ba32-09569fa94366&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D472%26user_id%3D${UID}%26ssp%3Deplanning%26bsw_param%3Dcc77a4b6-7e95-47ed-ba32-09569fa94366%26gdpr%3D%26gdpr_consent%3D%26gdpr_pd%3D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://engine.widespace.com/map/ext/api/trackingcallback/v1?accessToken=zeotap-user-sync&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://tags.bluekai.com/site/87734?id=273bb8a6-4099-483a-750f-05534654a0c0&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=273bb8a6-4099-483a-750f-05534654a0c0&reqId=8a098ad8-9616-41ee-4a2a-578c66e1bc55&zdid=1361 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cs.videowalldirect.com/81a66732ddece2b186cdce7b6a45cef8.gif?puid=cc77a4b6-7e95-47ed-ba32-09569fa94366&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D472%26user_id%3D${UID}%26ssp%3Deplanning%26bsw_param%3Dcc77a4b6-7e95-47ed-ba32-09569fa94366%26gdpr%3D%26gdpr_consent%3D%26gdpr_pd%3D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.sxp.smartclip.net
ad.turn.com
ad.yieldlab.net
ad4m.at
ads.betweendigital.com
ads.pubmatic.com
ads.smartstream.tv
ads.stickyadstv.com
ads.us.e-planning.net
ads.yieldmo.com
ap.lijit.com
assets.vlitag.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
capi.connatix.com
casale-match.dotomi.com
cat.nl3.eu.criteo.com
cdn.aralego.net
cdn.doubleverify.com
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
chart.apis.google.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.adsafety.net
cm.ctnsnet.com
cm.g.doubleclick.net
cm.smadex.com
cms.analytics.yahoo.com
cms.quantserve.com
config.aps.amazon-adsystem.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.minutemedia-prebid.com
cs.videowalldirect.com
cs.yellowblue.io
csync.loopme.me
csync.smilewanted.com
d.adroll.com
d5p.de17a.com
data.apkshub.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
engine.widespace.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
exchange.mediavine.com
f8c8547be9c3ed0b4b81a5557458ae55.safeframe.googlesyndication.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
green.erne.co
grid-mercury.criteo.com
gum.criteo.com
hb.aralego.com
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
ipac.ctnsnet.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
live.primis.tech
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
media.grid.bidswitch.net
media.vlitag.com
mp.4dex.io
mwzeom.zeotap.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pbc.vliplatform.com
pdc.bidswitch.net
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid-s2s.media.net
prebid.a-mo.net
prebid.smilewanted.com
prod.tahoe-analytics.publishers.advertising.a2z.com
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.vliplatform.com
r2---sn-1gi7znek.googlevideo.com
redirector.googlevideo.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
rubicon-match.dotomi.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
s2s.t13.io
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
services.vlitag.com
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
static.smilewanted.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.aniview.com
sync.aralego.com
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.quantumdex.io
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
t.adx.opera.com
tags.bluekai.com
targeting.unrulymedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace-eu.mediago.io
trace.mediago.io
track.adform.net
trc.taboola.com
u-ams03.e-planning.net
u.4dex.io
u.ipw.metadsp.co.uk
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
useast.quantumdex.io
usermatch.krxd.net
usersync.gumgum.com
visitor.omnitagjs.com
www.apkshub.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
ad.mrtnsvr.com
cm-supply-web.gammaplatform.com
cs.videowalldirect.com
engine.widespace.com
googlecm.hit.gemius.pl
prebid.smilewanted.com
sync.tidaltv.com
103.132.192.30
104.18.36.155
108.128.36.0
108.138.9.235
124.146.153.164
13.248.245.213
130.211.44.5
131.153.158.209
141.94.161.190
141.94.170.77
141.94.171.216
142.250.181.226
142.250.185.226
145.40.97.67
151.101.66.49
154.59.122.79
162.19.138.82
162.19.138.83
162.210.196.208
162.55.120.196
162.55.236.224
172.217.16.134
172.64.146.152
172.64.149.180
172.67.10.198
173.231.180.197
178.250.1.6
178.250.1.9
18.134.84.24
18.153.147.252
18.157.198.8
18.192.135.64
18.198.126.47
18.198.161.106
18.66.23.147
185.184.8.90
185.29.134.248
185.64.189.112
185.64.190.81
185.64.191.210
185.86.138.145
185.86.138.153
188.166.17.21
188.42.34.65
192.132.33.67
192.96.203.13
193.0.160.131
193.135.9.125
193.135.9.134
193.3.178.3
193.3.178.4
195.5.165.20
198.47.127.18
198.47.127.19
198.47.127.20
2.19.105.180
2.19.126.96
2.19.85.30
2001:4860:4802:34::36
208.93.169.131
213.155.156.181
216.52.2.16
216.52.2.86
23.212.211.47
23.35.237.75
2600:1f16:e61:3f02:c74:8e54:2ce3:b02a
2600:1f18:ed:550f:766a:43f2:fc20:ff8d
2600:9000:2251:5200:1a:5235:f980:93a1
2600:9000:2362:fa00:1b:5138:8a40:93a1
2606:4700:10::6816:1857
2606:4700:10::6816:2560
2606:4700:10::6816:3bc7
2606:4700:20::681a:8a9
2606:4700:20::681a:f6e
2606:4700:20::ac43:47fe
2606:4700:20::ac43:4a81
2606:4700:3037::ac43:9e3b
2606:4700:4400::ac40:994e
2606:4700::6810:5614
2606:4700::6812:18ad
2607:ae80:4::25
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2006
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400a::7
2a02:2638:3::28
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3500:d::1732:83c8
2a02:fa8:8806:16::1400
2a04:4e42:400::300
2a05:d018:cc3:fe05:b057:3007:c56f:c3e9
2a05:d018:d29:3601:357b:9971:3f66:201
3.127.123.183
3.161.119.73
3.68.140.79
3.68.49.182
3.75.62.37
34.107.140.113
34.107.148.139
34.111.113.62
34.111.129.221
34.111.131.239
34.149.40.38
34.149.50.64
34.160.19.107
34.160.236.64
34.197.138.42
34.234.12.204
34.247.205.158
34.249.229.188
34.95.81.168
34.96.105.8
34.96.71.22
35.186.193.173
35.186.194.101
35.204.74.118
35.208.249.213
35.210.239.72
35.214.161.29
35.214.168.80
35.227.252.103
35.244.159.8
35.244.174.68
35.71.131.137
37.157.2.228
37.157.4.29
37.157.5.132
37.157.6.236
37.252.171.149
38.91.45.7
45.137.176.88
46.228.164.11
46.228.174.115
46.228.174.117
50.19.73.131
51.89.9.254
52.210.15.1
52.212.46.188
52.214.49.207
52.215.12.121
52.25.123.43
52.29.230.13
52.3.98.252
52.30.73.115
52.46.155.104
52.50.121.249
52.50.195.147
54.147.45.225
54.198.28.7
54.216.109.54
54.216.8.15
54.72.153.232
63.34.248.140
64.202.112.223
64.202.112.63
67.202.105.22
67.220.226.233
69.166.1.34
69.173.144.138
69.173.144.139
69.192.160.219
69.192.162.113
77.243.51.121
77.245.57.72
80.77.87.161
81.17.55.122
82.145.213.8
85.114.159.118
89.149.192.196
96.46.186.182
98.98.134.241
99.86.4.71
023948a2c1ea4ff56862ee8c0088c8f14667c0de50b9422206ea488587d93f45
0421a13273e4583854901974b299337322cfed7fd0b7d57c89f5d7d2bbe6a614
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0719f0ffe84f413a6500e4ee695b762d336ddd4cece88ab4a3703b285c07e750
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f6e082af52cd3f351fad18293ea3605b457b208d9fd0434dde112434c9b577b
0fb39fe4ea78ebef29289b618b2bb42daebd845d412a78caa8de7fcacfafee88
10e67d670cbd719ec58876892d9bbb4dc0838b98381a106ab45db12ef0d40efd
10faec7d8eebee9fc2777a17cd9ef8b5373bcff820c78d246475b12d79841107
1235ccd07fe540a91488aee70638b1a6bd0abfe0a7cfa77d9a05e2bd4faec728
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
16d8cf19a62001b2988e15cfe55a15e667cfa209ce107e734d64012cb3024e9b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
191a98003e98b429276e8f3daefd3849a1603a4ddee78efc0168ba41a131a5bb
1a87985707fa8a2cd12b5d3879626eccd92c19372ed032b91a7c6f9ea00b6ea8
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1e6ef4248f524878d497de076ba9be75b80b930959e9cdd7f4ac93ae2865be9f
1e8f7efe553dbaa0539fdb6954d629d89298982746eeeb88b17640e8b4d8a9ed
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f35fe07ee9cdc5e3d278f54643dc4a241251516913ecbae70c10e9bcd65dc18
208ff19a24c75168ceba107d726fe0872a975413123c11b5420efe9f14a23f82
2377f402666c690ef66b0ae49bfec0c1d3b5a9c6265ba292b50f2d8f1268a0cd
2428653048a13d41cc7aedcb47c0a8398d77a4d4a1cc3f999f9695d5e6d3d528
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
259407129bb9d822c1e1b7fc09f4e9c468f9adcb77ffeb86681c325ae7e77e20
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
272fb8e382ca42f5b11511636060e56efcb90c14988ad7e481bf2400b8315828
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bc1bdcaa43ae440358699d88341bd7d5280808579a969bd0cef5d20c6e0f8e9
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316c244584015517110aed8a71e2fddf9740b1f206b1e8ece2455eb226de84f5
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32daf5ad34af15eb8ea853325ec1838574e3a6d572c204950d42471cc2ceba94
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3796e007a655cc496ddef6cc9580bde9921ae0233da542e95a72d437ded1acd6
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39d4e15782db1b5f3a3b5330e050d2d1bd20d679ae1d133e07a2543b2e76985e
39f62c7251e7c4d822f8ea2ce605cbdcb8f436f00d363bac9ea87c9d3e468c70
3ad05fd574b9bf64fb99c4e673f0bdcd6a889d5cffb763dd8829b2abf45d9702
3afe2506f4be133c507262befb28f5bf763bb5c0abbee031ed032f1877207a9c
3ca32cd05638cb33edd377e63e05dbaad63f65c399111babf379079fe1bb04ad
3d844175cdc7a949081c01bbbce67a099356ac79849bdb14940a55cfcc793b1a
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebef1dfcd3e2dacac7ac9315e03fbfae2dbab02b370d7ae367a90ecaafce4d1
3f13b9218a20927be2ea775f729679b2883390df264a87fd86cf1aebe87be2c1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47b793aa31e681ee560790883d8d071caf4abbaecea91d923737a582e8a887b0
47dd2d1723b3ffee0626fb3014a0a683c300102cc9e575c9893f806a5b79fb05
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b70160b597fbdb2090591ecf892f97e7d99f25dfa89157f4f1fe7e82b899e81
4b75d47f45fe747aaf88568c949ed6978f352602dc7c323565713fe2b5146919
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e50deea73239bac5e2eb32861eca1c7385ffaa92bb798e9ba5d6513185aa35d
4f4034612f472fae8295438cff564e7aa58b90d5d2e87ad9e4ce4515a3ca59b4
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f90f6ad870fda6e359ba3396e5cac842321401b6c3ad833c69a601d9c322512
515a2fc6bcecf6176ec179fa5eccd0c5cbb6b399d02a8cee0309becb805c5298
54727f0ae3e8c74996dfd80bce2cadcd1515d37ac87aea10a40e73104985a9b0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57bb55a201c0efe8bb9b3fed5fdde94f8e0abf66c6cd8d55032727998d15d670
58cb117532703109026cca8786f7bdd5b9d44870d8ce924fe9845b9c9f37265e
5a787d539cf38c44227edae3b32f9baffcccf721d2ada015b732e11bac0db170
5b1ea87e0ba0c85d0db4d575decb47db062879f816c932974e6cde76fa1b5d64
5be93d78fd0a8b4e87678f1fa28296b549f0d4e52d10304cdc69b4f0159dbe23
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d2d23253a5abf5ea87aa42d7c92c8fbbabb768cd742b28c90357a7aa7c1a01b
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
5f15bbca24cc6948ed96b6637683d3341848bec109d3a80fcd1b2a2d3d214930
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
5f21e7e38dc724c0c8a98b59ece760d1c9797f654920dfa976dea4a8e198c177
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
6473b32de7c5604a3c0c0c8fc00d02f00b78333f61a978f7d178fc0c910bb1c4
65b4210c4e65a13fee851711a86f57ce18cfa871d3f698552c1ad32cfbfe0c1e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f3087354a2d14a87953c298d77afb40188d5206e6cd9c1976232a34d27ae039
72093b1e4846e898d48b490f9fb87f870570545a749de5bd6d8b0852454b1195
72d425d8b440a049d9ceb61677bdb488c637da6ae84870d40ce30d10cbc45424
733d6fd23802fc23bcbfb3b52003d5440e0d70cfb7085dcd1e9891aa675ecfe3
75001b69e4648a1972a8a5229a89f077b79d05c0036153ae858846f797571f0d
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
77b270d77147c3258d3aed6f17bfa040b6bf0430f8c1e60ad2058fd6099caaa7
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
80e70f4e809edfa34239ae9a8f125511042041222cc1341807c5d325169cb14f
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a14ea17f2682304fed5de5dfbb6b722445882a6a6124f880cb64247815f3b79
8b852f9fdab8610a0ea94d7e9255cd720e15da0961937bd0c452ae8c48e71166
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
919c98e15e2d018403dcd1bd6c6501a6646518001a15f399c003711fcd808f44
919d2a5a9ed234abc2b32bc53a2091cf923e3bef9c58a476352657d245c0625b
93b47be8dc356454f920599dabd4ba6830e60776cae2f9b073b6c7732b4c8bcf
958ea6d77aa0b400f673c3f0f6256bc2103f0c8c00b51f2475119e76014eb30f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8b8b2486c5a57a0cee2eaee8df9105cccb7c5e2beea6c6339251f6466232a1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0f95dcad4811c2b85289326687f5e63764a1a24b5f8bd2d4ad59da3858f7992
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a24a1cdd313ab6fa435e1a0f9f4f0395f864a11c9a5ff9610beafe91548d1a8d
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c
a2e2cc1dfca9d404c9acf713666be5174c6b2a529e3c60ffafdf948c6916cbad
a3531c1a6993ccc3e7b0f3e1495768e3464aecd55193ef112cb5555422ae6c90
a40eee74ab5df21b739864ab1ddaeb36db5064885f2c7a17fcc0e5dabf0fcf01
a8406e2a77bae17ac5008dcd02912bbf87dac3bf136651a4f23ec53f7372ee8a
a8984b23629304ec51802acce839ecd0e47dba4a4978f8d70d68c07fcad0b2a1
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
af26d967249e07b8d39f75101902eba7c8130b289118298be4eff1f9f141056c
af3809589419defde5846dd75f78d2899781b5ca7116647978a90ec9402f01d8
af7dbbc4c7ccaf37bc7e078493103e81d499be9fcf74fbaed44d3931af8d713c
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b116fb57493f4eed13c6c17be5f9bfacf4e924f933ef8bd0d4532fe9534c136f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2
b188b2173c0c0016773fdfbef0e1598c3df19bb165b913727973701727d57cca
b1e918390f909399afd415f7bd3d4828e2a791fe71bcbdf0a049c37e0361d4b0
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b6b1f400a460e1553f71dc48b6ea2d87e05d1d4b59bac4586f664da64ababbc7
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
b848cbb1a099c88b275101fc625b69f74caaf1e71787a8378066fb8355112c5f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
bc42487d0a1e49c5dd867df0a384b605646e262aafe8ca47031bc4f19e34d5f7
bc5869a8fcf8b8c1dfcc5bb3b3e8b9a8fc0b63eaf01526dc00ce7d43b97baefc
bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c43f2cfd502f8404bf58060207dfd8294ad0c7f1bc08e69db75713552f915795
c456baa01b5663e1ab62424a325339d9eb9ee31d176b57b9e84120f9d6744b6e
c46bb1ec4812a02696c3967c5f7ff39f30ff48ffa83ecf0d677f80563ff5fee7
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d
c54259592950ef92bdf8c614c72b79cbd4d8f856ba856c043dbfe9aa6b89d4aa
c64fb649821038fe7f3ccc4c4b94924e2796bfa6a94a97dafe9b89a2c9ba15c8
c94adda0352d0a652a04a8266449bce9cdfce65353d5e97883cd8873fd32b05e
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbe7865410512e11935fb2051abdfc3f1d10dc8936066df03ab42829b1d5f6b3
cc0ac44ac2fa8d93f1657e78b565718261fa8b48fcc7e3ec725586eadef53772
cc8411f8627a4b5cf2c9e7a5112aa1d3b5a99134e2209f445c2ecc9c11b70f12
ce1240a47c8662b49addc7fc13128a5d24a3d626912b94196bd38f3bc0e7eec5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
cfcd89ceca91c746a779064f2a809e513caeda737b53666be1e1e5be87c9f61c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1ee92cbc114465fcb32954c60bde76c76ade62d03582f93ec18b622b0df29fc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd5a43a1c893aa37b1370311b83752106eaffbf29ffc3f57bcb89db2269c155b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52116b5057d12864fc92bbde6def84e8c8b3de81cd4fadc11c6fd2e6d871566
e55310cbf1550b028f86cfb856943f2f77c120c0ed66a00a29b8abe9de41afa8
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e988c27e167cb98f5879b1b4ebff3de7e0dd3ff2dd105214225face422069b51
e9daffb35b2c7cb82c906658cc42ea0912e12888bca493073cc8ae8662943f97
eaacc861091ac18ec1b5fca350eaaf33e358b5ebef777581d6cfa58799197d8a
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed6743fd507e9e3630719e44fc4992c925633429ab723ab19866fd7615092848
ee334a4e7cab76567143a50f7cfd19d34517a9f38a0ff9ffca145e139647d336
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c916c00b48588257ba59d3bc9d50693104f651db3c040ed12a34a7de7d6432
f19885a294553a5d41046c55e14e55bfe48c1d5705a32cd04b4c1e3a6d923f67
f54e8d8a393619f067c4ce95451088f5c16b6cf2c1556e02da71421a131aa178
f678dbc5dc5f107e7cee1733b5cfcffc619cd79cd3486711af90931f43877791
fbee9f4eade871d11f26e0f4b8ec19c38c1c573090378d9964d22e897c7f5604
fbfefe1ad4213599d5ad05738a1064355401abdb611819316ee6add9e256e017
fc651bcb3226fef2fd2579a3481bbf1ed1b5cd31b26a247db60a8c5b40b15939
fdad0f44392f5298828e5780f433fa1632d015d7f3bc93c3348eeda988088cd7

www.apkshub.com Open in urlscan Pro 2606:4700:20::681a:f6e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

769 Requests

74 %HTTPS

23 %IPv6

141 Domains

222 Subdomains

134 IPs

16 Countries

4184 kBTransfer

10236 kBSize

191 Cookies

14 Outgoing links

Redirected requests

769 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.apkshub.com Open in urlscan Pro
2606:4700:20::681a:f6e Public Scan

Screenshot
Live screenshot

Full Image

769
Requests

74 %
HTTPS

23 %
IPv6

141
Domains

222
Subdomains

134
IPs

16
Countries

4184 kB
Transfer

10236 kB
Size

191
Cookies

769 HTTP transactions
5 data transactions