oq-ayiq.net Open in urlscan Pro
138.201.169.61 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://oq-ayiq.net/user/flightcircle80/
Submission: On September 26 via manual (September 26th 2023, 5:04:15 pm UTC) from TH — Scanned from CH

Summary HTTP 165 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 53 IPs in 16 countries across 74 domains to perform 165 HTTP transactions. The main IP is 138.201.169.61, located in Germany and belongs to HETZNER-AS, DE. The main domain is oq-ayiq.net.

This is the only time oq-ayiq.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	138.201.169.61 138.201.169.61	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	85.192.12.169 85.192.12.169	12695 (DINET-AS) (DINET-AS)
20	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.224.182.208 103.224.182.208	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
5	85.192.12.174 85.192.12.174	12695 (DINET-AS) (DINET-AS)
1 1	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
3	193.106.95.134 193.106.95.134	48614 (ITSOFT-AS) (ITSOFT-AS)
6	2606:4700:1::... 2606:4700:1::6813:814c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	188.42.34.65 188.42.34.65	7979 (SERVERS-COM) (SERVERS-COM)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 2	185.15.175.146 185.15.175.146	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2606:4700:10:... 2606:4700:10::6816:37ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.52.120.246 23.52.120.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	80.77.87.166 80.77.87.166	46636 (NATCOWEB) (NATCOWEB)
6 6	3.121.203.109 3.121.203.109	16509 (AMAZON-02) (AMAZON-02)
1 2	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
2 2	63.32.119.33 63.32.119.33	16509 (AMAZON-02) (AMAZON-02)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9822	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
13 16	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 23	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	145.40.97.67 145.40.97.67	54825 (PACKET) (PACKET)
1	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
8 11	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3 3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
2 6	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
1 5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 4	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 5	67.220.226.238 67.220.226.238	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:d018:d29... 2a05:d018:d29:3602:77fc:3cf3:5701:3122	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
5 6	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
3 3	44.205.93.51 44.205.93.51	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550f:fc8e:218a:8fca:e496	14618 (AMAZON-AES) (AMAZON-AES)
1 1	178.32.210.230 178.32.210.230	16276 (OVH) (OVH)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	35.174.117.224 35.174.117.224	14618 (AMAZON-AES) (AMAZON-AES)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
3 3	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	52.72.238.254 52.72.238.254	14618 (AMAZON-AES) (AMAZON-AES)
1 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
5 5	52.212.242.190 52.212.242.190	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	35.214.133.180 35.214.133.180	15169 (GOOGLE) (GOOGLE)
1	64.95.96.108 64.95.96.108	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	34.102.163.6 34.102.163.6	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	141.95.171.141 141.95.171.141	16276 (OVH) (OVH)
2 2	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
2 3	52.209.147.201 52.209.147.201	16509 (AMAZON-02) (AMAZON-02)
1 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	52.203.124.67 52.203.124.67	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1 1	3.123.171.159 3.123.171.159	16509 (AMAZON-02) (AMAZON-02)
2 2	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
2 2	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	188.166.17.21 188.166.17.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	23.88.86.2 23.88.86.2	24940 (HETZNER-AS) (HETZNER-AS)
4 4	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 3	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
1 1	15.235.15.221 15.235.15.221	16276 (OVH) (OVH)
1 1	34.102.253.54 34.102.253.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
165	53

25 138.201.169.61 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: host9.goodhoster.net

oq-ayiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.192.12.169 (Russian Federation)

ASN12695 (DINET-AS, RU)

4mlhn1ocg4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.224.182.208 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-208.above.com

leokross.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 85.192.12.174 (Russian Federation)

ASN12695 (DINET-AS, RU)

tat3ayogh6.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmpprof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dprof.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.106.95.134 (Dzerzhinskiy, Russian Federation)

ASN48614 (ITSOFT-AS, RU)

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:1::6813:814c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.34.65 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.146 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.32.184.192 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.255.110 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.52.120.246 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.166 (United Kingdom)

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.121.203.109 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-203-109.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.119.33 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-119-33.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United Kingdom) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.rtbsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9822 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.184.226 (United States) 13 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 198.47.127.205 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Poland) 3 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.67 (Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 69.173.144.139 (Frankfurt am Main, Germany) 8 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.145.213.8 (United Kingdom) 2 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.26.193 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.220.226.238 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:77fc:3cf3:5701:3122 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.6.237 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.205.93.51 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-93-51.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550f:fc8e:218a:8fca:e496 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.32.210.230 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip230.ip-178-32-210.eu

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.117.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-117-224.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (United States)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.53 (Ascension Island) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.238.254 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-238-254.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.212.242.190 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-242-190.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.102 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.133.180 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 180.133.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.95.96.108 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (Netherlands) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (Ascension Island) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.163.6 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.171.141 (Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-7.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.148.16 (Norway) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.209.147.201 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-147-201.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.203.124.67 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-124-67.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Ascension Island) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.171.159 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-171-159.eu-central-1.compute.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.242 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)
PTR: ddos.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1370 (Sweden) 2 redirects

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (None, ) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.17.21 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (Germany)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.86.2 (Los Angeles, United States)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de

matching.truffle.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.121 (Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.15.221 (United States) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	pubmatic.com 6 redirects ads.pubmatic.com — Cisco Umbrella Rank: 837 image8.pubmatic.com — Cisco Umbrella Rank: 1061 image2.pubmatic.com — Cisco Umbrella Rank: 1547 image4.pubmatic.com — Cisco Umbrella Rank: 1978 image6.pubmatic.com — Cisco Umbrella Rank: 1171 simage2.pubmatic.com — Cisco Umbrella Rank: 1265 simage4.pubmatic.com — Cisco Umbrella Rank: 1746	99 KB
26	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 7419 c.mgid.com — Cisco Umbrella Rank: 6080 cdn.mgid.com — Cisco Umbrella Rank: 9929 servicer.mgid.com — Cisco Umbrella Rank: 7449 s-img.mgid.com — Cisco Umbrella Rank: 6835 cm.mgid.com — Cisco Umbrella Rank: 2276 a.mgid.com — Cisco Umbrella Rank: 13720	433 KB
25	oq-ayiq.net oq-ayiq.net	243 KB
16	doubleclick.net 13 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 329	2 KB
14	rubiconproject.com 9 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1537 eus.rubiconproject.com — Cisco Umbrella Rank: 916 token.rubiconproject.com — Cisco Umbrella Rank: 764 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3048 pixel.rubiconproject.com — Cisco Umbrella Rank: 649	18 KB
9	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 429 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066	7 KB
9	connectad.io cdn.connectad.io — Cisco Umbrella Rank: 5215 sync-eu.connectad.io — Cisco Umbrella Rank: 5842 sync.connectad.io — Cisco Umbrella Rank: 6488	4 KB
7	adform.net 5 redirects cm.adform.net — Cisco Umbrella Rank: 1654 c1.adform.net — Cisco Umbrella Rank: 954 dmp.adform.net — Cisco Umbrella Rank: 4243	4 KB
6	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 2094 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781	4 KB
6	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 614	2 KB
5	bidr.io 5 redirects match.prod.bidr.io — Cisco Umbrella Rank: 950	3 KB
5	openx.net 1 redirects u.openx.net — Cisco Umbrella Rank: 1024 us-u.openx.net — Cisco Umbrella Rank: 863 eu-u.openx.net — Cisco Umbrella Rank: 3562	2 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 3797	3 KB
4	liadm.com 3 redirects i.liadm.com — Cisco Umbrella Rank: 1067 i6.liadm.com — Cisco Umbrella Rank: 4419	2 KB
4	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783 ups.analytics.yahoo.com — Cisco Umbrella Rank: 509	2 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 637	593 B
3	zeotap.com 1 redirects mwzeom.zeotap.com — Cisco Umbrella Rank: 4098 spl.zeotap.com — Cisco Umbrella Rank: 3966	1 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 933	2 KB
3	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 1377	1 KB
3	onaudience.com 3 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 18527 pixel.onaudience.com — Cisco Umbrella Rank: 3680	1 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 360 secure.adnxs.com — Cisco Umbrella Rank: 806	2 KB
3	criteo.com 3 redirects dis.criteo.com — Cisco Umbrella Rank: 910	1 KB
3	creativecdn.com 3 redirects creativecdn.com — Cisco Umbrella Rank: 821	1 KB
3	dmpprof.com dmpprof.com — Cisco Umbrella Rank: 23625	1 KB
3	prodmp.ru prodmp.ru — Cisco Umbrella Rank: 55943	445 B
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 7583	2 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 2139	1 KB
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1432	952 B
2	dotomi.com 2 redirects pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5593	746 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 1186	938 B
2	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1332	1 KB
2	weborama.fr 1 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 18714	498 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1469 s.tribalfusion.com — Cisco Umbrella Rank: 3247	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 7132	562 B
2	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1237	768 B
2	smartadserver.com 2 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 1096 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011	762 B
2	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 1260	1 KB
2	opera.com 2 redirects t.adx.opera.com — Cisco Umbrella Rank: 2169	1 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 1002	661 B
2	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 957	2 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1223 id5-sync.com — Cisco Umbrella Rank: 687	32 KB
2	yandex.ru 1 redirects an.yandex.ru — Cisco Umbrella Rank: 4716	675 B
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2330	1 KB
2	digitaltarget.ru dmg.digitaltarget.ru — Cisco Umbrella Rank: 16188 Failed	1 KB
1	playground.xyz 1 redirects ads.playground.xyz — Cisco Umbrella Rank: 5800	462 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128	527 B
1	truffle.bid matching.truffle.bid — Cisco Umbrella Rank: 11001
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3359	555 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 10466	345 B
1	erne.co 1 redirects green.erne.co — Cisco Umbrella Rank: 27364	412 B
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 8195	278 B
1	mrtnsvr.com 1 redirects ad.mrtnsvr.com — Cisco Umbrella Rank: 5404	308 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 1417	795 B
1	ctnsnet.com ipac.ctnsnet.com — Cisco Umbrella Rank: 7500	369 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 2200	283 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1499	225 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241	1 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164	524 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1313	397 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1944	35 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1624
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 830	650 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 1012
1	e-volution.ai sync.e-volution.ai — Cisco Umbrella Rank: 4838	103 B
1	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 1363	138 B
1	idealmedia.io cm.idealmedia.io — Cisco Umbrella Rank: 9977	158 B
1	rtbsystem.com 1 redirects cm.rtbsystem.com — Cisco Umbrella Rank: 4958	795 B
1	admanmedia.com cs.admanmedia.com — Cisco Umbrella Rank: 1518	176 B
1	dprof.site dprof.site — Cisco Umbrella Rank: 195004	538 B
1	tat3ayogh6.com tat3ayogh6.com — Cisco Umbrella Rank: 101663	49 KB
1	leokross.com leokross.com
1	4mlhn1ocg4.com 4mlhn1ocg4.com	36 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 720	6 KB
0	gammaplatform.com Failed cm-supply-web.gammaplatform.com Failed
165	74

	Domain	Requested by
25	oq-ayiq.net	oq-ayiq.net
16	cm.g.doubleclick.net	13 redirects u.openx.net
14	simage2.pubmatic.com	ads.pubmatic.com
10	cm.mgid.com	jsc.mgid.com sync-eu.connectad.io
9	image2.pubmatic.com	1 redirects ads.pubmatic.com
6	sync.connectad.io	sync-eu.connectad.io u.openx.net ssum.casalemedia.com ads.pubmatic.com
6	x.bidswitch.net	6 redirects
5	match.prod.bidr.io	5 redirects
5	c1.adform.net	4 redirects ads.pubmatic.com
5	aax-eu.amazon-adsystem.com	2 redirects u.openx.net ads.pubmatic.com
5	pixel.rubiconproject.com	3 redirects
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	s-img.mgid.com
4	a.audrte.com	3 redirects ads.pubmatic.com
4	match.adsrvr.org	u.openx.net ssum.casalemedia.com ads.pubmatic.com
4	s.amazon-adsystem.com	2 redirects ssum.casalemedia.com
4	jsc.mgid.com	oq-ayiq.net jsc.mgid.com
3	sync.1rx.io	3 redirects
3	sync.crwdcntrl.net	2 redirects ads.pubmatic.com
3	i.liadm.com	3 redirects
3	dsum-sec.casalemedia.com	1 redirects ssum.casalemedia.com
3	image6.pubmatic.com	1 redirects ads.pubmatic.com
3	dis.criteo.com	3 redirects
3	creativecdn.com	3 redirects
3	image8.pubmatic.com	3 redirects
3	ads.pubmatic.com	jsc.mgid.com sync-eu.connectad.io ads.pubmatic.com
3	dmpprof.com	tat3ayogh6.com
3	c.mgid.com
3	prodmp.ru	tat3ayogh6.com
3	counter.yadro.ru	2 redirects oq-ayiq.net
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	mwzeom.zeotap.com	ads.pubmatic.com
2	simage4.pubmatic.com	ads.pubmatic.com
2	ad.turn.com	2 redirects
2	pubmatic-match.dotomi.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	um.simpli.fi	1 redirects ads.pubmatic.com
2	cr.frontend.weborama.fr	1 redirects ads.pubmatic.com
2	pixel-eu.onaudience.com	2 redirects
2	d5p.de17a.com	2 redirects
2	sync-tm.everesttech.net	1 redirects ads.pubmatic.com
2	ib.adnxs.com	2 redirects
2	us-u.openx.net	u.openx.net
2	cms.quantserve.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	u.openx.net	1 redirects sync-eu.connectad.io
2	ssum.casalemedia.com	1 redirects sync-eu.connectad.io
2	t.adx.opera.com	2 redirects
2	sync-eu.connectad.io	cdn.connectad.io sync-eu.connectad.io
2	image4.pubmatic.com	1 redirects ads.pubmatic.com
2	ad.360yield.com	2 redirects
2	bh.contextweb.com	1 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	an.yandex.ru	1 redirects
2	ads.betweendigital.com	2 redirects
2	dmg.digitaltarget.ru	tat3ayogh6.com
2	servicer.mgid.com	jsc.mgid.com
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	spl.zeotap.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	matching.truffle.bid	ads.pubmatic.com
1	id5-sync.com	cdn.id5-sync.com
1	match.adsby.bidtheatre.com	1 redirects
1	sonata-notifications.taptapnetworks.com	1 redirects
1	dmp.adform.net	1 redirects
1	green.erne.co	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	core.iprom.net	ads.pubmatic.com
1	ad.mrtnsvr.com	1 redirects
1	p.rfihub.com	1 redirects
1	ipac.ctnsnet.com	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	csync.loopme.me	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	rtb.adentifi.com	ssum.casalemedia.com
1	sync.taboola.com	ssum.casalemedia.com
1	ssbsync.smartadserver.com	1 redirects
1	i6.liadm.com	ssum.casalemedia.com
1	ssum-sec.casalemedia.com	ssum.casalemedia.com
1	eu-u.openx.net	u.openx.net
1	px.ads.linkedin.com
1	pixel-eu.rubiconproject.com	1 redirects
1	cm.adform.net	sync-eu.connectad.io
1	ap.lijit.com	sync-eu.connectad.io
1	a.mgid.com
1	sync.e-volution.ai
1	prebid.a-mo.net	1 redirects
1	cm.idealmedia.io
1	cm.rtbsystem.com	1 redirects
1	cs.admanmedia.com
1	secure-assets.rubiconproject.com	1 redirects
1	cdn.connectad.io	cm.mgid.com
1	cdn.id5-sync.com	jsc.mgid.com
1	dprof.site	tat3ayogh6.com
1	cdn.mgid.com
1	tat3ayogh6.com	4mlhn1ocg4.com
1	leokross.com	oq-ayiq.net
1	4mlhn1ocg4.com	oq-ayiq.net
1	ajax.googleapis.com	oq-ayiq.net
0	cm-supply-web.gammaplatform.com Failed	ads.pubmatic.com
165	107

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
twitter.com
plus.google.com
www.odnoklassniki.ru
clck.mgid.com
dollaruz.net
zabbetweb.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
ybz1jsblbv.com R3	`2023-08-07` - `2023-11-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
pwrlkyotm.com R3	`2023-09-19` - `2023-12-18`	3 months	crt.sh
prodmp.ru R3	`2023-09-06` - `2023-12-05`	3 months	crt.sh
dmpprof.com R3	`2023-09-16` - `2023-12-15`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2023-03-16` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2023-04-20` - `2024-05-21`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-29` - `2023-10-30`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-11` - `2024-09-11`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
*.iprom.net R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
truffle.bid R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh

This page contains 39 frames:

Primary Page: http://oq-ayiq.net/user/flightcircle80/
Frame ID: F39AD175871062C5D3887C1DC17FAA6C
Requests: 77 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1695747842641197352058
Frame ID: 2E920831A17069E88B4EAB3925CB4C85
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Frame ID: 9647CC630804092A0A8FCCF36E3CE77B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: A876796BF6EFC761ECEE196C4D56D933
Requests: 12 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Frame ID: AB3DEF0624F70EBB011BEF4A80C9944C
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=zz7054Gtkq3JHRgUWTG9&pi=connectad
Frame ID: 052A5AF2A48FC6035304E01956F02196
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dsovrn%26dataid%3Ddata12%26uuid%3D%24UID
Frame ID: B8C797125BC7A7B5DC566EB4C2C26DA9
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=059761ee-472a-43a5-970b-42d1c3cf3f12
Frame ID: F2B7E571D7CD71159C5CDD6ECAAF90A0
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?bidder=opera&dataid=data15&uuid=OPUd05eb80e74a246818f807034595a3538
Frame ID: 6D5CC26E4915E50C2A79830CBB41C899
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Frame ID: 7B472457917F2CFB665E427311F27AA6
Requests: 24 HTTP requests in this frame

Frame: https://cm.mgid.com/m?cdsp=817115&c=YS4TkRps7SiC70sGY1YYNkjlG0CE9fHIxE6nsE0c
Frame ID: CC1C0BF911BB0943F44F8093EFB5D703
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1
Frame ID: 86598BF17F0A445DD3FD0D1C4EF0ACEC
Requests: 10 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dadform%26dataid%3Ddata4%26uuid%3D%24UID
Frame ID: 88FC4B838AE2A0F084172308A1E860DB
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Frame ID: 4DEEADA32FD44446EEE3E0A02FEE8405
Requests: 8 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 15852AEEA9CDECF0C96EE49CCE01A607
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F97BB32C-53C3-4474-AAC2-C563BB3FB903&redir=true&gdpr=0&gdpr_consent=
Frame ID: 10E75E80A6D06B0E66E9AE81702D0124
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hVQyPoMHMzmeBTo41wMuNYNZMj6eBWE4gwBNA1QJ
Frame ID: AEB45C173DDC3289C0BB8B58550F463D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7424279324110362794&gdpr=0&gdpr_consent=
Frame ID: BCA3D5D5A1B8BFBE4C6768AFA4E666E9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7283181536539572376&gdpr=0&gdpr_consent=
Frame ID: CAA55B3029372F19BA5F06F8A3496265
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xZ2Qgc9iWuxAFK-7ogZRrrAKagw&gdpr=0&gdpr_consent=
Frame ID: 363C2FDA9F27571C63C91A8D81779063
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRMPBQATTQ71oQBY
Frame ID: F4538966939CA6B3C87C424AF1E4A965
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAESl07KJh4AABicvGJ_zw&gdpr=0&gdpr_consent=
Frame ID: D200BFBED5B29CDDC5C0F59304A37A99
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: A080A7D2BFF3E2CE4FCE80069F0F783C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: C0B858F7243F1E6A7F93B2FC296A5732
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd05eb80e74a246818f807034595a3538
Frame ID: C76E5DAA57BA8015BF10533FBBD0F2D6
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 8ACAB3CC0BBEA8027ADA829975103E32
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322328674134453
Frame ID: 029B5FF681A14320CDD695F64B4A55B9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7748025684924210270
Frame ID: A28275834B120CD2D0C4DD753734BCE4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent=
Frame ID: 54A462FEBC2B81D8A044DA4855970135
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: BD0D4893A190A5942543356C310C0C3D
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 549960A734DE91B5E68297704139C6B5
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: A071AEB8B2B18DA946A814CFA0FC937A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXTSVnnTnTWWUUXVR&gdpr=0&gdpr_consent=
Frame ID: E4E9171C93DF2EE92DDEDF50F39C57BD
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?dataid=data1&uuid=F97BB32C-53C3-4474-AAC2-C563BB3FB903
Frame ID: B6C466B890D79E5DC020140DF938FE53
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent=
Frame ID: 57F4AC4B500FA1F4281B805DB9FBC0C1
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: AE6F4A4DE7764EB8F0883B5FB144978E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E892AFA7A9B544A3B8EEAE9E5B2D818A&gdpr=0&gdpr_consent=
Frame ID: 3E8FE5C8D9748C722265DAF453CD98FD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0ec4292c-0ef1-4121-907c-aa0ac8553267-003
Frame ID: AFEA4D0D60C59B7445574C36F6B6D6EA
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?dataid=data1&uuid=F97BB32C-53C3-4474-AAC2-C563BB3FB903
Frame ID: 2A851713851CBAD45EFAA7DBACB4F0E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

flightcircle80 » OQAYIQ UZ - Super Portal 2.

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

165
Requests

54 %
HTTPS

19 %
IPv6

74
Domains

107
Subdomains

53
IPs

16
Countries

934 kB
Transfer

2038 kB
Size

123
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: http://vk.com/share.php?url=http://oq-ayiq.net/&title=&description=[DESC]&image=[IMAGE]&noparse=true

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=http://oq-ayiq.net/

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=http://oq-ayiq.net/&text=

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=http://oq-ayiq.net

Search URL Search Domain Scan URL

URL: http://www.odnoklassniki.ru/dk?st.cmd=addShare&st.s=1&st._surl=http://oq-ayiq.net/&st.comments=

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/17085677/i/75354/0/pp/1/1?h=TGpllbR6d9-eq3L_ebFlT7rQMSf-Tfxy6f8zQSHIrLT6ajWuPUSwhKKXtz7-qJxteRH5i-vu3p4CBNSij80D-Q**&rid=b12d2b04-5c8e-11ee-abaa-e43d1a2a04aa&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&muid=n8q2GiVtcb4a&st=120&mp4=1&h2=okDCWzudcnDnBCmbWpcDTLf2IUVGi1VJ1pk8RcWDa5g*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/17130412/i/75354/0/pp/2/1?h=TGpllbR6d9-eq3L_ebFlT6PpLSgICE36uNhkyi6b14fMNC4PqJ6y-qh7kvUbvVAqUeFgxwtVQipgCgPo26Ka-w**&rid=b12d2b04-5c8e-11ee-abaa-e43d1a2a04aa&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&muid=n8q2GiVtcb4a&st=120&mp4=1&h2=okDCWzudcnDnBCmbWpcDTLf2IUVGi1VJ1pk8RcWDa5g*

Search URL Search Domain Scan URL

URL: https://dollaruz.net/

Search URL Search Domain Scan URL

URL: https://zabbetweb.com/the-11-best-german-wagering-websites-in-2023-brand-new-enhancements-2/
Title: บาคาร่าวัววัว

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/17242615/i/75353/0/pp/1/1?h=TGpllbR6d9-eq3L_ebFlT979d1Wdrv2q8Pp81La_Xc8gbpHda49yEcmQwNAak5k1yRCZ7qi3JEzMSUQb7k4iGA**&rid=b12ac452-5c8e-11ee-abaa-e43d1a2a04aa&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&muid=n8q2cCmb8y4a&st=120&mp4=1&h2=okDCWzudcnDnBCmbWpcDTLf2IUVGi1VJ1pk8RcWDa5g*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/17130412/i/75353/0/pp/2/1?h=TGpllbR6d9-eq3L_ebFlT5og3CO3vT6ReegcevXeUYI86S8_aRxQ3XJQe0vlmdI0Cug4KlIEM9YR9rEre7FWLw**&rid=b12ac452-5c8e-11ee-abaa-e43d1a2a04aa&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&muid=n8q2cCmb8y4a&st=120&mp4=1&h2=okDCWzudcnDnBCmbWpcDTLf2IUVGi1VJ1pk8RcWDa5g*

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/17060808/i/75353/0/pp/3/1?h=TGpllbR6d9-eq3L_ebFlTwLDYc39YqV6JDxtSe_MtYiDRuwLmKt3Eae6Q10LAzmj6k86dM9xphVTN4nEv83E2A**&rid=b12ac452-5c8e-11ee-abaa-e43d1a2a04aa&tt=Direct&att=3&cpm=1&abd=1&iv=11&ct=1&gdprApplies=0&muid=n8q2cCmb8y4a&st=120&mp4=1&h2=okDCWzudcnDnBCmbWpcDTLf2IUVGi1VJ1pk8RcWDa5g*

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

http://counter.yadro.ru/hit?t16.2;r;s1600*1200*24;uhttp%3A//oq-ayiq.net/user/flightcircle80/;0.2844388643725664 HTTP 302
https://counter.yadro.ru/hit?t16.2;r;s1600*1200*24;uhttp%3A//oq-ayiq.net/user/flightcircle80/;0.2844388643725664 HTTP 302
https://counter.yadro.ru/hit?q;t16.2;r;s1600*1200*24;uhttp%3A//oq-ayiq.net/user/flightcircle80/;0.2844388643725664

Request Chain 46

https://ads.betweendigital.com/match?bidder_id=44931&callback_url=https%3A%2F%2Fdmpprof.com%2Fmatching%2Fexternal%3Fsid%3D44931%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=44931&callback_url=https%3A%2F%2Fdmpprof.com%2Fmatching%2Fexternal%3Fsid%3D44931%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=-5559654798194955160 HTTP 302
https://dmpprof.com/matching/external?sid=44931&uid=6bde82c8-cd01-520d-97c2-5caef2d153ac

Request Chain 48

https://an.yandex.ru/mapuid/profitclicksdspis/3fb83479-2fcc-4129-a4e5-ea08545f6f3e HTTP 302
https://an.yandex.ru/mapuid/profitclicksdspis/3fb83479-2fcc-4129-a4e5-ea08545f6f3e?redir-setuniq=1

Request Chain 49

https://dmg.digitaltarget.ru/1/7114/i/i?a=923&e=3fb83479-2fcc-4129-a4e5-ea08545f6f3e HTTP 307
https://dmg.digitaltarget.ru/awg/custom/7114/i/i?call_source=awg&ts=1695747842872&a=923&e=3fb83479-2fcc-4129-a4e5-ea08545f6f3e

Request Chain 63

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu&gdpr=0&gdpr_consent=&us_privacy= HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 65

https://x.bidswitch.net/sync?dsp_id=303&user_id=n8q2GiVtcb4a&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=n8q2GiVtcb4a&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=059761ee-472a-43a5-970b-42d1c3cf3f12

Request Chain 66

https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=b5004a37-65d0-47b8-8dc4-d239a940d63d

Request Chain 67

https://cm.rtbsystem.com/mgid?c=n8q2GiVtcb4a&gdpr=0&gdpr_consent=&us_privacy=&cd=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D556372%26c%3D%24%7BUSER%7D HTTP 302
https://cm.mgid.com/m?cdsp=556372&c=07c18e13-caf9-5894-8bad-30415346b248

Request Chain 69

https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjk3QkIzMkMtNTNDMy00NDc0LUFBQzItQzU2M0JCM0ZCOTAz&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3DF97BB32C-53C3-4474-AAC2-C563BB3FB903&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
https://cm.mgid.com/m?cdsp=712807&c=F97BB32C-53C3-4474-AAC2-C563BB3FB903

Request Chain 70

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bjhxMkdpVnRjYjRh&muidn=n8q2GiVtcb4a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bjhxMkdpVnRjYjRh&muidn=n8q2GiVtcb4a&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=n8q2GiVtcb4a&google_ula={guid},5&google_gid=CAESENcnhY2yOQLU8uhFbxhSxfg&google_cver=1

Request Chain 71

https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=zz7054Gtkq3JHRgUWTG9&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1

Request Chain 72

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D HTTP 302
https://cm.mgid.com/m?cdsp=779131&c=&gdpr=0

Request Chain 79

https://creativecdn.com/cm-notify?pi=connectad HTTP 302
https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=zz7054Gtkq3JHRgUWTG9&pi=connectad

Request Chain 81

https://x.bidswitch.net/sync?ssp=rtaplus&user_id=YS4TkRps7SiC70sGY1YYNkjlG0CE9fHIxE6nsE0c&gdpr=0 HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Drtaplus%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://x.bidswitch.net/sync?dsp_id=462&ssp=rtaplus&user_id=k-IGPsL95xRMB90kRgp_pOi_v_lNC7CA7EGvpJvA&gdpr=0&gdpr_consent= HTTP 302
https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=059761ee-472a-43a5-970b-42d1c3cf3f12

Request Chain 82

https://t.adx.opera.com/pub/sync?pubid=pub9398689025600 HTTP 302
https://sync.connectad.io/umatch/1?bidder=opera&dataid=data15&uuid=OPUd05eb80e74a246818f807034595a3538

Request Chain 85

https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D HTTP 302
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1

Request Chain 87

https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D

Request Chain 88

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=LN0KHELF-7-BFQB HTTP 302
https://cm.mgid.com/m?cdsp=43070&c=LN0KHELF-7-BFQB&gdpr=0

Request Chain 90

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QJkWSMabRFiaz5CAPMuHJQ&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QJkWSMabRFiaz5CAPMuHJQ&gdpr=0

Request Chain 92

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDIxYTg3ODFiYmQ2MzA5MmE3ZTYyOTY2Njk1NDYxZDUyNGI3YTljNA&gdpr=0

Request Chain 93

https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE4wS0hFTEYtNy1CRlFC&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEG9z63UIu6bGc7xmE_lVb2A&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE4wS0hFTEYtNy1CRlFC&google_push=&gdpr=0

Request Chain 94

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-aJmtVI4Rr-kAkgs3aYc6Q&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=-aJmtVI4Rr-kAkgs3aYc6Q&gdpr=0

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEC17Bn5jpwjLBSydodeyuKk&google_cver=1

Request Chain 96

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/Pf0y1wNN2oC7J77eOK8IcA?csrc=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-XCe0jXlE2oKohDS73ezP2YN5lxYnA_EUFUPdxw--~A

Request Chain 97

https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN0KHELF-7-BFQB&gdpr=0

Request Chain 99

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=v5Y7BbnFOgKkxzMCsJsnA-_HPwakwT4CsJuJPQUN

Request Chain 100

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2967872999685759159

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE_qeESQ8cpyKwsxT6f6KJY&google_cver=1

Request Chain 106

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZRMPBB47k2k2n85b.x2yrwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPG3AA2VrFRWSUMAmUGWGFw&google_cver=1&google_hm=2

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRMPBB47k2k2n85b-x2yrwAABL4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELsz9gG8u6KvjoP4ZrQxwq8&google_cver=1

Request Chain 109

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZRMPBB47k2k2n85b.x2yrwAA%261214&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZRMPBB47k2k2n85b.x2yrwAA%261214&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=c153f6093f3544878d9395fed4c3cd8c HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-SIcCZ95xRMB90kRgp_pOi_v_lND7K_l7gSOpCQ HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-SIcCZ95xRMB90kRgp_pOi_v_lND7K_l7gSOpCQ

Request Chain 110

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8021463991198712054&gdpr=0&gdpr_consent=

Request Chain 116

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 118

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hVQyPoMHMzmeBTo41wMuNYNZMj6eBWE4gwBNA1QJ

Request Chain 119

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7424279324110362794&gdpr=0&gdpr_consent=

Request Chain 120

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7283181536539572376&gdpr=0&gdpr_consent=

Request Chain 121

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xZ2Qgc9iWuxAFK-7ogZRrrAKagw&gdpr=0&gdpr_consent=

Request Chain 122

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRMPBQATTQ71oQBY

Request Chain 123

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFU2wwN0tKaDRBQUJpY3ZHSl96dw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AAESl07KJh4AABicvGJ_zw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8021463991198712054&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AAESl07KJh4AABicvGJ_zw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8021463991198712054%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8021463991198712054&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAESl07KJh4AABicvGJ_zw&pid=558502&do=add&gdpr=0 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAESl07KJh4AABicvGJ_zw&gdpr=0&gdpr_consent=

Request Chain 124

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 126

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd05eb80e74a246818f807034595a3538

Request Chain 128

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322328674134453

Request Chain 129

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7748025684924210270

Request Chain 130

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent=

Request Chain 132

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 134

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2785ee7e74466259/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DGp1rLOrtXTSVnnTnTWWUUXVR%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=a3b0f9eb9442bed85f063248a70048ac&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DGp1rLOrtXTSVnnTnTWWUUXVR%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXTSVnnTnTWWUUXVR&gdpr=0&gdpr_consent=

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-XuzLFPDRHSqwsVjuz-5Aw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 137

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent=&ct=y

Request Chain 138

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1571512521

Request Chain 139

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F97BB32C-53C3-4474-AAC2-C563BB3FB903 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZGxjNlhBQ2pmaUlRQlNuNHFBM3U4c0hYdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=4756122921790429404&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFi9HV2qGU_n_uCjBC_VWeg&google_cver=1

Request Chain 142

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4756122921790429404

Request Chain 144

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oZvgMCxE2uUxSV8Q2n0yWVWdlvpcpi4-~A&gdpr=0

Request Chain 146

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=059761ee-472a-43a5-970b-42d1c3cf3f12&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_a13ae02c-5b88-4d5c-94ba-f105895ee4af&bsw_param=059761ee-472a-43a5-970b-42d1c3cf3f12&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=059761ee-472a-43a5-970b-42d1c3cf3f12&gdpr=0&gdpr_consent=&gdpr_pd=

Request Chain 147

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e5c4189f-7dbb-4765-b7c1-0d9982e999e3-65130f05-4348&gdpr=0&gdpr_consent=

Request Chain 148

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=22238482142823fb&is_secure=true&networkId=17100&version=1&nuid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI__Xlva4KYQM_3G7aAAAAAAA&expiration=1695834245&nuid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 149

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4001565564370993229&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 150

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ad18197b-1c40-4bc9-af6f-86cb07563af1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 156

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E892AFA7A9B544A3B8EEAE9E5B2D818A&gdpr=0&gdpr_consent=

Request Chain 157

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1695747848192 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=718240078 HTTP 302
https://sync.1rx.io/usersync/turn/4001565564370993229?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0ec4292c-0ef1-4121-907c-aa0ac8553267-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-0ec4292c-0ef1-4121-907c-aa0ac8553267-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0ec4292c-0ef1-4121-907c-aa0ac8553267-003

Request Chain 160

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F97BB32C-53C3-4474-AAC2-C563BB3FB903&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F97BB32C-53C3-4474-AAC2-C563BB3FB903&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 161

https://pixel.onaudience.com/?partner=214&mapped=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent= HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=2785ee7e74466259 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ae890d8a-fb91-4ec9-491b-dceb2f281845&reqId=3e89fe65-9d99-4350-5f4e-733562120eb2&zcluid=2785ee7e74466259&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEITJHKtquaXHbBssaDX4aLw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ae890d8a-fb91-4ec9-491b-dceb2f281845&reqId=3e89fe65-9d99-4350-5f4e-733562120eb2&zcluid=2785ee7e74466259&zdid=1332

Request Chain 162

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7424279324110362794

165 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
oq-ayiq.net/user/flightcircle80/ 23 KB
8 KB 129ms
54ms Document
text/html 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: 946fe9986b082ac7abdba026b9f249092069a3248c9e8d7829f4a4fa9da71031

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 26 Sep 2023 17:03:59 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK jquery.js Show response
oq-ayiq.net/engine/classes/js/ 94 KB
33 KB 47ms
45ms Script
application/javascript 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oq-ayiq.net/engine/classes/js/jquery.js
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: 91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/user/flightcircle80/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:03:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 May 2014 17:28:00 GMT
Server: nginx
ETag: W/"5388bfa0-1762e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=7776000, public
Connection: keep-alive
Expires: Mon, 25 Dec 2023 17:03:59 GMT

GET
H/1.1 200
OK jqueryui.js Show response
oq-ayiq.net/engine/classes/js/ 91 KB
26 KB 90ms
45ms Script
application/javascript 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oq-ayiq.net/engine/classes/js/jqueryui.js
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: 1c1cff50aff55b4885098dfddbda95585cea76264bed46120c69dd9bf0070615

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/user/flightcircle80/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:03:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Nov 2013 21:00:00 GMT
Server: nginx
ETag: W/"52990050-16b15"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=7776000, public
Connection: keep-alive
Expires: Mon, 25 Dec 2023 17:03:59 GMT

GET
H/1.1 200
OK dle_js.js Show response
oq-ayiq.net/engine/classes/js/ 24 KB
6 KB 86ms
42ms Script
application/javascript 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oq-ayiq.net/engine/classes/js/dle_js.js
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: 9210fb80d7fc5cb3370db9ac7631e9b1cf51177374254d650dd68a6f72e2db99

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/user/flightcircle80/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:03:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Jun 2014 08:48:00 GMT
Server: nginx
ETag: W/"53b12440-5f2b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=7776000, public
Connection: keep-alive
Expires: Mon, 25 Dec 2023 17:03:59 GMT

GET
H/1.1 200
OK webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 60ms
29ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 22 Sep 2023 09:42:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 372077
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 5437
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 21 Sep 2024 09:42:42 GMT

GET
H/1.1 200
OK webfont.js Show response
oq-ayiq.net/engine/editor/scripts/ 3 KB
1 KB 87ms
43ms Script
application/javascript 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oq-ayiq.net/engine/editor/scripts/webfont.js
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: 7e6d09da6ba4996eee765d4f73fb4001f371114b7596e8df7d17add0ac2256d2

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/user/flightcircle80/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:03:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Nov 2013 21:00:00 GMT
Server: nginx
ETag: W/"52950bd0-c0a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=7776000, public
Connection: keep-alive
Expires: Mon, 25 Dec 2023 17:03:59 GMT

GET
H/1.1 200
OK default.css
oq-ayiq.net/engine/editor/css/ 9 KB
2 KB 84ms
42ms Stylesheet
text/css 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oq-ayiq.net/engine/editor/css/default.css
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: 408ef277c5c07ee4f9a8ec7a2e0ceb44e1f6008bb54afee87ddbd4f032debe17

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/user/flightcircle80/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:03:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Nov 2013 21:00:00 GMT
Server: nginx
ETag: W/"52950bd0-25ce"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=7776000, public
Connection: keep-alive
Expires: Mon, 25 Dec 2023 17:03:59 GMT

GET
H/1.1 200
OK style.css
oq-ayiq.net/templates/vestnik2/css/ 83 KB
16 KB 88ms
44ms Stylesheet
text/css 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oq-ayiq.net/templates/vestnik2/css/style.css
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: c83f7f093522a439b17753d827129d1dfdc7ad5c5ff9c0127449dcb8ab8c0911

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/user/flightcircle80/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:03:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 10 Jun 2018 13:11:57 GMT
Server: nginx
ETag: W/"5b1d239d-14ab5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=7776000, public
Connection: keep-alive
Expires: Mon, 25 Dec 2023 17:03:59 GMT

GET
H/1.1 200
OK active.js Show response
oq-ayiq.net/templates/vestnik2/js/ 1 KB
900 B 126ms
42ms Script
application/javascript 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oq-ayiq.net/templates/vestnik2/js/active.js
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: e5518859d6d6f041adf70ee26d2cebb32772695d43299fd535d548f4d5112d10

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/user/flightcircle80/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:03:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Sep 2014 12:16:48 GMT
Server: nginx
ETag: W/"542164b0-4c0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=7776000, public
Connection: keep-alive
Expires: Mon, 25 Dec 2023 17:03:59 GMT

GET
H2 200 script.js Show response
4mlhn1ocg4.com/ 101 KB
36 KB 540ms
139ms Script
application/javascript 85.192.12.169
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4mlhn1ocg4.com/script.js
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.192.12.169 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e5087e216abdbe0d3c25e698fe0448940e7db29387d3010ce2a274d9e37fc691

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:00 GMT
content-encoding: gzip
server: nginx/1.18.0
x-adsbid-request: xq7g5dkb7cfa
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800

GET
H/1.1 200
OK search.jpg
oq-ayiq.net/templates/vestnik2/images/ 2 KB
2 KB 66ms
66ms Image
image/jpeg 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oq-ayiq.net/templates/vestnik2/images/search.jpg
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: a5a6c7eaf1009a5ba1c3d0cc563f3e692e06ad8eb7ded0c3ef3570bf1382a9de

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/user/flightcircle80/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:00 GMT
Last-Modified: Fri, 19 Sep 2014 07:18:52 GMT
Server: nginx
ETag: "541bd8dc-72b"
Content-Type: image/jpeg
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1835
Expires: Mon, 25 Dec 2023 17:04:00 GMT

GET
H2 200 oq-ayiq.net.662440.js Show response
jsc.mgid.com/o/q/ 3 KB
2 KB 398ms
215ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/o/q/oq-ayiq.net.662440.js

Requested by

Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f26684433300886915edd09c39e253179c4f5086b657952862fbf33190ea7502

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:00 GMT
x-amz-version-id: euLEQua8k9lJJ0kSxh1PN6xR0imwligk
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: R176B709H773W94Z
cf-polished: origSize=3497
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KHHq4IjjtSPNZULnuZqQl5+YjwGv8nOQx9LYOB61aWOI42pKQXu/wcpaqEBIXmzYHWorsOaIFwkK9ZIQsTmLrw==
cf-bgj: minify
last-modified: Mon, 11 Sep 2023 10:40:46 GMT
server: cloudflare
etag: W/"9babe831986cdcf67b19e32953f97257"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 80cd15639b322c32-FRA
expires: Tue, 26 Sep 2023 20:04:00 GMT

GET
H/1.1 200
OK bankuzbanner66.png
oq-ayiq.net/uploads/ 32 KB
32 KB 55ms
53ms Image
image/png 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oq-ayiq.net/uploads/bankuzbanner66.png
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: ecc88f66299785d4dee0637798168ede32f3419533d6611fb5ae9d7dd1222756

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/user/flightcircle80/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:00 GMT
Last-Modified: Mon, 20 Apr 2020 18:02:55 GMT
Server: nginx
ETag: "5e9de3cf-7e4b"
Content-Type: image/png
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32331
Expires: Mon, 25 Dec 2023 17:04:00 GMT

GET
H/1.1 200
OK noavatar.png
oq-ayiq.net/templates/vestnik2/dleimages/ 5 KB
5 KB 55ms
53ms Image
image/png 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oq-ayiq.net/templates/vestnik2/dleimages/noavatar.png
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: 5dc72574c725e1a577db0f6a8da82b83556ba92dacef077a5924c3cb4348cceb

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/user/flightcircle80/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:00 GMT
Last-Modified: Fri, 01 Nov 2013 06:44:06 GMT
Server: nginx
ETag: "52734db6-12b8"
Content-Type: image/png
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4792
Expires: Mon, 25 Dec 2023 17:04:00 GMT

GET
H/1.1 200
OK offline.png
oq-ayiq.net/templates/vestnik2/images/ 300 B
626 B 55ms
54ms Image
image/png 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oq-ayiq.net/templates/vestnik2/images/offline.png
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: 055cf4517f751cf8695085af7d27d1a2653ec088ee88dcb60f422da8c754c4e1

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/user/flightcircle80/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:00 GMT
Last-Modified: Mon, 30 Jan 2012 19:46:00 GMT
Server: nginx
ETag: "4f26f378-12c"
Content-Type: image/png
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 300
Expires: Mon, 25 Dec 2023 17:04:00 GMT

GET
H2 200 oq-ayiq.net.662486.js Show response
jsc.mgid.com/o/q/ 3 KB
2 KB 398ms
216ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/o/q/oq-ayiq.net.662486.js

Requested by

Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9e33494a849e6e9aeebb403976e76367c1f0e03d995d0cd25389b6c8d8b8062

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:00 GMT
x-amz-version-id: XWNJRiWmjZwRNoWwHAG7Yp4R8ovKYEUO
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: R174DZQH851CJMN4
cf-polished: origSize=3497
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tSQVwTWsLyOSmxrn0uisvaUm7JRNBHqpBjTnZD43hIiwnsUR5+PJIbAExycfaKxNB8OQM+G3LRq0Umxras5/GDgcUm4PiKo7hgiR3somYn8=
cf-bgj: minify
last-modified: Mon, 11 Sep 2023 10:40:47 GMT
server: cloudflare
etag: W/"a73638a647deb038a83c220850b42b18"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 80cd15639b342c32-FRA
expires: Tue, 26 Sep 2023 20:04:00 GMT

GET
H/1.1 404
Not Found 66.js
leokross.com/ 0
0 535ms
184ms Script
text/html 103.224.182.208
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://leokross.com/66.js
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: HTTP/1.1
Server: 103.224.182.208 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-182-208.above.com
Software: /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 38a89e25.js Show response
tat3ayogh6.com/pixels/ 141 KB
49 KB 319ms
138ms Script
application/javascript 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tat3ayogh6.com/pixels/38a89e25.js
Requested by: Host: 4mlhn1ocg4.com
URL: https://4mlhn1ocg4.com/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 28cce79fbfb93f180d0e7533ca3a43bd5faa37c45cf1598d4485f5e080bc83cc

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:00 GMT
cache-control: no-store
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 08:43:01 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t16.2;r;s1600*1200*24;uhttp%3A//oq-ayiq.net/user/flightcircle80/;0.2844388643725664
https://counter.yadro.ru/hit?t16.2;r;s1600*1200*24;uhttp%3A//oq-ayiq.net/user/flightcircle80/;0.2844388643725664
https://counter.yadro.ru/hit?q;t16.2;r;s1600*1200*24;uhttp%3A//oq-ayiq.net/user/flightcircle80/;0.2844388643725664

233 B
719 B

70ms
69ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t16.2;r;s1600*1200*24;uhttp%3A//oq-ayiq.net/user/flightcircle80/;0.2844388643725664

Requested by

Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

631c0faefed8407e879bed847cf216d443585802af7f02563c539f6f9dad5da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Sep 2023 17:04:00 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 233
Expires: Sun, 25 Sep 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 26 Sep 2023 17:04:00 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t16.2;r;s1600*1200*24;uhttp%3A//oq-ayiq.net/user/flightcircle80/;0.2844388643725664
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sun, 25 Sep 2022 21:00:00 GMT

GET
H/1.1 200
OK body.jpg
oq-ayiq.net/templates/vestnik2/images/ 18 KB
18 KB 44ms
43ms Image
image/jpeg 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oq-ayiq.net/templates/vestnik2/images/body.jpg
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/templates/vestnik2/css/style.css
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: 2f29b0d26fa3574c7bb7771efd04c7185bc3b1adc55050d22f1252b536153315

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/templates/vestnik2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:00 GMT
Last-Modified: Fri, 19 Sep 2014 06:24:56 GMT
Server: nginx
ETag: "541bcc38-46fd"
Content-Type: image/jpeg
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18173
Expires: Mon, 25 Dec 2023 17:04:00 GMT

GET
H/1.1 200
OK body2.png
oq-ayiq.net/templates/vestnik2/images/ 2 KB
2 KB 91ms
88ms Image
image/png 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oq-ayiq.net/templates/vestnik2/images/body2.png
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/templates/vestnik2/css/style.css
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: 81465cc0b84489aa4c9612e5b7ea9ca4cfcf5a9805c2189b94c7d2dc796ecb0e

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/templates/vestnik2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:00 GMT
Last-Modified: Fri, 19 Sep 2014 06:35:36 GMT
Server: nginx
ETag: "541bceb8-606"
Content-Type: image/png
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1542
Expires: Mon, 25 Dec 2023 17:04:00 GMT

GET
H/1.1 200
OK pt_sans_regular-webfont.woff
oq-ayiq.net/templates/vestnik2/font/ 42 KB
42 KB 115ms
92ms Font
font/woff 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://oq-ayiq.net/templates/vestnik2/font/pt_sans_regular-webfont.woff
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/templates/vestnik2/css/style.css
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: 419020e7ed64604b4b1282d0e69599a7dbc4faeb23c6d5777a619a8797d64521

Request headers

Referer: http://oq-ayiq.net/templates/vestnik2/css/style.css
Origin: http://oq-ayiq.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:00 GMT
Last-Modified: Tue, 16 Sep 2014 03:18:38 GMT
Server: nginx
ETag: "5417ac0e-a6dc"
Content-Type: font/woff
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42716
Expires: Mon, 25 Dec 2023 17:04:00 GMT

GET
H/1.1 200
OK soc.png
oq-ayiq.net/templates/vestnik2/images/ 5 KB
5 KB 92ms
92ms Image
image/png 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oq-ayiq.net/templates/vestnik2/images/soc.png
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/templates/vestnik2/css/style.css
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: 166d45afb2a79d345b58df0f47790726c55179d39b55bcda439477bcc741b01a

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/templates/vestnik2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:00 GMT
Last-Modified: Fri, 19 Sep 2014 07:43:50 GMT
Server: nginx
ETag: "541bdeb6-13bc"
Content-Type: image/png
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5052
Expires: Mon, 25 Dec 2023 17:04:00 GMT

GET
H/1.1 200
OK logo.png
oq-ayiq.net/templates/vestnik2/images/ 3 KB
3 KB 104ms
103ms Image
image/png 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oq-ayiq.net/templates/vestnik2/images/logo.png
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/templates/vestnik2/css/style.css
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: 3466e699074fb21dc452411cc1d388e18ad2b2e5292fd7f93a894b32585617f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/templates/vestnik2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:00 GMT
Last-Modified: Sun, 11 Jun 2017 10:17:15 GMT
Server: nginx
ETag: "593d18ab-c75"
Content-Type: image/png
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3189
Expires: Mon, 25 Dec 2023 17:04:00 GMT

GET
H/1.1 200
OK top-menu-link.jpg
oq-ayiq.net/templates/vestnik2/images/ 1 KB
1 KB 157ms
42ms Image
image/jpeg 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oq-ayiq.net/templates/vestnik2/images/top-menu-link.jpg
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/templates/vestnik2/css/style.css
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: 5a77d3f8677ba26cee2e77d126ee40d8e58fd6e13d10fbf01fe4e9b2e71045c4

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/templates/vestnik2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:00 GMT
Last-Modified: Fri, 19 Sep 2014 10:50:32 GMT
Server: nginx
ETag: "541c0a78-4b0"
Content-Type: image/jpeg
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1200
Expires: Mon, 25 Dec 2023 17:04:00 GMT

GET
H/1.1 200
OK content-block.jpg
oq-ayiq.net/templates/vestnik2/images/ 1 KB
1 KB 154ms
42ms Image
image/jpeg 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oq-ayiq.net/templates/vestnik2/images/content-block.jpg
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/templates/vestnik2/css/style.css
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: 1036bc6434dc01e088cae8a6f4f39f80f4ba6bc590d085863c1726b46dda76c3

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/templates/vestnik2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:00 GMT
Last-Modified: Fri, 19 Sep 2014 12:13:10 GMT
Server: nginx
ETag: "541c1dd6-4aa"
Content-Type: image/jpeg
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1194
Expires: Mon, 25 Dec 2023 17:04:00 GMT

GET
H/1.1 200
OK theme-link.png
oq-ayiq.net/templates/vestnik2/images/ 980 B
1 KB 179ms
49ms Image
image/png 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oq-ayiq.net/templates/vestnik2/images/theme-link.png
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/templates/vestnik2/css/style.css
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: dd25694faed81a2f6108344e3b641e440703c15b12ca52bb742e28eeae12e56a

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/templates/vestnik2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:00 GMT
Last-Modified: Fri, 19 Sep 2014 12:33:44 GMT
Server: nginx
ETag: "541c22a8-3d4"
Content-Type: image/png
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 980
Expires: Mon, 25 Dec 2023 17:04:00 GMT

GET
H/1.1 200
OK rating.png
oq-ayiq.net/templates/vestnik2/dleimages/ 2 KB
2 KB 194ms
42ms Image
image/png 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oq-ayiq.net/templates/vestnik2/dleimages/rating.png
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/templates/vestnik2/css/style.css
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: f6143dbed2dbbdf1be4e596caab2d7d0437f54d4809d726c0460ca74879c97a8

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/templates/vestnik2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:00 GMT
Last-Modified: Thu, 29 Sep 2011 11:48:32 GMT
Server: nginx
ETag: "4e845b10-620"
Content-Type: image/png
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1568
Expires: Mon, 25 Dec 2023 17:04:00 GMT

GET
H/1.1 200
OK right-news.png
oq-ayiq.net/templates/vestnik2/images/ 931 B
1 KB 156ms
41ms Image
image/png 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oq-ayiq.net/templates/vestnik2/images/right-news.png
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/templates/vestnik2/css/style.css
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: b9953f2e1f77a2b2b139486c05075d438aa7855df1db1e0f98a4798a220272a7

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/templates/vestnik2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:00 GMT
Last-Modified: Sun, 21 Sep 2014 03:26:42 GMT
Server: nginx
ETag: "541e4572-3a3"
Content-Type: image/png
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 931
Expires: Mon, 25 Dec 2023 17:04:00 GMT

GET
H/1.1 200
OK login-soc.png
oq-ayiq.net/templates/vestnik2/images/ 6 KB
6 KB 155ms
42ms Image
image/png 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oq-ayiq.net/templates/vestnik2/images/login-soc.png
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/templates/vestnik2/css/style.css
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: a9ae42be2f7c83ff8cb6e60da7aad36514459b1f67f89ddf29ff30ba2c581950

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/templates/vestnik2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:00 GMT
Last-Modified: Sun, 21 Sep 2014 03:49:30 GMT
Server: nginx
ETag: "541e4aca-174d"
Content-Type: image/png
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5965
Expires: Mon, 25 Dec 2023 17:04:00 GMT

GET
H/1.1 200
OK footer3.jpg
oq-ayiq.net/templates/vestnik2/images/ 1 KB
1 KB 45ms
43ms Image
image/jpeg 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oq-ayiq.net/templates/vestnik2/images/footer3.jpg
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/templates/vestnik2/css/style.css
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: f5432fb25c10f0dbb2237d195df416b9a2b675700076f667bd64b91a8eeb8fda

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/templates/vestnik2/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:00 GMT
Last-Modified: Sun, 21 Sep 2014 04:52:20 GMT
Server: nginx
ETag: "541e5984-4ad"
Content-Type: image/jpeg
Cache-Control: max-age=7776000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1197
Expires: Mon, 25 Dec 2023 17:04:00 GMT

GET
H2 200 oq-ayiq.net.662440.es6.js Show response
jsc.mgid.com/o/q/ 316 KB
95 KB 223ms
222ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/o/q/oq-ayiq.net.662440.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/q/oq-ayiq.net.662440.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8c43f30a1cfc44ac211b8c4262d816f3b2082890f14bcbf6aa992c3d368a5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:00 GMT
x-amz-version-id: RHcfYp3IL.IOBqAqtpajFrEQjF7I3OmY
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: 1H6X21JVM7ZBVNFB
cf-polished: origSize=323749
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: hX5QNKbBTtW5KkFcTimFjgfBdjWfOpzYMzC+mbyciSrM6M6IsBima/kMf1EA16Cxa9Ps2JAetwrZjXNwsztrpg==
cf-bgj: minify
last-modified: Mon, 11 Sep 2023 10:40:46 GMT
server: cloudflare
etag: W/"1fedf217704bfdf4af0d8861c38bc4f1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 80cd1564fca72c32-FRA
expires: Tue, 26 Sep 2023 20:04:00 GMT

GET
H2 200 pclicks.js Show response
prodmp.ru/ 0
223 B 263ms
68ms Script
text/javascript 193.106.95.134
ITSOFT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmp.ru/pclicks.js
Requested by: Host: tat3ayogh6.com
URL: https://tat3ayogh6.com/pixels/38a89e25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.95.134 Dzerzhinskiy, Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/javascript
date: Tue, 26 Sep 2023 17:04:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 oq-ayiq.net.662486.es6.js Show response
jsc.mgid.com/o/q/ 315 KB
96 KB 228ms
226ms Script
text/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsc.mgid.com/o/q/oq-ayiq.net.662486.es6.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/q/oq-ayiq.net.662486.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d01953f1c52d11fcc65f774e511efe9d016f7d20e64f3ab13db270f8f46416b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:01 GMT
x-amz-version-id: bD9UXq1wB1NzIQ16kmmjMJCCbOHbrW3X
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: KEZW1NGS61M3JZ9G
cf-polished: origSize=322922
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: XbqzL3Ka9NW+MfqVRzh0h+8P+REwSp1/gLYDI5vVQby+wpttN08zE5aB4diDBujM0ijRZPSHM1EsWefMls1Ma/e9dtRwQKAv
cf-bgj: minify
last-modified: Mon, 11 Sep 2023 10:40:46 GMT
server: cloudflare
etag: W/"c9b622935fd23f2b34ac31709a07a4b2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=10800
cf-ray: 80cd15658ca52c42-FRA
expires: Tue, 26 Sep 2023 20:04:01 GMT

GET
BLOB 200
OK 782074fe-39f1-4c62-aeaf-372a393ffd87
http://oq-ayiq.net/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://oq-ayiq.net/782074fe-39f1-4c62-aeaf-372a393ffd87
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/user/flightcircle80/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 6f23248e-67d0-46c2-8cff-491728615dad
http://oq-ayiq.net/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://oq-ayiq.net/6f23248e-67d0-46c2-8cff-491728615dad
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/user/flightcircle80/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK 6c36d063-0645-4e33-b8a4-f20caa44543f
http://oq-ayiq.net/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://oq-ayiq.net/6c36d063-0645-4e33-b8a4-f20caa44543f
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/user/flightcircle80/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 4dcffa27-bd7b-4ccb-8146-09c9304cdac2
http://oq-ayiq.net/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://oq-ayiq.net/4dcffa27-bd7b-4ccb-8146-09c9304cdac2
Requested by: Host: oq-ayiq.net
URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/user/flightcircle80/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 /
c.mgid.com/pv/ 43 B
138 B 72ms
52ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/pv/?lu=http%3A%2F%2Foq-ayiq.net%2Fuser%2Fflightcircle80%2F&cbuster=1695747841402704558626&pvid=18ad2729d798ea4e15c&implVersion=11&cxurl=http%3A%2F%2Foq-ayiq.net%2Fuser%2Fflightcircle80%2F&site=414967&i=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 80cd1568f8902c32-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 internal Show response
dmpprof.com/matching/ 153 B
676 B 701ms
69ms Fetch
application/json 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=8&href=http%3A%2F%2Foq-ayiq.net%2Fuser%2Fflightcircle80%2F&title=flightcircle80%20%C2%BB%20OQAYIQ%20UZ%20-%20Super%20Portal%202.&dmp_print_id=b8866629bdf7ed24e9cbf862dfdd76ea
Requested by: Host: tat3ayogh6.com
URL: https://tat3ayogh6.com/pixels/38a89e25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: a0c73b2e84c4cb4be4d82e972257a3e6b8d20ecac936dfe12e0823de118819da

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:02 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: http://oq-ayiq.net
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 153

GET
BLOB 206
Partial Content fc68bcbd-e0d1-4738-b1ee-a9df59585ed0
http://oq-ayiq.net/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://oq-ayiq.net/fc68bcbd-e0d1-4738-b1ee-a9df59585ed0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: http://oq-ayiq.net/user/flightcircle80/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 69f5542e-deb1-46b1-a0ed-5df2ba7c0366
http://oq-ayiq.net/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://oq-ayiq.net/69f5542e-deb1-46b1-a0ed-5df2ba7c0366
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: http://oq-ayiq.net/user/flightcircle80/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 pfdindisplaypro-regular-webfont.woff
cdn.mgid.com/fonts/ 143 KB
144 KB 316ms
218ms Font
binary/octet-stream 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mgid.com/fonts/pfdindisplaypro-regular-webfont.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d2f6cdc8935a366367038ae0c41970fb8179484bd7826fee8889adde33d887

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: http://oq-ayiq.net/
Origin: http://oq-ayiq.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:02 GMT
x-amz-version-id: null
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-request-id: FEP3RPHC4RXNKAP3
alt-svc: h3=":443"; ma=86400
content-length: 146832
x-amz-id-2: T9kxt9hi6e82RsbKxzxe6XvnvT93/npqsnBzkTm/m0X1lwrSV2Z5hsIsAbQrD52iYyxbEBvXNrg=
last-modified: Mon, 04 May 2020 12:16:39 GMT
server: cloudflare
etag: "eb96f10c2dc30d06d0969ff9c2ecfff0"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 80cd156dfd022c3e-FRA
expires: Wed, 27 Sep 2023 17:04:02 GMT

GET
H2 200 1 Show response
servicer.mgid.com/348034/ 4 KB
2 KB 87ms
72ms Script
application/x-javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/348034/1?mp4=1&ap=1&w=187&h=291&wrongImageSize=1&cols=1&sessionId=65130f02-09f4a&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=http%3A%2F%2Foq-ayiq.net%2Fuser%2Fflightcircle80%2F&cbuster=1695747842184802193026&pvid=18ad2729d798ea4e15c&implVersion=11&cxurl=http%3A%2F%2Foq-ayiq.net%2Fuser%2Fflightcircle80%2F&niet=4g&nisd=false&pv=5&lct=1694390400&jsv=es6&pageView=1&dpr=1&ref=&tfre=2454

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/q/oq-ayiq.net.662486.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d51483df0bf61680e54e1ced6b04f2712b523e91b3db4bc48cd96a77f9348ac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 80cd156e0d2a2c32-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/348033/ 3 KB
1 KB 114ms
114ms Script
application/x-javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicer.mgid.com/348033/1?mp4=1&ap=1&w=155&h=347&cols=1&sessionId=65130f02-09f4a&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=http%3A%2F%2Foq-ayiq.net%2Fuser%2Fflightcircle80%2F&cbuster=1695747842237572699984&pvid=18ad2729d798ea4e15c&implVersion=11&cxurl=http%3A%2F%2Foq-ayiq.net%2Fuser%2Fflightcircle80%2F&niet=4g&nisd=false&pv=5&lct=1694390400&jsv=es6&pageView=0&dpr=1&ref=&tfre=2507

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/q/oq-ayiq.net.662440.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b682f0e4951fd2b017b319a2fa135692c8e8fdae0099e097099b7ec51e4a0bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 80cd156e1d452c32-FRA
alt-svc: h3=":443"; ma=86400

GET /
dmg.digitaltarget.ru/2/ 0
0

GET
H2 200 demography Show response
prodmp.ru/pclicks/ 3 B
132 B 79ms
77ms Fetch
application/json 193.106.95.134
ITSOFT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmp.ru/pclicks/demography?domain=oq-ayiq.net
Requested by: Host: tat3ayogh6.com
URL: https://tat3ayogh6.com/pixels/38a89e25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.95.134 Dzerzhinskiy, Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: http://oq-ayiq.net
date: Tue, 26 Sep 2023 17:04:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 3
content-type: application/json

GET
H2

200

external
dmpprof.com/matching/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=44931&callback_url=https%3A%2F%2Fdmpprof.com%2Fmatching%2Fexternal%3Fsid%3D44931%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=44931&callback_url=https%3A%2F%2Fdmpprof.com%2Fmatching%2Fexternal%3Fsid%3D44931%26uid%3D%24%7BUSER_ID%7D&crf=1&rts=-5559654798194955160
https://dmpprof.com/matching/external?sid=44931&uid=6bde82c8-cd01-520d-97c2-5caef2d153ac

0
0

227ms
88ms

Image
application/json

85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmpprof.com/matching/external?sid=44931&uid=6bde82c8-cd01-520d-97c2-5caef2d153ac
Protocol: H2
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

location: https://dmpprof.com/matching/external?sid=44931&uid=6bde82c8-cd01-520d-97c2-5caef2d153ac
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 profitclicks
prodmp.ru/ 0
90 B 90ms
89ms Image
text/html 193.106.95.134
ITSOFT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prodmp.ru/profitclicks?uid=3fb83479-2fcc-4129-a4e5-ea08545f6f3e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.95.134 Dzerzhinskiy, Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/html;charset=utf-8

GET
H2

200

3fb83479-2fcc-4129-a4e5-ea08545f6f3e
an.yandex.ru/mapuid/profitclicksdspis/
Redirect Chain

https://an.yandex.ru/mapuid/profitclicksdspis/3fb83479-2fcc-4129-a4e5-ea08545f6f3e
https://an.yandex.ru/mapuid/profitclicksdspis/3fb83479-2fcc-4129-a4e5-ea08545f6f3e?redir-setuniq=1

43 B
108 B

108ms
97ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/profitclicksdspis/3fb83479-2fcc-4129-a4e5-ea08545f6f3e?redir-setuniq=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 26 Sep 2023 17:04:02 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 26 Sep 2023 17:04:02 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 26 Sep 2023 17:04:02 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/profitclicksdspis/3fb83479-2fcc-4129-a4e5-ea08545f6f3e?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 26 Sep 2023 17:04:02 GMT

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/7114/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/7114/i/i?a=923&e=3fb83479-2fcc-4129-a4e5-ea08545f6f3e
https://dmg.digitaltarget.ru/awg/custom/7114/i/i?call_source=awg&ts=1695747842872&a=923&e=3fb83479-2fcc-4129-a4e5-ea08545f6f3e

49 B
523 B

268ms
106ms

Image
image/gif

185.15.175.146
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/7114/i/i?call_source=awg&ts=1695747842872&a=923&e=3fb83479-2fcc-4129-a4e5-ea08545f6f3e

Protocol

HTTP/1.1

Server

185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:03 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 49
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Tue, 26 Sep 2023 17:04:02 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Max-Age: 86400
Location: https://dmg.digitaltarget.ru/awg/custom/7114/i/i?call_source=awg&ts=1695747842872&a=923&e=3fb83479-2fcc-4129-a4e5-ea08545f6f3e
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

POST
H2 200 enr Show response
dmpprof.com/ 2 B
351 B 90ms
72ms Fetch
text/plain 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmpprof.com/enr?href=http%3A%2F%2Foq-ayiq.net%2Fuser%2Fflightcircle80%2F&title=flightcircle80%20%C2%BB%20OQAYIQ%20UZ%20-%20Super%20Portal%202.
Requested by: Host: tat3ayogh6.com
URL: https://tat3ayogh6.com/pixels/38a89e25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://oq-ayiq.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 26 Sep 2023 17:04:02 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://oq-ayiq.net
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length: 2

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF81MDkseV82NDcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDkvN...
s-img.mgid.com/g/17242615/492x328/-/ 34 KB
35 KB 98ms
88ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17242615/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF81MDkseV82NDcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDkvNDc1ODIxL2MzMThiYzhlZTA3ZWQzNDIzZWY0MzA1OWQzZTk1N2ViLmpwZWc.webp?v=1695747842-SAx6aaqUg-YvBJVYeSduKSOmfFAj1A8rPe8apWLpLTU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e874894556e7eb5597010db36d58d7b0cf13292468485340ee7ca6d56402ea56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: http://oq-ayiq.net/
Origin: http://oq-ayiq.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 8d1e74e7-1ac0-43da-a112-554b89ed0566
age: 42801
alt-svc: h3=":443"; ma=86400
content-length: 35324
last-modified: Tue, 19 Sep 2023 13:49:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 80cd156f4e622c3e-FRA

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF81MTIseV8zNjQvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDkvN...
s-img.mgid.com/g/17130412/492x328/-/ 7 KB
7 KB 98ms
89ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17130412/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF81MTIseV8zNjQvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDkvNDc1ODIxL2UyMzYzMDQ5MGEwYTZjMWM1Yzc1ZTQ4Zjc0N2VmMDc0LmpwZWc.webp?v=1695747842-t5xDO2329Fq6sKECqjdJycMLFP3bnhHexpYS7t_Ru3Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d832cac581264ab0ea8be46ef552e4842ff3f1a5b432562f1908ae56bbdc6303

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: http://oq-ayiq.net/
Origin: http://oq-ayiq.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 4d3a3a7c-af50-46e0-820b-d93bb324743b
age: 43271
alt-svc: h3=":443"; ma=86400
content-length: 6664
last-modified: Thu, 07 Sep 2023 11:13:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 80cd156f4e662c3e-FRA

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF81NzAseV8zMzYvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDgvN...
s-img.mgid.com/g/17060808/492x328/-/ 34 KB
35 KB 96ms
89ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17060808/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF81NzAseV8zMzYvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDgvNDc1ODIxLzMxMGMzYTU2Y2YxODA4NTY5YjcwN2I3MmVlNWJlMWRmLmpwZw.webp?v=1695747842-AQPmQdk-TpvaeWhtKNt5VZmo8EbzYNBUPBkr3--Q-bQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77801d78f2b2bb1fe4abb6b01683fd73e32743fb10678667f3bcffe8d3631e1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: http://oq-ayiq.net/
Origin: http://oq-ayiq.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 5a789836-5c34-44f7-8d2c-3337be4e6aab
age: 42938
alt-svc: h3=":443"; ma=86400
content-length: 35260
last-modified: Tue, 29 Aug 2023 12:03:20 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 80cd156f4e642c3e-FRA

GET
H2 200 mapping Show response
dprof.site/matching/ 17 B
538 B 138ms
105ms Fetch
application/json 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dprof.site/matching/mapping?uid=3fb83479-2fcc-4129-a4e5-ea08545f6f3e
Requested by: Host: tat3ayogh6.com
URL: https://tat3ayogh6.com/pixels/38a89e25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:02 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: http://oq-ayiq.net
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 17

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDgvMzU2NjA1Lzc3M2IyY...
s-img.mgid.com/g/17085677/200x200/-/ 6 KB
6 KB 773ms
773ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17085677/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDgvMzU2NjA1Lzc3M2IyYTZlNjk5MTYwNGE3MmIwMjZlMGIxMGY2MDkwLmpwZw.webp?v=1695747842-kvbqDoh1WQ4y30DGYfbqU5QM5RG_TYJDnynPxZM0lMI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a0afbc2a1f440d691e260863e24dbeb644836d3a5b0612aeb76ae66e636a6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: http://oq-ayiq.net/
Origin: http://oq-ayiq.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
last-modified: Tue, 26 Sep 2023 17:04:02 GMT
x-mg-request-uuid: ddba0893-b35d-4314-9e93-e1382f5e70dd
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 80cd156f7eb02c3e-FRA
content-length: 6234
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzUxMix5XzM2NC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wOS80N...
s-img.mgid.com/g/17130412/200x200/-/ 2 KB
3 KB 61ms
61ms Image
image/webp 2606:4700:1::6813:814c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/17130412/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3Xzk2MCx4XzUxMix5XzM2NC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wOS80NzU4MjEvZTIzNjMwNDkwYTBhNmMxYzVjNzVlNDhmNzQ3ZWYwNzQuanBlZw.webp?v=1695747842-or5wHBEUnflGNmWPwUJAHP-OV784Uj7PhW8XlMzozKE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

589094843589f9101c6e372c18f762a0605e7032ac6d300fd4df7f66ff5281bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: http://oq-ayiq.net/
Origin: http://oq-ayiq.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 4c926fb3-3516-43df-ba95-a6911e896b26
age: 36563
alt-svc: h3=":443"; ma=86400
content-length: 2422
last-modified: Thu, 07 Sep 2023 11:24:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 80cd156f8ec22c3e-FRA

GET
H/1.1 200
OK /
oq-ayiq.net/user/flightcircle80/ 23 KB
23 KB 78ms
78ms Image
text/html 138.201.169.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://oq-ayiq.net/user/flightcircle80/
Protocol: HTTP/1.1
Server: 138.201.169.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: host9.goodhoster.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/user/flightcircle80/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Sep 2023 17:04:02 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
1 KB 123ms
111ms Script
application/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/i.js?muid=n8q2cCmb8y4a&cbuster=1695747842630196219667

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/q/oq-ayiq.net.662486.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

887507327f033d8917f53ea2466aa9e603f18de4edcb6eb78fcef131f1b2c16b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 80cd157098602c32-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 2E92 0
41 B 114ms
114ms Script
application/javascript 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/i-noref.js?cbuster=1695747842641197352058

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/q/oq-ayiq.net.662486.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 80cd1570986a2c32-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 142 KB
31 KB 269ms
44ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/q/oq-ayiq.net.662486.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bafe6fd85ddfdbd516fc0ba3f773c61cc6ff2cbc380bd8fad7ed1cd816ef770a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: CX9JV57DCVSAH62K
age: 14
x-amz-server-side-encryption: AES256
x-amz-id-2: 4jN7yeMGrE4p1Fu3XiEmWqohh2DgEkF5gopYg+tmIwspcgGYoaGGYlEhms4WK9ZT0MrniGh07pk=
last-modified: Tue, 26 Sep 2023 09:55:01 GMT
server: cloudflare
etag: W/"ea7caabc3eb5cbf690ddffcd65b85596"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 80cd15720e634c4c-MXP
expires: Tue, 26 Sep 2023 18:04:02 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 254ms
31ms Script
application/javascript 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/o/q/oq-ayiq.net.662486.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:02 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=79915
accept-ranges: bytes
content-length: 63913
expires: Wed, 27 Sep 2023 15:15:57 GMT

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 9647 1 KB
864 B 566ms
78ms Document
text/html 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=n8q2cCmb8y4a&cbuster=1695747842630196219667
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: http://oq-ayiq.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 1199
alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: HIT
cf-ray: 80cd1574afc60e13-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 26 Sep 2023 17:04:03 GMT
last-modified: Tue, 26 Sep 2023 16:44:04 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A876
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu&gdpr=0&gdpr_consent=&us_privacy=
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu&gdpr=0&gdpr_consent=&us_privacy=

281 B
554 B

242ms
101ms

Document
text/html

23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?muid=n8q2cCmb8y4a&cbuster=1695747842630196219667
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: http://oq-ayiq.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 26 Sep 2023 17:04:03 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 26 Sep 2023 17:04:03 GMT
location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu&gdpr=0&gdpr_consent=&us_privacy=
server: AkamaiGHost

GET
H/1.1 204
No Content e4e1f5fe20753b6b614cda48b7e3c9f7.gif
cs.admanmedia.com/ 0
176 B 3664ms
1376ms Image
text/plain 80.77.87.166
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?gdpr=0&gdpr_consent=&ccpa=&redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

80.77.87.166 , United Kingdom, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:06 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Connection: keep-alive

GET
H2

200

rtset
bh.contextweb.com/bh/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=n8q2GiVtcb4a&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=n8q2GiVtcb4a&gdpr=0&gdpr_consent=&us_privacy=
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=059761ee-472a-43a5-970b-42d1c3cf3f12

49 B
868 B

265ms
48ms

Image
image/gif

208.93.169.131
WEBMD-IDC1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=059761ee-472a-43a5-970b-42d1c3cf3f12

Protocol

Server

208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-CH
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-f59c96d6-wtxwn
expires: -1

Redirect headers

location: //bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=059761ee-472a-43a5-970b-42d1c3cf3f12
date: Tue, 26 Sep 2023 17:04:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=b5004a37-65d0-47b8-8dc4-d239a940d63d

43 B
479 B

80ms
64ms

Image
image/gif

2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=665953&c=b5004a37-65d0-47b8-8dc4-d239a940d63d

Protocol

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 80cd15772e802c42-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=b5004a37-65d0-47b8-8dc4-d239a940d63d
access-control-allow-origin: *
date: Tue, 26 Sep 2023 17:04:03 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://cm.rtbsystem.com/mgid?c=n8q2GiVtcb4a&gdpr=0&gdpr_consent=&us_privacy=&cd=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D556372%26c%3D%24%7BUSER%7D
https://cm.mgid.com/m?cdsp=556372&c=07c18e13-caf9-5894-8bad-30415346b248

43 B
447 B

63ms
55ms

Image
image/gif

2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=556372&c=07c18e13-caf9-5894-8bad-30415346b248

Protocol

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 80cd1575ecf92c42-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

date: Tue, 26 Sep 2023 17:04:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JoGWlvfg3XIawYj7THLt80Srj4zN5iDf7D%2FpCwkmmaWO5o0czfM8LNgSsA1mQx5OZCGtY%2BwsbEy3az70PsPfFLHu9rsatg9r8yL1k5hVWUKYnEUMOUKpNz2cQvxYSou98pYEigt7bOzuHZAxf4WF"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://cm.mgid.com/m?cdsp=556372&c=07c18e13-caf9-5894-8bad-30415346b248
cf-ray: 80cd1574b9f422b8-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
158 B 594ms
85ms Image
image/gif 2606:4700::6813:9822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.idealmedia.io/setmuidn/?muidf=n8q2GiVtcb4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 80cd1574af3a2c02-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjk3QkIzMkMtNTNDMy00NDc0LUFBQzItQzU2M0JCM0ZCOTAz&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3DF97BB32C-53C3-4474-AAC2-C563BB3FB903&us_privacy=%24%7BUS_PRIVACY%7D
https://cm.mgid.com/m?cdsp=712807&c=F97BB32C-53C3-4474-AAC2-C563BB3FB903

43 B
511 B

239ms
163ms

Image
image/gif

2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=712807&c=F97BB32C-53C3-4474-AAC2-C563BB3FB903

Protocol

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 80cd157e8ee62c42-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=712807&c=F97BB32C-53C3-4474-AAC2-C563BB3FB903
date: Tue, 26 Sep 2023 17:04:04 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bjhxMkdpVnRjYjRh&muidn=n8q2GiVtcb4a
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bjhxMkdpVnRjYjRh&muidn=n8q2GiVtcb4a&google_tc=
https://cm.mgid.com/google?muidn=n8q2GiVtcb4a&google_ula={guid},5&google_gid=CAESENcnhY2yOQLU8uhFbxhSxfg&google_cver=1

0
137 B

137ms
130ms

Image
text/plain

2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/google?muidn=n8q2GiVtcb4a&google_ula={guid},5&google_gid=CAESENcnhY2yOQLU8uhFbxhSxfg&google_cver=1

Protocol

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain
cf-ray: 80cd1576ee272c42-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.mgid.com/google?muidn=n8q2GiVtcb4a&google_ula={guid},5&google_gid=CAESENcnhY2yOQLU8uhFbxhSxfg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=
https://creativecdn.com/cm-notify?pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
https://cm.mgid.com/m?cdsp=501037&c=zz7054Gtkq3JHRgUWTG9&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1

43 B
463 B

97ms
97ms

Image
image/gif

2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=501037&c=zz7054Gtkq3JHRgUWTG9&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1

Protocol

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 80cd15767da82c42-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=zz7054Gtkq3JHRgUWTG9&pi=mgid&gdpr=0&gdpr_consent=&us_privacy=&tc=1
pragma: no-cache
date: Tue, 26 Sep 2023 17:04:03 GMT, Tue, 26 Sep 2023 17:04:03 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

400

m
cm.mgid.com/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D
https://cm.mgid.com/m?cdsp=779131&c=&gdpr=0

11 B
346 B

96ms
75ms

Image
text/plain

2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=779131&c=&gdpr=0

Protocol

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=utf-8
cf-ray: 80cd15775eb22c42-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11

Redirect headers

location: https://cm.mgid.com/m?cdsp=779131&c=&gdpr=0
date: Tue, 26 Sep 2023 17:04:02 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H/1.1 204
No Content 34b9aae5baa016b251b9fc488f4a97cd.gif
sync.e-volution.ai/ 0
103 B 4895ms
4142ms Image
text/plain 109.206.161.21
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=n8q2GiVtcb4a&gdpr=0&gdpr_consent=&ccpa_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 109.206.161.21 , Netherlands, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 109.206.161.21.serverel.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 26 Sep 2023 17:04:08 GMT
Server: nginx

GET
H2 200 1 Show response
sync-eu.connectad.io/syncer/ Frame AB3D 5 KB
1 KB 223ms
209ms Document
text/html 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c65d53a42cee116ade46f996ccea0bb92cf285bcaf4cb5c024bf77a9c5e8135f

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status: DYNAMIC
cf-ray: 80cd1576ea4e0e13-MXP
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 26 Sep 2023 17:04:03 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A876 36 KB
11 KB 40ms
40ms Script
text/html 23.52.120.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.120.246 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-120-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0038684f70e7797da9ffd6711e037cbd49658448facb30e2b93389dbc8c1cbd5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu&gdpr=0&gdpr_consent=&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Sep 2023 21:34:00 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=16253
Connection: keep-alive
Content-Length: 10516
Expires: Tue, 26 Sep 2023 21:34:56 GMT

GET
H3 200 c
c.mgid.com/ 43 B
229 B 67ms
66ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/c?f=1&pv=3&v=153|153|8|TGpllbR6d9-eq3L_ebFlT6PpLSgICE36uNhkyi6b14fMNC4PqJ6y-qh7kvUbvVAqUeFgxwtVQipgCgPo26Ka-w**&fw=1&extjs=66044&h2=okDCWzudcnDnBCmbWpcDTLf2IUVGi1VJ1pk8RcWDa5g*&rid=b12d2b04-5c8e-11ee-abaa-e43d1a2a04aa&tt=Direct&iv=11&cid=348033&pageImp=1&pvid=18ad2729d798ea4e15c&cbuster=1695747843762721398454&muid=n8q2GiVtcb4a

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-mg-request-uuid: 103ccfcc-abe8-4d9d-8e74-d3c9e7c4c08c
server: cloudflare
content-type: image/gif
cf-ray: 80cd15779ee72c42-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame A876 7 B
777 B 370ms
31ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: aca6c52e983509e86b136a052e19be23
Expires: 0

GET
H2 200 1x1.gif
a.mgid.com/ 43 B
199 B 153ms
126ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.mgid.com/1x1.gif?id=475821&type=c&tg=57ee290982f79abfdaab84b9ed6aab3c&gdpr=0&gdpr_consent=&us_privacy=&mgbuster=03b42

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 80cd1577f8752c32-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2

204

1
sync.connectad.io/umatch/ Frame 052A
Redirect Chain

https://creativecdn.com/cm-notify?pi=connectad
https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=zz7054Gtkq3JHRgUWTG9&pi=connectad

0
0

182ms
165ms

Document
text/plain

2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=zz7054Gtkq3JHRgUWTG9&pi=connectad
Requested by: Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://sync-eu.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status: DYNAMIC
cf-ray: 80cd157a0eab0e13-MXP
date: Tue, 26 Sep 2023 17:04:04 GMT
server: cloudflare

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Tue, 26 Sep 2023 17:04:04 GMT Tue, 26 Sep 2023 17:04:04 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=zz7054Gtkq3JHRgUWTG9&pi=connectad
pragma: no-cache

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame B8C7 0
0 151ms
56ms Document
text/plain 216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dsovrn%26dataid%3Ddata12%26uuid%3D%24UID
Requested by: Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sync-eu.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Tue, 26 Sep 2023 17:04:04 GMT
X-Sovrn-Pod: ad_ap3ams1

GET
H3

204

1
sync-eu.connectad.io/pixel/ Frame F2B7
Redirect Chain

https://x.bidswitch.net/sync?ssp=rtaplus&user_id=YS4TkRps7SiC70sGY1YYNkjlG0CE9fHIxE6nsE0c&gdpr=0
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Drtaplus%26user_id%3D%40%40CRITEO_USERID%40%40
https://x.bidswitch.net/sync?dsp_id=462&ssp=rtaplus&user_id=k-IGPsL95xRMB90kRgp_pOi_v_lNC7CA7EGvpJvA&gdpr=0&gdpr_consent=
https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=059761ee-472a-43a5-970b-42d1c3cf3f12

0
0

222ms
222ms

Document
text/plain

2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=059761ee-472a-43a5-970b-42d1c3cf3f12
Requested by: Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://sync-eu.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status: DYNAMIC
cf-ray: 80cd157cb83d0d68-MXP
date: Tue, 26 Sep 2023 17:04:04 GMT
server: cloudflare

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Tue, 26 Sep 2023 17:04:04 GMT
location: //sync-eu.connectad.io/pixel/1?dataid=data3&uuid=059761ee-472a-43a5-970b-42d1c3cf3f12

GET
H2

204

1
sync.connectad.io/umatch/ Frame 6D5C
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub9398689025600
https://sync.connectad.io/umatch/1?bidder=opera&dataid=data15&uuid=OPUd05eb80e74a246818f807034595a3538

0
0

258ms
152ms

Document
text/plain

2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.connectad.io/umatch/1?bidder=opera&dataid=data15&uuid=OPUd05eb80e74a246818f807034595a3538
Requested by: Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://sync-eu.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status: DYNAMIC
cf-ray: 80cd157c59620e13-MXP
date: Tue, 26 Sep 2023 17:04:04 GMT
server: cloudflare

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 133
content-type: text/html; charset=utf-8
date: Tue, 26 Sep 2023 17:04:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://sync.connectad.io/umatch/1?bidder=opera&dataid=data15&uuid=OPUd05eb80e74a246818f807034595a3538
pragma: no-cache
server: nginx

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7B47 15 KB
6 KB 30ms
30ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Requested by: Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://sync-eu.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=112239
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Tue, 26 Sep 2023 17:04:04 GMT
expires: Thu, 28 Sep 2023 00:14:43 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3 200 m Show response
cm.mgid.com/ Frame CC1C 43 B
495 B 60ms
59ms Document
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.mgid.com/m?cdsp=817115&c=YS4TkRps7SiC70sGY1YYNkjlG0CE9fHIxE6nsE0c

Requested by

Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://sync-eu.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate max-age=0
cf-cache-status: DYNAMIC
cf-ray: 80cd1579d9532c42-FRA
content-length: 43
content-type: image/gif
date: Tue, 26 Sep 2023 17:04:04 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload

GET
H2

200

usermatch Show response
ssum.casalemedia.com/ Frame 8659
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1

2 KB
862 B

76ms
64ms

Document
text/html

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1
Requested by: Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b9ffb8cdc07ce00b24b05a876266cb2fe3240b6121c89ad16eb35631a78818a

Request headers

Referer: https://sync-eu.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 80cd157add4001db-ZRH
content-encoding: br
content-type: text/html
date: Tue, 26 Sep 2023 17:04:04 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgqFxwJIuhwDbdGDPSgTahWMN%2B%2FpOdNCHtgsSWBRQYGamJVy21T0dgTinW%2B3qjY6cAX%2FoMiCPuZA2yg5ZNFHkdHV8Z01SYonV8MqewQ23CmWeLUFFMKPHJaRfWEAp5AvtHCtg1fN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 80cd157a4c1001db-ZRH
content-length: 0
date: Tue, 26 Sep 2023 17:04:04 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJ755cEmO149dG87W9vW6ru8guhCwJI1%2BTOAIVujrNTkVMlCPKADgWjraTVbHGrr3DNELqQNCIFf0yz7xjGsEpghqgJlHjDmEFBwTB90g4tcfAEMKvkMnQLubvafyIc0iWep96sU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 cookie Show response
cm.adform.net/ Frame 88FC 43 B
106 B 213ms
63ms Document
image/gif 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dadform%26dataid%3Ddata4%26uuid%3D%24UID
Requested by: Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://sync-eu.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Tue, 26 Sep 2023 17:04:04 GMT
server: nginx

GET
H2

200

cm Show response
u.openx.net/w/1.0/ Frame 4DEE
Redirect Chain

https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX...
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7B...

754 B
804 B

56ms
47ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Requested by: Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?us_privacy=&gdpr_consent=&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D817115%26c%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 38a1c2bef364ffd12a5f60ce3e021ad0661e802b253362900da6e7cd4fef943c

Request headers

Referer: https://sync-eu.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 469
content-type: text/html
date: Tue, 26 Sep 2023 17:04:04 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 26 Sep 2023 17:04:04 GMT
location: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H3

200

m
cm.mgid.com/ Frame A876
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=LN0KHELF-7-BFQB
https://cm.mgid.com/m?cdsp=43070&c=LN0KHELF-7-BFQB&gdpr=0

43 B
510 B

241ms
165ms

Image
image/gif

2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?cdsp=43070&c=LN0KHELF-7-BFQB&gdpr=0

Protocol

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 80cd157e8ee42c42-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.mgid.com/m?cdsp=43070&c=LN0KHELF-7-BFQB&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: aca6c52e983509e86b136a052e19be23
Expires: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7B47 5 KB
6 KB 377ms
56ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84353430&p=156077&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 9c6627f85cf2233d848b3645bdb48a41546353bd48138b497a6a403fa9cb7030

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 26 Sep 2023 17:04:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A876
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QJkWSMabRFiaz5CAPMuHJQ&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QJkWSMabRFiaz5CAPMuHJQ&gdpr=0

43 B
479 B

135ms
134ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QJkWSMabRFiaz5CAPMuHJQ&gdpr=0

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Sep 2023 17:04:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: N0RPX44TB9A7MK5Q2HFR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QJkWSMabRFiaz5CAPMuHJQ&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame A876 70 B
149 B 307ms
96ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A876
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDIxYTg3ODFiYmQ2MzA5MmE3ZTYyOTY2Njk1NDYxZDUyNGI3YTljNA&gdpr=0

170 B
188 B

217ms
141ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDIxYTg3ODFiYmQ2MzA5MmE3ZTYyOTY2Njk1NDYxZDUyNGI3YTljNA&gdpr=0

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDIxYTg3ODFiYmQ2MzA5MmE3ZTYyOTY2Njk1NDYxZDUyNGI3YTljNA&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: aca6c52e983509e86b136a052e19be23
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A876
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE4wS0hFTEYtNy1CRlFC&gdpr=0
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEG9z63UIu6bGc7xmE_lVb2A&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE4wS0hFTEYtNy1CRlFC&google_push=&gdpr=0

170 B
188 B

113ms
65ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE4wS0hFTEYtNy1CRlFC&google_push=&gdpr=0

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE4wS0hFTEYtNy1CRlFC&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: aca6c52e983509e86b136a052e19be23
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame A876
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-aJmtVI4Rr-kAkgs3aYc6Q&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=-aJmtVI4Rr-kAkgs3aYc6Q&gdpr=0

43 B
479 B

127ms
127ms

Image
image/gif

67.220.226.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=-aJmtVI4Rr-kAkgs3aYc6Q&gdpr=0

Protocol

HTTP/1.1

Server

67.220.226.238 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Sep 2023 17:04:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TAFMYMXD31G4NRRDCVTR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=-aJmtVI4Rr-kAkgs3aYc6Q&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame A876
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEC17Bn5jpwjLBSydodeyuKk&google_cver=1

42 B
690 B

293ms
41ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEC17Bn5jpwjLBSydodeyuKk&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEC17Bn5jpwjLBSydodeyuKk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame A876
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/Pf0y1wNN2oC7J77eOK8IcA?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-XCe0jXlE2oKohDS73ezP2YN5lxYnA_EUFUPdxw--~A

42 B
690 B

116ms
64ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-XCe0jXlE2oKohDS73ezP2YN5lxYnA_EUFUPdxw--~A
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 26 Sep 2023 17:04:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-XCe0jXlE2oKohDS73ezP2YN5lxYnA_EUFUPdxw--~A
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame A876
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN0KHELF-7-BFQB&gdpr=0

0
650 B

523ms
271ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN0KHELF-7-BFQB&gdpr=0
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:04 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4400434ECB814AF3BFF952BCA5CACB7F Ref B: ZRHEDGE1019 Ref C: 2023-09-26T17:04:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYGRg/wgbZyW4uxAZyLEw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LN0KHELF-7-BFQB&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 1
sync.connectad.io/umatch/ Frame 4DEE 0
1 KB 180ms
176ms Image
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.connectad.io/umatch/1?dataid=data5&uuid=d18216ff-37c8-0e54-2c27-2499c7c825a1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:04 GMT
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 80cd157d48c80d68-MXP
alt-svc: h3=":443"; ma=86400

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 4DEE
Redirect Chain

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=v5Y7BbnFOgKkxzMCsJsnA-_HPwakwT4CsJuJPQUN

43 B
61 B

155ms
147ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=v5Y7BbnFOgKkxzMCsJsnA-_HPwakwT4CsJuJPQUN
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol: H3
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:05 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=v5Y7BbnFOgKkxzMCsJsnA-_HPwakwT4CsJuJPQUN
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 4DEE
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2967872999685759159

43 B
106 B

126ms
55ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2967872999685759159
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol: H2
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:05 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2967872999685759159
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 4DEE 43 B
855 B 361ms
215ms Image
image/gif 67.220.226.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=b08ae54d-92fd-8647-87a5-661b2ea02ccc

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.238 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Sep 2023 17:04:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 61CFMEWMT8HGWWHEXBGH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 4DEE 70 B
148 B 224ms
86ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=e85c9930-8e57-3dbd-47ab-e48c4693e72c&gdpr=0
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 4DEE 170 B
188 B 156ms
51ms Image
image/png 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzQzMzRhZmEtNDcyMC02MzE5LTUyNGItYmUzNThjNzEyOTRj

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4DEE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE_qeESQ8cpyKwsxT6f6KJY&google_cver=1

43 B
180 B

107ms
86ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE_qeESQ8cpyKwsxT6f6KJY&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol: H2
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:04 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE_qeESQ8cpyKwsxT6f6KJY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 8659 43 B
855 B 476ms
136ms Image
image/gif 52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRMPBB47k2k2n85b-x2yrwAABL4AAAAB&gpp=&gpp_sid=

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Sep 2023 17:04:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7D5A4RFQ9QNS2AEA38VW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 8659
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZRMPBB47k2k2n85b.x2yrwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPG3AA2VrFRWSUMAmUGWGFw&google_cver=1&google_hm=2

43 B
774 B

174ms
133ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPG3AA2VrFRWSUMAmUGWGFw&google_cver=1&google_hm=2
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1
Protocol: H3
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysy3trw0PHlx4iQ9zP2e37CJZJy46BGy2K8MggzB3w3ESfyqY838TDxqh9rt4h1i%2F%2F4d5Ac2CXaLqgfFR6y5%2F6a6%2FoDFC6EsK3CbHcAPQ%2FWblyxXehb%2FUfjMvpEB7385%2FLx3Xmf%2FstsGtg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80cd1580eda82c5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPG3AA2VrFRWSUMAmUGWGFw&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 8659 70 B
148 B 236ms
100ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 8659
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRMPBB47k2k2n85b-x2yrwAABL4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELsz9gG8u6KvjoP4ZrQxwq8&google_cver=1

43 B
337 B

116ms
96ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELsz9gG8u6KvjoP4ZrQxwq8&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1
Protocol: H2
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BDmvk7OsAzZA26GLKPyt7qaB67ndOto%2B6qyf88STKTAIHusRVmHGj9Z4zzBAs2EoYlAWkfA9sU4y5qbecMtICOFsksZXiEY0MQsNeyKhjJXFROI1uN2rRKUQPRNmgeG%2BFbTjMsNdV5emQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80cd157ecbb201db-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELsz9gG8u6KvjoP4ZrQxwq8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 8659
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZRMPBB47k2k2n85b.x2yrwAA%261214&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZRMPBB47k2k2n85b.x2yrwAA%261214&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=c153f6093f3544878d9395fed4c3cd8c
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-SIcCZ95xRMB90kRgp_pOi_v_lND7K_l7gSOpCQ
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-SIcCZ95xRMB90kRgp_pOi_v_lND7K_l7gSOpCQ

43 B
548 B

505ms
117ms

Image
image/gif

2600:1f18:ed:550f:fc8e:218a:8fca:e496
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-SIcCZ95xRMB90kRgp_pOi_v_lND7K_l7gSOpCQ

Requested by

Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1

Protocol

HTTP/1.1

Server

2600:1f18:ed:550f:fc8e:218a:8fca:e496 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:06 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-SIcCZ95xRMB90kRgp_pOi_v_lND7K_l7gSOpCQ
Date: Tue, 26 Sep 2023 17:04:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 8659
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8021463991198712054&gdpr=0&gdpr_consent=

43 B
737 B

130ms
82ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8021463991198712054&gdpr=0&gdpr_consent=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1
Protocol: H3
Server: 104.18.26.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36omsA0FVdzXLf0XHY%2BW7n8S9gulkKbAVDXKOR2kAq%2BBvpt%2BgmfOQNBvanFMilxCTJRS11SsQZfrcGOjQeya%2F0pvKyBlLvGS2kDzj7SGyAssXgtXzWcxa9%2FLfvZW%2FGitEg8xkFY5UpHn6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80cd15821edd2c5b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=8021463991198712054&gdpr=0&gdpr_consent=
date: Tue, 26 Sep 2023 17:04:05 GMT
content-length: 0

GET
H2 400 /
sync.taboola.com/sg/indexscod/1/cm/ Frame 8659 0
0 349ms
42ms Image
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZRMPBB47k2k2n85b.x2yrwAA%261214&gpp=&gpp_sid=
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 CookieIndex
rtb.adentifi.com/ Frame 8659 0
35 B 641ms
129ms Image
text/plain 35.174.117.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.117.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-117-224.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:05 GMT

GET
H3 204 1
sync.connectad.io/umatch/ Frame 8659 0
962 B 295ms
195ms Image
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.connectad.io/umatch/1?bidder=idx&dataid=data13&uuid=ZRMPBB47k2k2n85b.x2yrwAA%261214
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D&s=190906&C=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:04 GMT
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 80cd157e59bf0d68-MXP
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
397 B 365ms
41ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , United States, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

62add9b68ffd4c7673f7e5017cc3bd56be4cb40bce824d0e35fc3a93aea9bbba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://oq-ayiq.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://oq-ayiq.net
date: Tue, 26 Sep 2023 17:04:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 c
c.mgid.com/ 43 B
229 B 145ms
45ms Image
image/gif 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.mgid.com/c?pv=3&v=153|153|8|TGpllbR6d9-eq3L_ebFlT7rQMSf-Tfxy6f8zQSHIrLT6ajWuPUSwhKKXtz7-qJxteRH5i-vu3p4CBNSij80D-Q**&extjs=66044&h2=okDCWzudcnDnBCmbWpcDTLf2IUVGi1VJ1pk8RcWDa5g*&rid=b12d2b04-5c8e-11ee-abaa-e43d1a2a04aa&tt=Direct&iv=11&cid=348033&pageImp=0&pvid=18ad2729d798ea4e15c&cbuster=169574784474293710263&muid=n8q2GiVtcb4a

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: http://oq-ayiq.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3beb3d08-d37c-4594-b6d0-408017205c1f
server: cloudflare
content-type: image/gif
cf-ray: 80cd157e5eb82c42-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1585
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

151ms
110ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Tue, 26 Sep 2023 17:04:04 GMT
expires: Tue, 26 Sep 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 908105
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1 200
OK dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 10E7 43 B
855 B 350ms
231ms Document
image/gif 67.220.226.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F97BB32C-53C3-4474-AAC2-C563BB3FB903&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.238 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 26 Sep 2023 17:04:05 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 3WDPM8KV2CHJ1W2P5SST

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame AEB4
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hVQyPoMHMzmeBTo41wMuNYNZMj6eBWE4gwBNA1QJ

42 B
342 B

69ms
58ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hVQyPoMHMzmeBTo41wMuNYNZMj6eBWE4gwBNA1QJ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Tue, 26 Sep 2023 17:04:04 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hVQyPoMHMzmeBTo41wMuNYNZMj6eBWE4gwBNA1QJ
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame BCA3
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7424279324110362794&gdpr=0&gdpr_consent=

42 B
218 B

87ms
38ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7424279324110362794&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 75003fc1-7c97-461b-8463-1576e5c040f4
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 26 Sep 2023 17:04:05 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7424279324110362794&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 176.10.106.12; 176.10.106.12; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame CAA5
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7283181536539572376&gdpr=0&gdpr_consent=

42 B
219 B

147ms
86ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7283181536539572376&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Tue, 26 Sep 2023 17:04:05 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7283181536539572376&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 363C
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xZ2Qgc9iWuxAFK-7ogZRrrAKagw&gdpr=0&gdpr_consent=

42 B
297 B

35ms
34ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xZ2Qgc9iWuxAFK-7ogZRrrAKagw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Tue, 26 Sep 2023 17:04:05 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=xZ2Qgc9iWuxAFK-7ogZRrrAKagw&gdpr=0&gdpr_consent=

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame F453
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
237 B

266ms
127ms

Document
image/png

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRMPBQATTQ71oQBY
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Tue, 26 Sep 2023 17:04:05 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mxp6964-MXP
x-timer: S1695747845.400166,VS0,VE100

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Tue, 26 Sep 2023 17:04:05 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRMPBQATTQ71oQBY
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mxp6964-MXP
x-timer: S1695747845.068499,VS0,VE99

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame D200
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFU2wwN0tKaDRBQUJpY3ZHSl96dw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partneruserid=AAESl07KJh4AABicvGJ_zw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8021463991198712054&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?ev=AAESl07KJh4AABicvGJ_zw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8021463991198712054%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=8021463991198712054&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAESl07...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAESl07KJh4AABicvGJ_zw&gdpr=0&gdpr_consent=

42 B
279 B

35ms
34ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAESl07KJh4AABicvGJ_zw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Tue, 26 Sep 2023 17:04:06 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAESl07KJh4AABicvGJ_zw&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A080
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
93 B

131ms
73ms

Document
text/html

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 26 Sep 2023 17:04:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Tue, 26 Sep 2023 17:04:05 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame C0B8 43 B
283 B 331ms
73ms Document
image/gif 64.95.96.108
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.95.96.108 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Tue, 26 Sep 2023 17:04:05 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-10

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame C76E
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd05eb80e74a246818f807034595a3538

42 B
359 B

75ms
64ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd05eb80e74a246818f807034595a3538
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 166
content-type: text/html; charset=utf-8
date: Tue, 26 Sep 2023 17:04:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUd05eb80e74a246818f807034595a3538
pragma: no-cache
server: nginx

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 8ACA 43 B
369 B 193ms
79ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Tue, 26 Sep 2023 17:04:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 029B
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322328674134453

42 B
194 B

151ms
93ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322328674134453
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Tue, 26 Sep 2023 17:04:05 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5124322328674134453
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame A282
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7748025684924210270

42 B
195 B

110ms
63ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7748025684924210270
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7748025684924210270
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 54A4
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent=

42 B
249 B

86ms
39ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 26 Sep 2023 17:04:05 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame BD0D 43 B
278 B 327ms
67ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Tue, 26 Sep 2023 17:04:05 GMT
Vary: Accept-Encoding
X-adserver-worker: molok-a09ed5ba6555@version_1.571v3
X-core-time: 0ms
X-server-arch: v2

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 5499
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
420 B

249ms
196ms

Document
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 80cd1582183b2c6b-FRA
content-length: 43
content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:05 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 80cd157fadae2c6b-FRA
content-type: text/html
date: Tue, 26 Sep 2023 17:04:05 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 158

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame A071 0
0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame E4E9
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=2785ee7e74466259/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=a3b0f9eb9442bed85f063248a70048ac&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXTSVnnTnTWWUUXVR&gdpr=0&gdpr_consent=

42 B
326 B

35ms
35ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXTSVnnTnTWWUUXVR&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:03 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Gp1rLOrtXTSVnnTnTWWUUXVR&gdpr=0&gdpr_consent=

GET
H3 204 1
sync.connectad.io/umatch/ Frame B6C4 0
0 206ms
169ms Document
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.connectad.io/umatch/1?dataid=data1&uuid=F97BB32C-53C3-4474-AAC2-C563BB3FB903
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status: DYNAMIC
cf-ray: 80cd157e89f60d68-MXP
date: Tue, 26 Sep 2023 17:04:05 GMT
server: cloudflare

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7B47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-XuzLFPDRHSqwsVjuz-5Aw%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

47ms
40ms

Image
text/html

23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Server: 23.32.184.192 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:05 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=112238
accept-ranges: bytes
content-length: 5606
expires: Thu, 28 Sep 2023 00:14:43 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 7B47
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent=&ct=y

49 B
543 B

174ms
0ms

Image
image/gif

52.209.147.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Server: 52.209.147.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-147-201.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:05 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.1.102
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:05 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.45.28.120
content-length: 0
expires: 0

GET
H2

204

cr
cr.frontend.weborama.fr/ Frame 7B47
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1571512521

0
45 B

157ms
47ms

Image
text/plain

34.111.129.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1571512521
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Server: 34.111.129.221 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.129.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:04 GMT
via: 1.1 google
last-modified: Tue, 26 Sep 2023 17:04:05 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:04 GMT
via: 1.1 google
last-modified: Tue, 26 Sep 2023 17:04:05 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1571512521
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1

200

p
a.audrte.com/ Frame 7B47
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F97BB32C-53C3-4474-AAC2-C563BB3FB903
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZGxjNlhBQ2pmaUlRQlNuNHFBM3U4c0hYdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=4756122921790429404&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

114ms
113ms

Image
image/png

52.203.124.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: HTTP/1.1
Server: 52.203.124.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-124-67.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 26 Sep 2023 17:04:06 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Tue, 26 Sep 2023 17:04:06 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7B47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFi9HV2qGU_n_uCjBC_VWeg&google_cver=1

42 B
365 B

49ms
43ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFi9HV2qGU_n_uCjBC_VWeg&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:04 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFi9HV2qGU_n_uCjBC_VWeg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 7B47 43 B
612 B 308ms
65ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 , Ascension Island, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 25 Sep 2023 17:04:05 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7B47
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4756122921790429404

42 B
322 B

87ms
40ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4756122921790429404
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:05 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4756122921790429404
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7B47 70 B
148 B 170ms
101ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:04 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 7B47
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oZvgMCxE2uUxSV8Q2n0yWVWdlvpcpi4-~A&gdpr=0

0
128 B

90ms
41ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oZvgMCxE2uUxSV8Q2n0yWVWdlvpcpi4-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:04 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-oZvgMCxE2uUxSV8Q2n0yWVWdlvpcpi4-~A&gdpr=0
date: Tue, 26 Sep 2023 17:04:05 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 F97BB32C-53C3-4474-AAC2-C563BB3FB903
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7B47 43 B
602 B 308ms
66ms Image
image/gif 2a05:d018:d29:3602:77fc:3cf3:5701:3122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/F97BB32C-53C3-4474-AAC2-C563BB3FB903?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:77fc:3cf3:5701:3122 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7B47
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=059761ee-472a-43a5-970b-42d1c3cf3f12&gdpr=0&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_a13ae02c-5b88-4d5c-94ba-f105895ee4af&bsw_param=059761ee-472a-43a5-970b-42d1c3cf3f12&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=059761ee-472a-43a5-970b-42d1c3cf3f12&gdpr=0&gdpr_consent=&gdpr_pd=

1 B
170 B

40ms
39ms

Image
text/html

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=059761ee-472a-43a5-970b-42d1c3cf3f12&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 26 Sep 2023 17:04:03 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=059761ee-472a-43a5-970b-42d1c3cf3f12&gdpr=0&gdpr_consent=&gdpr_pd=
date: Tue, 26 Sep 2023 17:04:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7B47
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e5c4189f-7dbb-4765-b7c1-0d9982e999e3-65130f05-4348&gdpr=0&gdpr_consent=

42 B
264 B

89ms
40ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e5c4189f-7dbb-4765-b7c1-0d9982e999e3-65130f05-4348&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:03 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:04 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e5c4189f-7dbb-4765-b7c1-0d9982e999e3-65130f05-4348&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7B47
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=22238482142823fb&is_secure=true&networkId=17100&version=1&nuid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI__Xlva4KYQM_3G7aAAAAAAA&expiration=1695834245&nuid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&...

42 B
295 B

111ms
62ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI__Xlva4KYQM_3G7aAAAAAAA&expiration=1695834245&nuid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:04 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:05 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI__Xlva4KYQM_3G7aAAAAAAA&expiration=1695834245&nuid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7B47
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4001565564370993229&gdpr=0&gdpr_consent=&us_privacy=

1 B
200 B

138ms
80ms

Image
text/html

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4001565564370993229&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 26 Sep 2023 17:04:04 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4001565564370993229&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 26 Sep 2023 17:04:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7B47
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ad18197b-1c40-4bc9-af6f-86cb07563af1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
113 B

34ms
34ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ad18197b-1c40-4bc9-af6f-86cb07563af1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:05 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ad18197b-1c40-4bc9-af6f-86cb07563af1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Tue, 26 Sep 2023 17:04:05 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

POST
H/1.1 200 v2 Show response
id5-sync.com/gm/ 275 B
680 B 285ms
37ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v2

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

bee40400f64b1baebe1abd47c3f045c66a9d2ca027bc8228e40e8587314030cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://oq-ayiq.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://oq-ayiq.net
date: Tue, 26 Sep 2023 17:04:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 7B47 0
260 B 391ms
43ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156077&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:07 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7B47 1 KB
2 KB 46ms
46ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21768983&p=156077&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 9cbb74c1e2739c90c88be5219522b8e94f29f8b1fa1ecbe6cd3eaa02131a969a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 26 Sep 2023 17:04:07 GMT
content-length: 1333
content-type: text/html; charset=UTF-8

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 57F4 35 B
590 B 54ms
53ms Document
image/gif 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Tue, 26 Sep 2023 17:04:07 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 204
No Content pub
matching.truffle.bid/sync/ Frame AE6F 0
0 286ms
41ms Document
text/plain 23.88.86.2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.88.86.2 Los Angeles, United States, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.2.86.88.23.clients.your-server.de

Software

nginx/1.23.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Connection: keep-alive
Date: Tue, 26 Sep 2023 17:04:08 GMT
Server: nginx/1.23.1
Strict-Transport-Security: max-age=15768000

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3E8F
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E892AFA7A9B544A3B8EEAE9E5B2D818A&gdpr=0&gdpr_consent=

1 B
53 B

48ms
47ms

Document
text/html

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E892AFA7A9B544A3B8EEAE9E5B2D818A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Tue, 26 Sep 2023 17:04:07 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Tue, 26 Sep 2023 17:04:07 GMT
expires: Mon, 25 Sep 2023 17:04:07 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E892AFA7A9B544A3B8EEAE9E5B2D818A&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AFEA
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1695747848192
https://ad.turn.com/r/cs?pid=45&rndcb=718240078
https://sync.1rx.io/usersync/turn/4001565564370993229?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-0ec4292c-0ef1-4121-907c-aa0ac8553267-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0ec4292c-0ef1-4121-907c-aa0ac8553267-003

42 B
332 B

41ms
41ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0ec4292c-0ef1-4121-907c-aa0ac8553267-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:07 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-type: text/html
date: Tue, 26 Sep 2023 17:04:08 GMT
etag: RX0ec4292c0ef14121907caa0ac8553267003
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0ec4292c-0ef1-4121-907c-aa0ac8553267-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H3 204 1
sync.connectad.io/umatch/ Frame 2A85 0
0 147ms
146ms Document
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.connectad.io/umatch/1?dataid=data1&uuid=F97BB32C-53C3-4474-AAC2-C563BB3FB903
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status: DYNAMIC
cf-ray: 80cd1591b8b20d68-MXP
date: Tue, 26 Sep 2023 17:04:08 GMT
server: cloudflare

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 7B47 95 B
439 B 238ms
74ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F97BB32C-53C3-4474-AAC2-C563BB3FB903

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 80cd15929dc80d6c-MXP
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 7B47
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F97BB32C-53C3-4474-AAC2-C563BB3FB903&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F97BB32C-53C3-4474-AAC2-C563BB3FB903&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

51ms
51ms

Image
image/gif

77.243.51.121
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F97BB32C-53C3-4474-AAC2-C563BB3FB903&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: HTTP/1.1
Server: 77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:11 GMT
frontend-id: 11
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:11 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=F97BB32C-53C3-4474-AAC2-C563BB3FB903&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 7B47
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=F97BB32C-53C3-4474-AAC2-C563BB3FB903&gdpr=0&gdpr_consent=
https://spl.zeotap.com/?zdid=1332&zcluid=2785ee7e74466259
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ae890d8a-fb91-4ec9-491b-dceb2f281845&reqId=3e89fe65-9d99-4350-5f4e-733562120eb2&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEITJHKtquaXHbBssaDX4aLw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ae890d8a-fb91-4ec9-491b-dceb2f281845&reqId=3e89fe65-9d99-4350-5f4e-733...

95 B
154 B

52ms
51ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?google_gid=CAESEITJHKtquaXHbBssaDX4aLw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ae890d8a-fb91-4ec9-491b-dceb2f281845&reqId=3e89fe65-9d99-4350-5f4e-733562120eb2&zcluid=2785ee7e74466259&zdid=1332

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D

Protocol

Server

2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 80cd159508410d6c-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEITJHKtquaXHbBssaDX4aLw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=ae890d8a-fb91-4ec9-491b-dceb2f281845&reqId=3e89fe65-9d99-4350-5f4e-733562120eb2&zcluid=2785ee7e74466259&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7B47
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7424279324110362794

42 B
95 B

36ms
35ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7424279324110362794
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 26 Sep 2023 17:04:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 26 Sep 2023 17:04:08 GMT
an-x-request-uuid: 9fa98a73-f83d-4eed-abc0-f73a00b16d79
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7424279324110362794
x-proxy-origin: 176.10.106.12; 176.10.106.12; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 7B47 0
128 B 50ms
49ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156077&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:04:09 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dmg.digitaltarget.ru
URL: https://dmg.digitaltarget.ru/2/?a=850

Domain: cm-supply-web.gammaplatform.com
URL: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

123 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 15:45:39	Name: _li_ss Value: ChMKBgjdARCOFgoJCP____8HEJgW
i6.liadm.com/s	1970-01-20 15:45:39	Name: _li_ss Value: CgA
.oq-ayiq.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: d431b27f0ca1f04fd3e6dd48905d0640
.mgid.com/	1970-01-20 15:02:29	Name: __cf_bm Value: BI8AERtKC6jQ6oalOqjIJBfix5PwMS26Bc114j_QoYw-1695747840-0-ASEsQFooCurYcMSPTqRVduaBsFD5Wsn++JtlRJcH1204wiSTWQ2nygQkJsGy7AvPg1+2qMHuSmOA15+wIHWrfnE=
.yadro.ru/	1970-01-20 23:46:51	Name: FTID Value: 1b4my00P8y8e1b4my0003VLK
.yadro.ru/	1970-01-20 23:46:51	Name: VID Value: 2wWWpN2s-See1b4my0003VMC
prodmp.ru/	1970-01-20 16:28:51	Name: rai Value: ee5d74fd6a1c207ae1c63a76cab7edb1
dmpprof.com/	1970-01-21 00:38:27	Name: uid Value: 3fb83479-2fcc-4129-a4e5-ea08545f6f3e
.mgid.com/	1970-01-20 23:48:03	Name: muidn Value: n8q2GiVtcb4a
oq-ayiq.net/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C348034%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221695747842426%22%7D%2C%22C348033%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221695747842468%22%7D%7D
dmpprof.com/	1970-01-20 15:22:37	Name: enrich_data_v2_5 Value: 1695747842
dprof.site/	1970-01-21 00:38:27	Name: uid Value: 3fb83479-2fcc-4129-a4e5-ea08545f6f3e
.yandex.ru/	1970-01-21 00:38:27	Name: yuidss Value: 5878036601695747842
.yandex.ru/	1970-01-21 00:38:27	Name: yandexuid Value: 5878036601695747842
.betweendigital.com/	1970-01-20 23:48:03	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 23:48:03	Name: tuuid Value: 6bde82c8-cd01-520d-97c2-5caef2d153ac
.betweendigital.com/	1970-01-20 23:48:03	Name: ss Value: 1
.dmg.digitaltarget.ru/	1970-01-21 00:38:27	Name: viuserid Value: ZLczpNoD5XYmF-vAxO38
.betweendigital.com/	1970-01-20 23:48:03	Name: ut Value: ZRMPAgAN6oC4vNq7bAFN31kX0KN3_LWNBUrXgg==
.bidswitch.net/	1970-01-20 23:48:03	Name: tuuid Value: 059761ee-472a-43a5-970b-42d1c3cf3f12
.bidswitch.net/	1970-01-20 23:48:03	Name: c Value: 1695747843
.bidswitch.net/	1970-01-20 23:48:03	Name: tuuid_lu Value: 1695747843
.360yield.com/	1970-01-20 17:12:03	Name: tuuid Value: b5004a37-65d0-47b8-8dc4-d239a940d63d
.360yield.com/	1970-01-20 17:12:03	Name: tuuid_lu Value: 1695747843
dmpprof.com/	1970-01-20 15:03:11	Name: nmatch Value: 44931_6bde82c8-cd01-520d-97c2-5caef2d153ac
oq-ayiq.net/	1970-01-20 15:45:39	Name: _pbjs_userid_consent_data Value: 3524755945110770
.creativecdn.com/	1970-01-20 23:48:03	Name: u Value: zz7054Gtkq3JHRgUWTG9
.creativecdn.com/	1970-01-20 23:48:03	Name: ts Value: 1695747843
.doubleclick.net/	1970-01-21 00:38:27	Name: IDE Value: AHWqTUkZnNHnAmqoOtIkUTRmTU8TFeMhwk3i1wkAh0sdU79ffxU6dN8vxryY5jc5S2k
.pubmatic.com/	1970-01-20 23:48:03	Name: KADUSERCOOKIE Value: F97BB32C-53C3-4474-AAC2-C563BB3FB903
.connectad.io/	1970-01-20 15:46:15	Name: uid Value: YS4TkRps7SiC70sGY1YYNkjlG0CE9fHIxE6nsE0c
.contextweb.com/	1970-01-20 23:40:51	Name: V Value: 28rvPCgHmuA6
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: d7afa8392baa29b8
.rubiconproject.com/	1970-01-20 23:48:03	Name: khaos Value: LN0KHELF-7-BFQB
.openx.net/	1970-01-20 23:48:03	Name: i Value: 3bf0a669-27d0-024a-1d7d-2c6422b4d4d1\|1695747844
.casalemedia.com/	1970-01-20 23:48:03	Name: CMID Value: ZRMPBB47k2k2n85b.x2yrwAA
.casalemedia.com/	1970-01-20 17:12:03	Name: CMPS Value: 1214
.casalemedia.com/	1970-01-20 17:12:03	Name: CMPRO Value: 1214
.openx.net/	1970-01-20 15:24:03	Name: pd Value: v2\|1695747844\|gen0vNvQiygu
.adx.opera.com/	1970-01-20 23:48:03	Name: UID Value: OPUd05eb80e74a246818f807034595a3538
.criteo.com/	1970-01-21 00:24:03	Name: uid Value: 912012cf-86e6-40b4-9103-11959ddb41e4
.quantserve.com/	1970-01-20 17:12:03	Name: d Value: EKUBDAGFKoqsMA
.quantserve.com/	1970-01-21 00:32:42	Name: mc Value: 65130f04-d9498-5fd50-b4498
.ctnsnet.com/	1970-01-20 23:48:03	Name: cid_a673e965031440248622e9c0ae601354 Value: 1
cm.mgid.com/	1970-01-20 15:45:39	Name: mg_sync Value: {"265689":1695747842,"363887":1695747842,"43070":1695747844,"433146":1695747842,"501037":1695747843,"516418":1695747842,"556372":1695747843,"779131":1695747843,"817115":1695747844}
.adnxs.com/	1970-01-20 17:12:03	Name: uuid2 Value: 7424279324110362794
.adfarm1.adition.com/	1970-01-20 17:12:03	Name: UserID1 Value: 7283181536539572376
.amazon-adsystem.com/	1970-01-21 00:38:27	Name: ad-privacy Value: 0
.pubmatic.com/	1970-01-20 17:12:03	Name: KRTBCOOKIE_80 Value: 22987-CAESEFi9HV2qGU_n_uCjBC_VWeg&KRTB&23025-CAESEFi9HV2qGU_n_uCjBC_VWeg&KRTB&23386-CAESEFi9HV2qGU_n_uCjBC_VWeg
.pubmatic.com/	1970-01-20 17:12:03	Name: KRTBCOOKIE_153 Value: 1923-hVQyPoMHMzmeBTo41wMuNYNZMj6eBWE4gwBNA1QJ&KRTB&19420-hVQyPoMHMzmeBTo41wMuNYNZMj6eBWE4gwBNA1QJ&KRTB&22979-hVQyPoMHMzmeBTo41wMuNYNZMj6eBWE4gwBNA1QJ&KRTB&23403-hVQyPoMHMzmeBTo41wMuNYNZMj6eBWE4gwBNA1QJ
.pubmatic.com/	1970-01-20 15:45:39	Name: KRTBCOOKIE_1323 Value: 23480-OPUd05eb80e74a246818f807034595a3538&KRTB&23485-OPUd05eb80e74a246818f807034595a3538&KRTB&23524-OPUd05eb80e74a246818f807034595a3538
.simpli.fi/	1970-01-20 23:49:30	Name: suid Value: E892AFA7A9B544A3B8EEAE9E5B2D818A
.yahoo.com/	1970-01-20 23:48:25	Name: A3 Value: d=AQABBAUPE2UCEEGXK7aMRBFkFooVxK2e_gkFEgEBAQFgFGUcZQAAAAAA_eMAAA&S=AQAAApyENqctcMUEh2H-tHaVPRU
.sitescout.com/	1970-01-20 23:48:03	Name: ssi Value: e5c4189f-7dbb-4765-b7c1-0d9982e999e3#1695747845076
.weborama.fr/	1970-01-21 00:28:23	Name: AFFICHE_W Value: d@gRhNLz5Xx390
.adform.net/	1970-01-20 15:45:39	Name: C Value: 1
.csync.loopme.me/	1970-01-20 17:13:30	Name: viewer_token Value: 01f0bc34-6177-4dfb-9cff-53c328ca98ea
.rfihub.com/	1970-01-21 00:24:03	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2sjAzNzE0NjExNRbiM9StyA3PTvNOda6qDM4CALrdZiclAAAA
.rfihub.com/	1970-01-21 00:24:03	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmlqbmJuYWJqYG4BAFbz-fUQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2sjAzNzE0NjExNRbiM9StyA3PTvNOda6qDM4CALrdZiclAAAA
.turn.com/	1970-01-20 19:21:39	Name: uid Value: 4001565564370993229
.de17a.com/	1970-01-20 23:40:51	Name: guid Value: 1.7748025684924210270
.dotomi.com/	1970-01-20 15:02:27	Name: DotomiTest Value: 22238482142823fb
.everesttech.net/	1970-01-20 23:48:03	Name: everest_g_v2 Value: g_surferid~ZRMPBQATTQ71oQBY
.amazon-adsystem.com/	1970-01-20 19:33:11	Name: ad-id Value: A9RJoGogc0XRhminLqgtmFM
.taptapnetworks.com/	1970-01-20 23:48:03	Name: SONATA_ID Value: csonata_a13ae02c-5b88-4d5c-94ba-f105895ee4af
.smartadserver.com/	1970-01-21 00:32:42	Name: pid Value: 8021463991198712054
.linkedin.com/	1970-01-20 23:48:03	Name: bcookie Value: "v=2&4c7ef74e-c182-4d35-809f-959382a11d84"
.linkedin.com/	1970-01-20 19:21:39	Name: li_gc Value: MTswOzE2OTU3NDc4NDU7MjswMjFYo+qT69m61M7AFmmMaUENsWfRYZevbfhxPl1C6nM/1g==
.linkedin.com/	1970-01-20 15:03:54	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3003:u=1:x=1:i=1695747845:t=1695834245:v=2:sig=AQEbR-_ZHLJjH2y0WY8naoB98VVMS7mi"
.analytics.yahoo.com/	1970-01-20 23:48:03	Name: IDSYNC Value: 18z8~2e55
.pubmatic.com/	1970-01-20 15:45:39	Name: KRTBCOOKIE_22 Value: 14911-4001565564370993229&KRTB&23150-4001565564370993229&KRTB&23527-4001565564370993229
.pubmatic.com/	1970-01-20 15:45:39	Name: KRTBCOOKIE_1101 Value: 23040-7283181536539572376&KRTB&23369-7283181536539572376
.pubmatic.com/	1970-01-20 17:12:03	Name: KRTBCOOKIE_18 Value: 22947-5124322328674134453
.sitescout.com/	1970-01-20 15:45:39	Name: _ssuma Value: eyI0NSI6MTY5NTc0Nzg0NTI3NH0
.adform.net/	1970-01-20 16:28:51	Name: uid Value: 4756122921790429404
.crwdcntrl.net/	1970-01-20 21:31:15	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 21:31:15	Name: _cc_id Value: a3b0f9eb9442bed85f063248a70048ac
.rubiconproject.com/	1970-01-20 23:48:03	Name: audit Value: 1\|OQTop1T8MhsyAmIjnZYQpeXbbe2cMooRLef+th4x81uplVs4ZuryrP2t4ZV6PWkSooZmVR896nYiZ07GJqnMnrT0MEv0F07OHm0QlslGhrY=
.onaudience.com/	1970-01-20 23:48:03	Name: cookie Value: 2785ee7e74466259
.onaudience.com/	1970-01-20 15:03:54	Name: done_redirects104 Value: 1
.pubmatic.com/	1970-01-20 17:12:03	Name: KRTBCOOKIE_57 Value: 22776-7424279324110362794&KRTB&23339-7424279324110362794
.pubmatic.com/	1970-01-20 17:12:03	Name: KRTBCOOKIE_1305 Value: 23413-F97BB32C-53C3-4474-AAC2-C563BB3FB903&KRTB&23505-F97BB32C-53C3-4474-AAC2-C563BB3FB903
.pubmatic.com/	1970-01-20 15:45:39	Name: KRTBCOOKIE_391 Value: 22924-4756122921790429404&KRTB&23263-4756122921790429404&KRTB&23481-4756122921790429404
.pubmatic.com/	1970-01-20 17:12:03	Name: KRTBCOOKIE_188 Value: 3189-e5c4189f-7dbb-4765-b7c1-0d9982e999e3-65130f05-4348&KRTB&23418-e5c4189f-7dbb-4765-b7c1-0d9982e999e3-65130f05-4348
.pubmatic.com/	1970-01-20 17:12:03	Name: KRTBCOOKIE_32 Value: 11175-AAAI__Xlva4KYQM_3G7aAAAAAAA&KRTB&22713-AAAI__Xlva4KYQM_3G7aAAAAAAA&KRTB&22715-AAAI__Xlva4KYQM_3G7aAAAAAAA&KRTB&23519-AAAI__Xlva4KYQM_3G7aAAAAAAA
.pubmatic.com/	1970-01-20 15:45:39	Name: KRTBCOOKIE_336 Value: 5844-7748025684924210270
sync.srv.stackadapt.com/	1970-01-20 23:48:03	Name: sa-user-id Value: s%3A0-c59d9081-cf62-5aec-4014-afbba20651ae.CuNE3iBwsQYA17a2RWyB1yrhMsCSe2EUrbQBrPkTLN4
.srv.stackadapt.com/	1970-01-20 23:48:03	Name: sa-user-id Value: s%3A0-c59d9081-cf62-5aec-4014-afbba20651ae.CuNE3iBwsQYA17a2RWyB1yrhMsCSe2EUrbQBrPkTLN4
sync.srv.stackadapt.com/	1970-01-20 23:48:03	Name: sa-user-id-v2 Value: s%3AxZ2Qgc9iWuxAFK-7ogZRrrAKagw.Iy6JeVrzr%2BK%2BrrZwwNTgwabpb7740NldFE9v3Kkdr9g
.srv.stackadapt.com/	1970-01-20 23:48:03	Name: sa-user-id-v2 Value: s%3AxZ2Qgc9iWuxAFK-7ogZRrrAKagw.Iy6JeVrzr%2BK%2BrrZwwNTgwabpb7740NldFE9v3Kkdr9g
sync.srv.stackadapt.com/	1970-01-20 23:48:03	Name: sa-user-id-v3 Value: s%3AAQAKIL74G5iUPXTK_UBAlySPHiCoFbY0RyVvCXM2Vxyd6EpGEHwYBCCFnsyoBjABOgTwi70wQgTkzKF8.hc5XKswSQRYuwao%2BmfUXFVwfnnIDqKpROekWQbcpPhM
.srv.stackadapt.com/	1970-01-20 23:48:03	Name: sa-user-id-v3 Value: s%3AAQAKIL74G5iUPXTK_UBAlySPHiCoFbY0RyVvCXM2Vxyd6EpGEHwYBCCFnsyoBjABOgTwi70wQgTkzKF8.hc5XKswSQRYuwao%2BmfUXFVwfnnIDqKpROekWQbcpPhM
.liadm.com/	1970-01-21 00:38:27	Name: lidid Value: c153f609-3f35-4487-8d93-95fed4c3cd8c
.adsby.bidtheatre.com/	1970-01-20 15:12:32	Name: __kuid Value: ad18197b-1c40-4bc9-af6f-86cb07563af1.464961845
.audrte.com/	1970-01-20 15:24:03	Name: arcki2 Value: dlc6XACjfiIQBSn4qA3u8sHXw!20220908!1695747845452!ip#176.10.106.12
.audrte.com/	1970-01-20 15:24:03	Name: arcki2_pubmatic Value: F97BB32C-53C3-4474-AAC2-C563BB3FB903!20220908!1695747845454
.pubmatic.com/	1970-01-20 17:12:03	Name: KRTBCOOKIE_860 Value: 16335-xZ2Qgc9iWuxAFK-7ogZRrrAKagw&KRTB&23334-xZ2Qgc9iWuxAFK-7ogZRrrAKagw&KRTB&23417-xZ2Qgc9iWuxAFK-7ogZRrrAKagw&KRTB&23426-xZ2Qgc9iWuxAFK-7ogZRrrAKagw
.pubmatic.com/	1970-01-20 15:45:39	Name: KRTBCOOKIE_409 Value: 22966-Gp1rLOrtXTSVnnTnTWWUUXVR
.tribalfusion.com/	1970-01-20 17:12:03	Name: ANON_ID Value: a8ntmIw5EGiAaINQfTsPTc6Hmcp6UkJRMyqE4ZbU80H7hK5gUkhad66FoYoZc4GXV5ZbpXCWGQtUOQvNcPVeFn5HTl8
.pubmatic.com/	1970-01-20 17:12:03	Name: KRTBCOOKIE_466 Value: 16530-059761ee-472a-43a5-970b-42d1c3cf3f12
.bidr.io/	1970-01-21 00:31:01	Name: bito Value: AAESl07KJh4AABicvGJ_zw
.bidr.io/	1970-01-21 00:31:01	Name: bitoIsSecure Value: ok
.audrte.com/	1970-01-20 15:24:03	Name: arcki2_ddp2 Value: dlc6XACjfiIQBSn4qA3u8sHXw!20220908!1695747845938
.audrte.com/	1970-01-20 15:24:03	Name: arcki2_adform Value: 4756122921790429404!20220908!1695747846114
.smartadserver.com/	1970-01-20 23:49:30	Name: csync Value: 127:AAESl07KJh4AABicvGJ_zw
.contextweb.com/	1970-01-20 23:48:03	Name: pb_rtb_ev Value: 3-1n30\|6zB.0.059761ee-472a-43a5-970b-42d1c3cf3f12\|7dN.0.AAESl07KJh4AABicvGJ_zw
.pubmatic.com/	1970-01-20 17:12:03	Name: KRTBCOOKIE_699 Value: 22727-AAESl07KJh4AABicvGJ_zw
.pubmatic.com/	1970-01-20 17:12:03	Name: chkChromeAb67Sec Value: 4
.pubmatic.com/	1970-01-20 15:03:54	Name: pi Value: 156077:4
.pubmatic.com/	1970-01-20 17:12:03	Name: DPSync3 Value: 1696896000%3A245_241_235_201_227_226_219_197
.pubmatic.com/	1970-01-20 17:12:03	Name: SyncRTB3 Value: 1698278400%3A203%7C1696550400%3A63%7C1696896000%3A56_3_233_234_165_238_243_81_251_161_254_13_55_214_176_46_166_220_21_8_264_88_204_99_54_71_249_22%7C1696982400%3A35%7C1696291200%3A15_223_2%7C1700870400%3A69
.connectad.io/	1970-01-20 15:46:15	Name: id Value: eyJpdiI6Ik9jOG41TmExTElhdmxqQjM5cEdsaXc9PSIsInZhbHVlIjoiYnZvZStZdHMwTHprSndIVVhhZVdFUFpuVW9lUEtCbUd4YXdnMjFEaTJxa3V0SkZaWTdveUFzVXVDXC83MUhsQXZtQVVObGNNZ2hIMlVwQmVSY0EwM1hHN01yVStqeXA5Z0FxR0ZVZnRhcFJFTklzdU9UUVRNSllHRk5UNjFOSTF0U0VQOGxnOUV6czVGUXFCaTlpSDF3RnVzR0hHdEJnK1VVM0pVekhjc2tOQVZzdmRQTkZXMjJRckJuR0E4VXB6ZndzekEzWnE3YnJxTjBvTnRlaVwvMWZ0alI3cnBGa1NKcWNNRXIxMjgyUjNlb25tQURkdkkyVGZ0V2h5NWpUWG1SWENXWlFWMlpVRXZ3cE9lWlwvdE1zaytwQkwxb0R3bzJtZWtTMU1cL0tBaFlIbGJSXC9JcFwvTnhzdFhvT1RKbEptZVNlSWEyZkw4SUlPYjZFd2JkbVlEYkRybjMraVFVa2NlcUdMaVJhXC9YR0JEWmpwV2RJRkdDdEpQNnlrbnE4czlSU0hyRHJFNU1pM0RMUUJZbGFZaXdiOGhHMmZ4N096Ujc1TWp3cTJjUTh2S1wvSEpPNHBcL3RnakZXcldwSDJxREY5VHJPMjJGc1BmUDhCdVI2Z29Fc2xNQThSTXdnZVU4a1NQM09NcEt0K1dub1FDMWhYSjR2aWozdTBJMWg2TU9aaVwvOSttcjZycWEzZzBxU0tRZ3h0TGpQQ3V1blF0c1lScXRUNlwvWFwvdU1aUXp2NEdxRDlyS2RSOTdmcDlUSDZnSG5ERnNOSGQ1eWt0dlI3NjdVbGtRTmdxUkFLN01mZ0F4ZXlrOGxGUjhaR2RxMzBxbnF6STZXOXRcL21RS2V3aW5wZU9yRTNERjliaEIzT3d1ZGVISjZnVHRtT21mb0ZZSHRUQzFFbVwvS25PTTRjUlo4OWJHNGhmSE5OMjRUMWVhcWlvNVR5XC81Nit3SU0ya2VJRG9TRkdRWFNBPT0iLCJtYWMiOiIxN2U3YThiOTExOGU5NDdlMTAxNzRhNGVjZTgxN2ZjMzM5NWM1YmRlNjdmN2MwOGJhNGI0NjI3MzBiZWQ2YzNlIn0%3D
ads.playground.xyz/	1970-01-20 15:11:52	Name: connect.sid Value: s%3AGtn0lotG4Bt5suwTM4Rm8esMUtK7U0UJ.YIhPaUcB4mmMGUlRPN7kltDxwNZAqqomCByI4ZhRpGw
.zeotap.com/	1970-01-20 23:48:03	Name: zc Value: ae890d8a-fb91-4ec9-491b-dceb2f281845
.semasio.net/	1970-01-20 23:48:03	Name: SEUNCY Value: BE1DD337A4E6EAC1
.onaudience.com/	1970-01-20 15:03:54	Name: done_redirects219 Value: 1
.1rx.io/	1970-01-20 23:48:03	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0ec4292c-0ef1-4121-907c-aa0ac8553267-003%22%2C%22nxtrdr%22%3Afalse%7D
.zeotap.com/	1970-01-20 15:03:54	Name: zsc Value: %5C%F8%00GI%85%E5S%CAB%14R%7C%9B%AFn%86A%D4%A2H~%06P%E1%83%DEzh%E6%B9%A7X%F5-C%AFk%40%9A%C1%B1nHd%D9%1B%A5%C6%26%C6%C7%25j%5B%5E%D3jb%AC%04%13%00%09%14%9C%86%DA~L%B7%0CG%F3%B2%85%18Ud%2A%ED%AFh
.targeting.unrulymedia.com/	1970-01-20 23:48:03	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0ec4292c-0ef1-4121-907c-aa0ac8553267-003%22%7D
.pubmatic.com/	1970-01-20 17:12:03	Name: KRTBCOOKIE_594 Value: 17105-RX-0ec4292c-0ef1-4121-907c-aa0ac8553267-003&KRTB&17107-RX-0ec4292c-0ef1-4121-907c-aa0ac8553267-003
.pubmatic.com/	1970-01-20 15:45:39	Name: PugT Value: 1695747847
.pubmatic.com/	1970-01-20 15:45:39	Name: SPugT Value: 1695747849

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://leokross.com/66.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://oq-ayiq.net/user/flightcircle80/ Message: Access to fetch at 'https://dmg.digitaltarget.ru/2/?a=850' from origin 'http://oq-ayiq.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://dmg.digitaltarget.ru/2/?a=850 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://cm.mgid.com/m?cdsp=779131&c=&gdpr=0 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZRMPBB47k2k2n85b.x2yrwAA%261214&gpp=&gpp_sid= Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4mlhn1ocg4.com
a.audrte.com
a.mgid.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ajax.googleapis.com
an.yandex.ru
ap.lijit.com
bh.contextweb.com
c.mgid.com
c1.adform.net
cdn.connectad.io
cdn.id5-sync.com
cdn.mgid.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.mgid.com
cm.rtbsystem.com
cms.quantserve.com
core.iprom.net
counter.yadro.ru
cr.frontend.weborama.fr
creativecdn.com
cs.admanmedia.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmg.digitaltarget.ru
dmp.adform.net
dmpprof.com
dprof.site
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
green.erne.co
i.liadm.com
i6.liadm.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jsc.mgid.com
lb.eu-1-id5-sync.com
leokross.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
mwzeom.zeotap.com
oq-ayiq.net
p.rfihub.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prodmp.ru
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.adentifi.com
s-img.mgid.com
s.amazon-adsystem.com
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.connectad.io
sync.crwdcntrl.net
sync.e-volution.ai
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tat3ayogh6.com
token.rubiconproject.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
x.bidswitch.net
cm-supply-web.gammaplatform.com
dmg.digitaltarget.ru
103.224.182.208
104.18.26.193
109.206.161.21
138.201.169.61
141.226.228.48
141.95.171.141
141.95.98.65
142.250.184.226
145.40.97.67
146.59.148.16
15.235.15.221
151.101.130.49
162.19.138.119
178.250.1.9
178.32.210.230
185.15.175.146
185.184.8.90
185.64.190.78
185.64.190.79
185.64.190.81
185.86.139.102
188.166.17.21
188.42.34.65
193.0.160.131
193.106.95.134
195.5.165.20
198.47.127.20
198.47.127.205
2001:678:cb4:bbbb::11
208.93.169.131
213.155.156.181
216.52.2.16
23.201.255.110
23.32.184.192
23.52.120.246
23.88.86.2
2600:1f18:ed:550f:fc8e:218a:8fca:e496
2606:4700:10::6816:3456
2606:4700:10::6816:37ce
2606:4700:10::ac43:db6
2606:4700:1::6813:814c
2606:4700:1::6813:854c
2606:4700::6812:19ad
2606:4700::6813:9822
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:831::200a
2a02:6b8::90
2a02:fa8:8806:16::1370
2a05:d018:d29:3602:77fc:3cf3:5701:3122
2a06:98c1:3120::3
3.121.203.109
3.123.171.159
3.33.220.150
3.71.149.231
34.102.163.6
34.102.253.54
34.111.129.221
35.174.117.224
35.186.193.173
35.204.158.49
35.214.133.180
35.244.159.8
37.157.3.26
37.157.6.237
37.252.171.53
44.205.93.51
46.228.174.117
52.203.124.67
52.209.147.201
52.212.242.190
52.46.151.131
52.72.238.254
63.32.119.33
64.95.96.108
67.220.226.238
69.173.144.139
77.243.51.121
80.77.87.166
82.145.213.8
85.114.159.93
85.192.12.169
85.192.12.174
88.212.201.198
88.212.202.52
98.98.134.242
0038684f70e7797da9ffd6711e037cbd49658448facb30e2b93389dbc8c1cbd5
00d2f6cdc8935a366367038ae0c41970fb8179484bd7826fee8889adde33d887
055cf4517f751cf8695085af7d27d1a2653ec088ee88dcb60f422da8c754c4e1
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1036bc6434dc01e088cae8a6f4f39f80f4ba6bc590d085863c1726b46dda76c3
166d45afb2a79d345b58df0f47790726c55179d39b55bcda439477bcc741b01a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1c1cff50aff55b4885098dfddbda95585cea76264bed46120c69dd9bf0070615
28cce79fbfb93f180d0e7533ca3a43bd5faa37c45cf1598d4485f5e080bc83cc
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f29b0d26fa3574c7bb7771efd04c7185bc3b1adc55050d22f1252b536153315
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3466e699074fb21dc452411cc1d388e18ad2b2e5292fd7f93a894b32585617f5
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
38a1c2bef364ffd12a5f60ce3e021ad0661e802b253362900da6e7cd4fef943c
3d01953f1c52d11fcc65f774e511efe9d016f7d20e64f3ab13db270f8f46416b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
408ef277c5c07ee4f9a8ec7a2e0ceb44e1f6008bb54afee87ddbd4f032debe17
419020e7ed64604b4b1282d0e69599a7dbc4faeb23c6d5777a619a8797d64521
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a0afbc2a1f440d691e260863e24dbeb644836d3a5b0612aeb76ae66e636a6a6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
589094843589f9101c6e372c18f762a0605e7032ac6d300fd4df7f66ff5281bd
5a77d3f8677ba26cee2e77d126ee40d8e58fd6e13d10fbf01fe4e9b2e71045c4
5dc72574c725e1a577db0f6a8da82b83556ba92dacef077a5924c3cb4348cceb
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
62add9b68ffd4c7673f7e5017cc3bd56be4cb40bce824d0e35fc3a93aea9bbba
631c0faefed8407e879bed847cf216d443585802af7f02563c539f6f9dad5da7
6b682f0e4951fd2b017b319a2fa135692c8e8fdae0099e097099b7ec51e4a0bb
77801d78f2b2bb1fe4abb6b01683fd73e32743fb10678667f3bcffe8d3631e1a
7b9ffb8cdc07ce00b24b05a876266cb2fe3240b6121c89ad16eb35631a78818a
7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa
7e6d09da6ba4996eee765d4f73fb4001f371114b7596e8df7d17add0ac2256d2
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81465cc0b84489aa4c9612e5b7ea9ca4cfcf5a9805c2189b94c7d2dc796ecb0e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
887507327f033d8917f53ea2466aa9e603f18de4edcb6eb78fcef131f1b2c16b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
9210fb80d7fc5cb3370db9ac7631e9b1cf51177374254d650dd68a6f72e2db99
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
946fe9986b082ac7abdba026b9f249092069a3248c9e8d7829f4a4fa9da71031
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c6627f85cf2233d848b3645bdb48a41546353bd48138b497a6a403fa9cb7030
9cbb74c1e2739c90c88be5219522b8e94f29f8b1fa1ecbe6cd3eaa02131a969a
a0c73b2e84c4cb4be4d82e972257a3e6b8d20ecac936dfe12e0823de118819da
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a5a6c7eaf1009a5ba1c3d0cc563f3e692e06ad8eb7ded0c3ef3570bf1382a9de
a9ae42be2f7c83ff8cb6e60da7aad36514459b1f67f89ddf29ff30ba2c581950
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9953f2e1f77a2b2b139486c05075d438aa7855df1db1e0f98a4798a220272a7
b9e33494a849e6e9aeebb403976e76367c1f0e03d995d0cd25389b6c8d8b8062
bafe6fd85ddfdbd516fc0ba3f773c61cc6ff2cbc380bd8fad7ed1cd816ef770a
bee40400f64b1baebe1abd47c3f045c66a9d2ca027bc8228e40e8587314030cb
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c65d53a42cee116ade46f996ccea0bb92cf285bcaf4cb5c024bf77a9c5e8135f
c83f7f093522a439b17753d827129d1dfdc7ad5c5ff9c0127449dcb8ab8c0911
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d51483df0bf61680e54e1ced6b04f2712b523e91b3db4bc48cd96a77f9348ac3
d832cac581264ab0ea8be46ef552e4842ff3f1a5b432562f1908ae56bbdc6303
dd25694faed81a2f6108344e3b641e440703c15b12ca52bb742e28eeae12e56a
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5087e216abdbe0d3c25e698fe0448940e7db29387d3010ce2a274d9e37fc691
e5518859d6d6f041adf70ee26d2cebb32772695d43299fd535d548f4d5112d10
e874894556e7eb5597010db36d58d7b0cf13292468485340ee7ca6d56402ea56
e8c43f30a1cfc44ac211b8c4262d816f3b2082890f14bcbf6aa992c3d368a5aa
ecc88f66299785d4dee0637798168ede32f3419533d6611fb5ae9d7dd1222756
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f26684433300886915edd09c39e253179c4f5086b657952862fbf33190ea7502
f5432fb25c10f0dbb2237d195df416b9a2b675700076f667bd64b91a8eeb8fda
f6143dbed2dbbdf1be4e596caab2d7d0437f54d4809d726c0460ca74879c97a8

oq-ayiq.net Open in urlscan Pro 138.201.169.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

165 Requests

54 %HTTPS

19 %IPv6

74 Domains

107 Subdomains

53 IPs

16 Countries

934 kBTransfer

2038 kBSize

123 Cookies

13 Outgoing links

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

oq-ayiq.net Open in urlscan Pro
138.201.169.61 Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

54 %
HTTPS

19 %
IPv6

74
Domains

107
Subdomains

53
IPs

16
Countries

934 kB
Transfer

2038 kB
Size

123
Cookies

165 HTTP transactions
0 data transactions