urlscan.io logo urlscan.io
SecurityTrails logo

xmod.in Open in urlscan Pro
2606:4700:3034::ac43:8960  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://byrl.me/Azure-for-Students
Effective URL: https://xmod.in/blog/
Submission: On July 15 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 73 IPs in 10 countries across 76 domains to perform 231 HTTP transactions. The main IP is 2606:4700:3034::ac43:8960, located in United States and belongs to CLOUDFLARENET, US. The main domain is xmod.in.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 25th 2021. Valid for: a year.
This is the only time xmod.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 216.10.243.64 394695 (PUBLIC-DO...)
1 1 162.0.235.151 22612 (NAMECHEAP...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.66.139.10 16509 (AMAZON-02)
7 18.159.12.89 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
8 23.35.236.201 16625 (AKAMAI-AS)
2 216.52.2.19 30282 (AS-INAPCD...)
1 2600:9000:249... 16509 (AMAZON-02)
3 142.250.186.34 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
3 35.156.32.52 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
4 178.250.0.157 44788 (ASN-CRITE...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 46.137.141.240 16509 (AMAZON-02)
8 12 185.89.211.12 29990 (ASN-APPNEX)
1 23.227.137.155 55081 (24SHELLS)
8 35.241.34.106 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 141.95.98.69 16276 (OVH)
2 67.202.105.34 32748 (STEADFAST)
7 51.89.9.254 16276 (OVH)
3 17 23.227.139.243 55081 (24SHELLS)
3 2a06:8640:506... 55081 (24SHELLS)
1 9 5.178.65.246 50673 (SERVERIUS-AS)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.65.108 54113 (FASTLY)
2 23.227.145.146 55081 (24SHELLS)
1 9 172.67.10.198 13335 (CLOUDFLAR...)
1 1 147.75.85.234 54825 (PACKET)
2 198.47.127.19 62713 (AS-PUBMATIC)
2 66.155.71.25 13768 (COGECO-PEER1)
4 12 54.89.128.231 14618 (AMAZON-AES)
4 5.178.65.253 50673 (SERVERIUS-AS)
4 4 23.75.240.210 16625 (AKAMAI-AS)
8 23.205.235.133 16625 (AKAMAI-AS)
2 9 104.18.18.126 13335 (CLOUDFLAR...)
1 2 104.18.19.126 13335 (CLOUDFLAR...)
2 205.234.175.175 23352 (SERVERCEN...)
19 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
4 6 142.250.185.66 15169 (GOOGLE)
3 4 35.227.248.159 15169 (GOOGLE)
3 5 37.157.6.252 198622 (ADFORM)
5 15.197.193.217 16509 (AMAZON-02)
1 2a04:4e42:200... 54113 (FASTLY)
1 2600:1f16:e61... 16509 (AMAZON-02)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 3.251.27.103 16509 (AMAZON-02)
1 18.198.69.109 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 34.111.131.239 15169 (GOOGLE)
1 185.15.245.82 24961 (MYLOC-AS ...)
2 6 52.213.127.205 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 18.156.126.13 16509 (AMAZON-02)
2 63.33.136.29 16509 (AMAZON-02)
1 168.119.79.223 24940 (HETZNER-AS)
2 3 151.101.194.49 54113 (FASTLY)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 100.24.249.189 14618 (AMAZON-AES)
1 2 52.95.115.196 16509 (AMAZON-02)
1 104.111.215.191 16625 (AKAMAI-AS)
2 2 52.215.200.154 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 185.86.137.131 201081 (SMARTADSE...)
2 4 52.46.143.56 16509 (AMAZON-02)
2 2 52.50.170.21 16509 (AMAZON-02)
1 1 34.111.151.213 15169 (GOOGLE)
1 1 185.29.134.244 30419 (MEDIAMATH...)
2 69.173.144.165 26667 (RUBICONPR...)
4 18.66.97.8 16509 (AMAZON-02)
3 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2 185.94.180.126 35220 (SPOTX-AMS)
2 51.15.145.116 12876 (Online SAS)
1 1 64.74.236.255 19024 (INTERNAP-...)
5 69.173.144.138 26667 (RUBICONPR...)
2 37.157.4.28 198622 (ADFORM)
2 2 35.186.253.211 15169 (GOOGLE)
1 1 51.83.220.94 16276 (OVH)
2 2 213.19.147.44 3356 (LEVEL3)
1 185.89.210.154 29990 (ASN-APPNEX)
1 2a05:d018:d29... 16509 (AMAZON-02)
1 18.156.0.31 16509 (AMAZON-02)
1 1 34.240.24.63 16509 (AMAZON-02)
1 1 193.0.160.129 54312 (ROCKETFUEL)
2 3 23.75.246.168 16625 (AKAMAI-AS)
2 52.57.150.20 16509 (AMAZON-02)
231 73
1    216.10.243.64 (India)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: server.sonyserialtalks.net
byrl.me
1    162.0.235.151 (Penngrove, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium152-2.web-hosting.com
link.short2url.in
2    2606:4700:3034::ac43:8960 (United States)

ASN13335 (CLOUDFLARENET, US)
xmod.in
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    18.66.139.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-10.fra60.r.cloudfront.net
m2d.m2.ai
7    18.159.12.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-12-89.eu-central-1.compute.amazonaws.com
lwgadm.com
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    2600:9000:2490:1000:1b:7f5c:2c80:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.lwgadm.com
3    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2600:9000:223f:c00:5:3aaa:f40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.pubguru.com
3    35.156.32.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-32-52.eu-central-1.compute.amazonaws.com
a3.pubguru.net
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
3    46.137.141.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-141-240.eu-west-1.compute.amazonaws.com
ad.360yield.com
ice.360yield.com
12    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    23.227.137.155 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
8    35.241.34.106 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 106.34.241.35.bc.googleusercontent.com
c.4dex.io
3    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
3    141.95.98.69 (France)

ASN16276 (OVH, FR)
PTR: ns3216534.ip-141-95-98.eu
id5-sync.com
2    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
ic.tynt.com
7    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
17    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
sync.console.adtarget.com.tr
3    2a06:8640:506:0:ec4:7aff:fec2:7e6e (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.adtelligent.com
9    5.178.65.246 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
2    2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    23.227.145.146 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
9    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
static.smilewanted.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
12    54.89.128.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-128-231.compute-1.amazonaws.com
a.audrte.com
4    5.178.65.253 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
4    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
9    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
dsum-sec.casalemedia.com
2    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
ssum-sec.casalemedia.com
2    205.234.175.175 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
19    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
6    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
5    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
dmp.adform.net
c1.adform.net
5    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f16:e61:3f01:46b:43f6:5ec6:edd4 (Columbus, United States)

ASN16509 (AMAZON-02, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b002:d4fc:f527:7aed:872f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    3.251.27.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-27-103.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Rogeno, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.93 (Sankt Georgen im Schwarzwald, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.82 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
6    52.213.127.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    18.156.126.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-126-13.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    63.33.136.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-136-29.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    168.119.79.223 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.223.79.119.168.clients.your-server.de
sync.richaudience.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    100.24.249.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-249-189.compute-1.amazonaws.com
usermatch.krxd.net
2    52.95.115.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    52.215.200.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-200-154.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
2    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
2    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
4    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    52.50.170.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-170-21.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    18.66.97.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-8.fra56.r.cloudfront.net
tags.crwdcntrl.net
3    2a02:6ea0:c700::20 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    51.15.145.116 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-15-145-116.rev.poneytelecom.eu
js.cookieless-data.com
1    64.74.236.255 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
2    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro
a4p.adpartner.pro
2    213.19.147.44 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    185.89.210.154 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 955.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    2a05:d018:d29:3602:80b2:ded:f09c:81b2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    34.240.24.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-24-63.eu-west-1.compute.amazonaws.com
d.adroll.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    23.75.246.168 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-246-168.deploy.static.akamaitechnologies.com
px.owneriq.net
2    52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
ps.eyeota.net
Apex Domain
Subdomains		 Transfer
19 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1822
mwzeom.zeotap.com — Cisco Umbrella Rank: 1465
6 KB
19 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1165
eus.rubiconproject.com — Cisco Umbrella Rank: 630
pixel.rubiconproject.com — Cisco Umbrella Rank: 372
token.rubiconproject.com — Cisco Umbrella Rank: 787
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2473
44 KB
19 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 6067
sync.adtelligent.com — Cisco Umbrella Rank: 3940
s.adtelligent.com — Cisco Umbrella Rank: 4476
11 KB
15 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 5165
s.e-planning.net — Cisco Umbrella Rank: 7755
u-ams02.e-planning.net — Cisco Umbrella Rank: 68283
i.e-planning.net — Cisco Umbrella Rank: 7805
7 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
acdn.adnxs.com — Cisco Umbrella Rank: 623
secure.adnxs.com — Cisco Umbrella Rank: 436
27 KB
12 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2561
15 KB
11 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1422
r.casalemedia.com — Cisco Umbrella Rank: 850
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 597
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 505
11 KB
11 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2724
mp.4dex.io — Cisco Umbrella Rank: 3757
c.4dex.io — Cisco Umbrella Rank: 10288
25 KB
10 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 990
id.crwdcntrl.net — Cisco Umbrella Rank: 1558
tags.crwdcntrl.net — Cisco Umbrella Rank: 1460
98 KB
10 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 531
image6.pubmatic.com — Cisco Umbrella Rank: 684
120 KB
9 smilewanted.com
prebid.smilewanted.com Failed
csync.smilewanted.com — Cisco Umbrella Rank: 5236
static.smilewanted.com — Cisco Umbrella Rank: 10893
17 KB
9 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 231
cm.g.doubleclick.net — Cisco Umbrella Rank: 223
158 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 410
mug.criteo.com — Cisco Umbrella Rank: 2434
2 KB
8 lwgadm.com
lwgadm.com — Cisco Umbrella Rank: 347591
content.lwgadm.com — Cisco Umbrella Rank: 489507
174 KB
7 adform.net
dmp.adform.net — Cisco Umbrella Rank: 4474
c1.adform.net — Cisco Umbrella Rank: 651
cm.adform.net — Cisco Umbrella Rank: 1718
2 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 849
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1276
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
4 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 399
2 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 500
1 KB
4 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 5067
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 5625
3 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1176
1 KB
3 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 4681
35 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 689
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 504
usermatch.krxd.net — Cisco Umbrella Rank: 1355
943 B
3 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 911
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 528
ups.analytics.yahoo.com — Cisco Umbrella Rank: 290
2 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 593
2 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2262
117 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 692
ice.360yield.com — Cisco Umbrella Rank: 1936
795 B
3 pubguru.net
a3.pubguru.net — Cisco Umbrella Rank: 18723
778 B
3 gstatic.com
fonts.gstatic.com
186 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1095
2 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 586
1 KB
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1906
534 B
2 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 7340
1 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 552
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 540
1 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1640
417 B
2 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4394
sync-eu.connectad.io — Cisco Umbrella Rank: 3274
910 B
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 67450
429 B
2 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1130
sync.mathtag.com — Cisco Umbrella Rank: 524
1 KB
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 35441
682 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 213
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1254
752 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 662
727 B
2 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3672
382 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1071
725 B
2 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 3965
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 69
20 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 731
vpod1q.qa.lijit.com Failed
4 KB
2 m2.ai
m2d.m2.ai — Cisco Umbrella Rank: 19488
204 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 81
5 KB
2 xmod.in
xmod.in
18 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 838
755 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1676
112 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 6935
259 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 575
310 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2285
366 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 538
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2010
359 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 492
532 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 17984
272 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1776
596 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 114161
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 8368
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 14680
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 702
162 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1345
257 B
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 157
9 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 196
28 KB
1 pubguru.com
cdn.pubguru.com — Cisco Umbrella Rank: 30510
1000 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 258
27 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 101
40 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 459
25 KB
1 short2url.in
link.short2url.in
189 B
1 byrl.me
byrl.me
1 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
231 76
Domain Requested by
15 sync.adtelligent.com 1 redirects content.lwgadm.com
ads.us.e-planning.net
s.console.adtarget.com.tr
s.adtelligent.com
13 mwzeom.zeotap.com ads.us.e-planning.net
spl.zeotap.com
12 a.audrte.com 4 redirects ads.us.e-planning.net
a.audrte.com
s.adtelligent.com
12 ib.adnxs.com 8 redirects content.lwgadm.com
acdn.adnxs.com
csync.smilewanted.com
spl.zeotap.com
8 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
s.adtelligent.com
8 csync.smilewanted.com 1 redirects content.lwgadm.com
csync.smilewanted.com
8 c.4dex.io xmod.in
8 ads.pubmatic.com xmod.in
content.lwgadm.com
ads.us.e-planning.net
csync.smilewanted.com
s.adtelligent.com
7 dsum-sec.casalemedia.com 1 redirects r.casalemedia.com
ssum.casalemedia.com
7 onetag-sys.com content.lwgadm.com
ads.us.e-planning.net
s.adtelligent.com
7 lwgadm.com xmod.in
lwgadm.com
content.lwgadm.com
s.adtelligent.com
6 cm.g.doubleclick.net 4 redirects spl.zeotap.com
r.casalemedia.com
6 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
6 u-ams02.e-planning.net ads.us.e-planning.net
r.casalemedia.com
ssum.casalemedia.com
vid.vidoomy.com
5 match.adsrvr.org spl.zeotap.com
ads.pubmatic.com
r.casalemedia.com
s.adtelligent.com
4 token.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
4 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
4 s.amazon-adsystem.com 2 redirects r.casalemedia.com
ssum.casalemedia.com
4 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
4 dmp.adform.net 3 redirects spl.zeotap.com
4 pixel.tapad.com 3 redirects ads.us.e-planning.net
4 secure-assets.rubiconproject.com 4 redirects
4 s.e-planning.net ads.us.e-planning.net
4 mug.criteo.com xmod.in
4 gum.criteo.com 2 redirects
3 px.owneriq.net 2 redirects ssum.casalemedia.com
3 vid.vidoomy.com ads.us.e-planning.net
s.adtelligent.com
3 sync-tm.everesttech.net 2 redirects ssum.casalemedia.com
3 ads.us.e-planning.net 1 redirects content.lwgadm.com
s.adtelligent.com
3 s.adtelligent.com content.lwgadm.com
s.adtelligent.com
3 id5-sync.com content.lwgadm.com
ads.pubmatic.com
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 a3.pubguru.net m2d.m2.ai
3 securepubads.g.doubleclick.net lwgadm.com
securepubads.g.doubleclick.net
3 fonts.gstatic.com fonts.googleapis.com
2 ps.eyeota.net s.adtelligent.com
2 sync.1rx.io 2 redirects
2 rtb.openx.net 2 redirects
2 sync.console.adtarget.com.tr 2 redirects
2 cm.adform.net s.console.adtarget.com.tr
2 js.cookieless-data.com s.e-planning.net
2 sync.search.spotxchange.com 2 redirects
2 pixel.rubiconproject.com csync.smilewanted.com
2 match.prod.bidr.io 2 redirects
2 id.crwdcntrl.net ads.pubmatic.com
2 sync.smartadserver.com 1 redirects csync.smilewanted.com
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 creativecdn.com 2 redirects
2 i.e-planning.net ads.us.e-planning.net
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 pixel.sitescout.com ads.us.e-planning.net
2 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
2 s.console.adtarget.com.tr content.lwgadm.com
s.adtelligent.com
2 csync.loopme.me 2 redirects
2 ic.tynt.com content.lwgadm.com
s.adtelligent.com
2 ad.360yield.com 1 redirects content.lwgadm.com
2 script.4dex.io content.lwgadm.com
script.4dex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ap.lijit.com lwgadm.com
s.adtelligent.com
2 m2d.m2.ai xmod.in
m2d.m2.ai
2 fonts.googleapis.com xmod.in
2 xmod.in
1 p.rfihub.com 1 redirects
1 d.adroll.com 1 redirects
1 ups.analytics.yahoo.com ssum.casalemedia.com
1 pr-bh.ybp.yahoo.com ssum.casalemedia.com
1 secure.adnxs.com ssum.casalemedia.com
1 a4p.adpartner.pro 1 redirects
1 pixel-eu.rubiconproject.com ads.us.e-planning.net
1 b1sync.zemanta.com 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 sync-eu.connectad.io cdn.connectad.io
1 ice.360yield.com 1 redirects
1 sync.mathtag.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 c1.adform.net r.casalemedia.com
1 cdn.connectad.io csync.smilewanted.com
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 sync.richaudience.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 r.casalemedia.com ads.us.e-planning.net
1 static.smilewanted.com csync.smilewanted.com
1 prebid.a-mo.net 1 redirects
1 acdn.adnxs.com content.lwgadm.com
1 lh3.googleusercontent.com xmod.in
1 ghb.adtelligent.com content.lwgadm.com
1 mp.4dex.io content.lwgadm.com
1 www.googletagservices.com m2d.m2.ai
1 cdn.pubguru.com xmod.in
1 cdnjs.cloudflare.com xmod.in
1 content.lwgadm.com lwgadm.com
1 www.googletagmanager.com xmod.in
1 cdn.jsdelivr.net xmod.in
1 link.short2url.in 1 redirects
1 byrl.me 1 redirects
0 api.rlcdn.com Failed ads.pubmatic.com
0 vpod1q.qa.lijit.com Failed ap.lijit.com
0 prebid.smilewanted.com Failed content.lwgadm.com
231 112

This site contains links to these domains. Also see Links.

Domain
yuthemestore.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-25 -
2022-08-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.m2.ai
Amazon		 2021-11-08 -
2022-12-07		 a year crt.sh
lwadm.com
Amazon		 2022-02-20 -
2023-03-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.lwadm.com
Amazon		 2022-01-14 -
2023-02-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.pubguru.net
Amazon		 2022-04-26 -
2023-05-25		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.360yield.com
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-06-06 -
2022-09-04		 3 months crt.sh
c.4dex.io
GTS CA 1D4		 2022-07-11 -
2022-10-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.id5-sync.com
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-05-29 -
2022-08-27		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-06-01 -
2022-08-30		 3 months crt.sh
ads.us.e-planning.net
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-05-28 -
2022-08-26		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.audrte.com
Amazon		 2022-02-24 -
2023-03-24		 a year crt.sh
*.e-planning.net
R3		 2022-05-17 -
2022-08-15		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2022-02-23 -
2023-02-03		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
dmp.theadex.com
R3		 2022-06-27 -
2022-09-25		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
*.cookieless-data.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-23 -
2023-03-22		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-07 -
2022-11-30		 6 months crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2022-03-18 -
2023-03-18		 a year crt.sh

This page contains 60 frames:

Primary Page: https://xmod.in/blog/
Frame ID: 59D739D0B540F2C862607F1278198F70
Requests: 67 HTTP requests in this frame

Frame: https://vpod1q.qa.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=1---
Frame ID: 28D4841594FC96F69FD9559D3BF99EAD
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: CCE21BB5CC41D58680332543B556E780
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3a%2f%2flwgadm.com%2fusermatch%2fpl%3fcb%3d637935133594857197%26bid%3d08d9af6e-a576-4661-84a3-a194f4d4c613%26lwuid%3decde500820c6487c84a7e5b68fb3a8dd%26buid%3d${USER_TOKEN}
Frame ID: 2AB95B7F3213690A7CBF5C983CC0720F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 14006D091C38055B5AF2A09C9A1C3DC0
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7381999337586498764
Frame ID: 3A09AC8A76001AFA4BCE1B8FDD7F1DE6
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: CF650F198C2439596EA32F5645287A80
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 1673EA48135A685D05ED91F9A0C26F62
Requests: 12 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=e753e907-8c4c-482d-beda-63bdf8024e41
Frame ID: 5433B83D305F872269E6EABF7DD7314C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1AC5E39AAD0649A1014A481185B3644D
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: E838F534BBDA405FB65534BE85FBB1CA
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 56024478B3E9D7F8398A0DF78680FCE2
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: CBEC1B498AED9A25E1B83E8C84B0F53C
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=656378
Frame ID: E4644EB279A1C5BFAC3831A3DFDF822B
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 09FA17976C7B38DE8109B11DC484DC65
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D3df11b39b0572227%26uid%3D
Frame ID: E235B89612EC91A876CB14F40160B34F
Requests: 1 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3df11b39b0572227%26uid%3D&s=190243&C=1
Frame ID: 1D27F5F425D23726C76238251ADA9202
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 50E4AEDD151E310001C91BC756696673
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 1EE760D4556F5E64BDEC3F565A04DAF8
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361&cmp=0
Frame ID: DCE2B63D65D4C1C57BA000DB7EEBD051
Requests: 30 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 5BC94E01905F8D4C7A8C293C46DE54D6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/TYiIML05Xc7j5Y29ag3V?pi=smilewanted&tc=1
Frame ID: 264EB5F139123241A0541757C9715540
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=fca94c6531e5d3a2822f1b69d37f89d2
Frame ID: 76026117D1AD461EC4182382F62D9515
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 47077897C33F7FB616A5B9AF6F7F743D
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 8B1DD1DC9470775F3FB711D77863C5B6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/3524da36-7c36-4944-be3e-02a30146b9e9&partner_id=1010
Frame ID: 356EC9506EC123AF29E428E3A27725D7
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 02FFB9E46494A6EACE1CC880BE44268A
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 5AF42A3915C49B0DF83BE5FAD42597B6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: BBF1845F7E91D9E126159F349DA95360
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtHMkXhdfb48Dfcq3rMpVgAA%261159
Frame ID: 84E922B0E46BB1FFBA96793824201573
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: B5A71A00D5168420B27BE8B061B8E70F
Requests: 2 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=3df11b39b0572227&uid=a6f37f0123013099a595be2217fc435a
Frame ID: 49D812A3B4D80CCEEA7A827DCC39769B
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ANq358RQJd1yQzbu
Frame ID: 58A2141F40D302A265A58881D12F442E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/e0cc9429-047b-11ed-9831-12c786060306
Frame ID: 80410C1654F39E53E3715EF4857B3F8A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: E728FA1764229AC1CCA669F7F3CB86E3
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 5ABAB1844E7AF75D28102FCDEB135EFB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 60245AFA195F4A73D1C9B0E2FFF811E6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: B7F34FA7F059EAB6747CA4A03259CA2A
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: ACC7FBA45D051007E6772FB290078962
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 398DB93BB8FE5467F765B6CD13C4B827
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 3C53FCA05838EFB15F67503A61CFC1DD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: FF788591E61F3DC75174FC6A0612107E
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4207215395475228676
Frame ID: 2FF9B92816AD33D465E271B0935C97A9
Requests: 1 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 4D57CABED36B48DF488B8720C9A0AD61
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=e753e907-8c4c-482d-beda-63bdf8024e41
Frame ID: 537FD9784782B1AB4456EDAB9CAFF9E4
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 5AA7404C4A07066505C6576B1F4BE47B
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 4CF758CEE25F4D72F5AC1025E2CF9EFD
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 679D40414C6D44AB8F2E479C55D2DC07
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D8482cdaf4be90419%26uid%3D
Frame ID: 886C54D7B53314ACC6729D3814E99CFE
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D8482cdaf4be90419%26uid%3D
Frame ID: 5C96D6C532C2570BCFB2998D50E7706E
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 129B0B74A98291C4503A94C233D838FD
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 76E6220D12C6D1C0BD685ED07D344754
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=82dab74c-661b-49e3-568c-5d219276ab1d&zdid=1361&cmp=0
Frame ID: 094CF7D682DE6CE536B47604BA7B0443
Requests: 4 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: CA62A901C4599784138CE639A5B33D79
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 77C8BADDFFCB9F91E7F07A6481AA871B
Requests: 2 HTTP requests in this frame

Frame: https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=8482cdaf4be90419&uid=a6f37f0123013099a595be2217fc435a
Frame ID: 17BCF93D9AB1208E123F9542BEF3C104
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ANq358RQJd1yQzbu
Frame ID: 5633E3360816DCD1B95894A95E258941
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: CB98243F7F5333E9A855201CFFA38086
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 0D84E62410C6D7EFE29E5E9FD4A1736A
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 8772E3D036C241C0C9FA8713B137C8A7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://byrl.me/Azure-for-Students HTTP 301
    https://link.short2url.in/08aASc6R HTTP 302
    https://xmod.in/blog/verify/?08aASc6R Page URL
  2. https://xmod.in/blog/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

231
Requests

77 %
HTTPS

24 %
IPv6

76
Domains

112
Subdomains

73
IPs

10
Countries

1431 kB
Transfer

4249 kB
Size

98
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://byrl.me/Azure-for-Students HTTP 301
    https://link.short2url.in/08aASc6R HTTP 302
    https://xmod.in/blog/verify/?08aASc6R Page URL
  2. https://xmod.in/blog/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://byrl.me/Azure-for-Students HTTP 301
  • https://link.short2url.in/08aASc6R HTTP 302
  • https://xmod.in/blog/verify/?08aASc6R
Request Chain 20
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxmod.in%2F&domain=xmod.in&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=8HuQb3xJdDFpRGxvL0VnRXlCRlNFdE8zSjE4VkR0eXNkbC92cEdBVncwK1Vtc1Z2UEcvRWdYSnRZakEzV2hyZGlGb1BwUW94dm5lYW8veW1sYWVDTCs2WDlrZHNIaWVlMk9FcG9KdHpiRkpIMTZzbk5xYkRabzhpNzJ6b2duK1FLZm1uYkUyMTZZbHgyUWVVaUlENFZFLzMvT1pwQktaaUR2L2FUVFFrMFJRcWhCZWxkS0p4NUxHMXNZU1MzeUhuQkNnbXh1b2ZnY0FKM05mR2tGOWF5SldDVWNkenRWK1U5SVFQY3YvMUluY0xhZmZ3PXw&cppv=2
Request Chain 22
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxmod.in%2F&domain=xmod.in&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=e20SAnxQQXowNGJWY1ExMjk5bnZnNVJ0Z2JNSkFhektDaSt6ZkpsWU94WEora2lzbDlzUDNoaVVKL2l3UThJSXlQMUF0blk5dnNoTlJDZ2RseHdTWSt5NzFkbGhyUHpPNUluSEQ5cVVReGhRNmxramVoYktKN1NIa3RmNXFBVmlEZ1FiRTdDMStWNTJ3NEdtbld2QlNPQ1NENjQ2TmpGTm9oRGdsdTBGYzZNMGFRZ01Zb2lRNnhlWlVBV2xSSWwwU0VKZnVQNloxQUNWWmF3UzZodmxRTW5yVzA2YVRieVUzRzQ4T2NtTGkyYllKeitRPXw&cppv=2
Request Chain 64
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7381999337586498764
Request Chain 66
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Request Chain 67
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=e753e907-8c4c-482d-beda-63bdf8024e41
Request Chain 73
  • https://ib.adnxs.com/getuid?https%3a%2f%2flwgadm.com%2fusermatch%2fpl%3fcb%3d637935133594857197%26bid%3d03485854-5ae2-43d5-8d5d-cfe9b12ac08c%26lwuid%3decde500820c6487c84a7e5b68fb3a8dd%26buid%3d$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252flwgadm.com%252fusermatch%252fpl%253fcb%253d637935133594857197%2526bid%253d03485854-5ae2-43d5-8d5d-cfe9b12ac08c%2526lwuid%253decde500820c6487c84a7e5b68fb3a8dd%2526buid%253d%24UID HTTP 302
  • https://lwgadm.com/usermatch/pl?cb=637935133594857197&bid=03485854-5ae2-43d5-8d5d-cfe9b12ac08c&lwuid=ecde500820c6487c84a7e5b68fb3a8dd&buid=4207215395475228676
Request Chain 74
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3a%2f%2flwgadm.com%2fusermatch%2fpl%3fcb%3d637935133594857197%26bid%3d094c0db2-5ca2-43f2-be9b-500255dd1cfd%26lwuid%3decde500820c6487c84a7e5b68fb3a8dd%26buid%3d HTTP 302
  • https://lwgadm.com/usermatch/pl?cb=637935133594857197&bid=094c0db2-5ca2-43f2-be9b-500255dd1cfd&lwuid=ecde500820c6487c84a7e5b68fb3a8dd&buid=f103ff3f-2d6c-42a2-986c-1ad06039974e&gdpr=&gdpr_consent=&us_privacy=
Request Chain 81
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D3df11b39b0572227%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=3df11b39b0572227&uid=4207215395475228676
Request Chain 82
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 84
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3df11b39b0572227%26uid%3D HTTP 302
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3df11b39b0572227%26uid%3D&s=190243&C=1
Request Chain 89
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/TYiIML05Xc7j5Y29ag3V?pi=smilewanted&tc=1
Request Chain 91
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=fca94c6531e5d3a2822f1b69d37f89d2
Request Chain 94
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D51c68854-b20f-455a-4167-3a1645d4292b%26reqId%3D48f24635-d29b-47f8-4cc9-09712dcb623f%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D51c68854-b20f-455a-4167-3a1645d4292b%26reqId%3D48f24635-d29b-47f8-4cc9-09712dcb623f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=48de9396-9d08-415a-9c11-41663e45bb93&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Request Chain 100
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=d3021c63-9639-4cc8-8efb-2f980ddcb2b5&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 101
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=51c68854-b20f-455a-4167-3a1645d4292b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D51c68854-b20f-455a-4167-3a1645d4292b%26reqId%3D48f24635-d29b-47f8-4cc9-09712dcb623f%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=51c68854-b20f-455a-4167-3a1645d4292b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D51c68854-b20f-455a-4167-3a1645d4292b%26reqId%3D48f24635-d29b-47f8-4cc9-09712dcb623f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=64378499865961631433371372573344658048&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Request Chain 103
  • https://bn01.er.bemail.it/zeotap.php?_bid=51c68854-b20f-455a-4167-3a1645d4292b&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022071601-58493-0.832731001657928912-c1340ba7c97ab19a55a8725ee874e560&zdid=533&env=mWeb
Request Chain 104
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D51c68854-b20f-455a-4167-3a1645d4292b%26reqId%3D48f24635-d29b-47f8-4cc9-09712dcb623f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7120697409005287563&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Request Chain 105
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=51c68854-b20f-455a-4167-3a1645d4292b HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=51c68854-b20f-455a-4167-3a1645d4292b
Request Chain 106
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=51c68854-b20f-455a-4167-3a1645d4292b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D51c68854-b20f-455a-4167-3a1645d4292b%26reqId%3D48f24635-d29b-47f8-4cc9-09712dcb623f%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=51c68854-b20f-455a-4167-3a1645d4292b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D51c68854-b20f-455a-4167-3a1645d4292b%26reqId%3D48f24635-d29b-47f8-4cc9-09712dcb623f%26zdid%3D1361&bounce=1&random=2362548073 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=sOKcN/wiold9g10rz09Fre&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Request Chain 108
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=51c68854-b20f-455a-4167-3a1645d4292b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=51c68854-b20f-455a-4167-3a1645d4292b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Request Chain 109
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-CZR5.DdE2oqrhvpzDYAePO4DtuzOQrWMFw--~A&zpartnerid=570&env=mWeb
Request Chain 110
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=KXNKX461uPfdA43c4POicTe6R3szFP9%2F%2BS41iYitP1U%3D
Request Chain 113
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D51c68854-b20f-455a-4167-3a1645d4292b%26reqId%3D48f24635-d29b-47f8-4cc9-09712dcb623f%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D51c68854-b20f-455a-4167-3a1645d4292b%26reqId%3D48f24635-d29b-47f8-4cc9-09712dcb623f%26zdid%3D1361&_test=YtHMkQAQjpG6MAAo HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YtHMkQAQjpG6MAAo&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361&_test=YtHMkQAQjpG6MAAo
Request Chain 114
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D51c68854-b20f-455a-4167-3a1645d4292b%26reqId%3D48f24635-d29b-47f8-4cc9-09712dcb623f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=3cb862d1-cc91-4800-9395-4bc91801e5bc&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Request Chain 115
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Request Chain 116
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=51c68854-b20f-455a-4167-3a1645d4292b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=51c68854-b20f-455a-4167-3a1645d4292b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361&dcc=t
Request Chain 118
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D51c68854-b20f-455a-4167-3a1645d4292b%26reqId%3D48f24635-d29b-47f8-4cc9-09712dcb623f%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Request Chain 122
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 130
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YtHMkXhdfb48Dfcq3rMpVgAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YtHMkXhdfb48Dfcq3rMpVgAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJVuUnJTE8eTlsJ4qvVs9jQ&google_cver=1&gdpr=1
Request Chain 131
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtHMkXhdfb48Dfcq3rMpVgAABIcAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtHMkXhdfb48Dfcq3rMpVgAABIcAAAAB&dcc=t
Request Chain 135
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACmaU7Fo5kAAGAWQElzCA&expiration=1659126161&gdpr=1
Request Chain 136
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3bb84ffc-7f5c-eba0-177efa75
Request Chain 137
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3cb862d1-cc91-4800-9395-4bc91801e5bc&gdpr=1&gdpr_consent=
Request Chain 139
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/3524da36-7c36-4944-be3e-02a30146b9e9&partner_id=1010
Request Chain 144
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtHMkXhdfb48Dfcq3rMpVgAA%261159
Request Chain 149
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=e0cc9468-047b-11ed-9831-12c786060306 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/e0cc9429-047b-11ed-9831-12c786060306
Request Chain 151
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Request Chain 154
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=d2b3c941188e92fb
Request Chain 157
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 165
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4207215395475228676
Request Chain 167
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=e753e907-8c4c-482d-beda-63bdf8024e41
Request Chain 170
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=80716b3d-3900-4277-aeeb-544df02c7bec
Request Chain 171
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4207215395475228676
Request Chain 173
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d9679133-3472-471f-a2c9-3f656a40965f
Request Chain 175
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1657916562237 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7837686897
Request Chain 176
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=3524da36-7c36-4944-be3e-02a30146b9e9
Request Chain 177
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Flwgadm.com%2Fusermatch%2Fpl%3Fbid%3De224d663-d5a0-49ff-baf5-6a5e88c72e07%26buid%3D%7Buid%7D HTTP 302
  • https://lwgadm.com/usermatch/pl?bid=e224d663-d5a0-49ff-baf5-6a5e88c72e07&buid=c4a9d6054185c3b6
Request Chain 183
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D8482cdaf4be90419%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=8482cdaf4be90419&uid=4207215395475228676
Request Chain 184
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 191
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D51c68854-b20f-455a-4167-3a1645d4292b%26reqId%3D82dab74c-661b-49e3-568c-5d219276ab1d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=82dab74c-661b-49e3-568c-5d219276ab1d&zdid=1361
Request Chain 194
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=d2b3c941188e92fb
Request Chain 199
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 200
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588520844268795
Request Chain 201
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtHMkXhdfb48Dfcq3rMpVgAABIcAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtHMkXhdfb48Dfcq3rMpVgAABIcAAAAB&dcc=t
Request Chain 202
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7112029622139369136&uid=Q7112029622139369136&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=gd7TpUHXixtS-OPhaTZ8SNKKA&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=gd7TpUHXixtS-OPhaTZ8SNKKA&gdpr=0&gdpr_consent=&google_gid=CAESEOVkn6TqDKDajNiATZoDkEo&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 212
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7992967453716416126 HTTP 302
  • https://a.audrte.com/p
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=gd7TpUHXixtS-OPhaTZ8SNKKA&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=gd7TpUHXixtS-OPhaTZ8SNKKA&gdpr=0&gdpr_consent=&google_gid=CAESEOVkn6TqDKDajNiATZoDkEo&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 218
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7992967453716416126 HTTP 302
  • https://a.audrte.com/p
Request Chain 223
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d

231 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
xmod.in/blog/verify/
Redirect Chain
  • https://byrl.me/Azure-for-Students
  • https://link.short2url.in/08aASc6R
  • https://xmod.in/blog/verify/?08aASc6R
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xmod.in/blog/verify/?08aASc6R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68243aa91619029e216090d8f4c8b69e240835016136ca73f67c5708e249da8a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
72b5360d7ed69bdd-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:37 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=01z75Q8fn54UBHIahpNswZraT5pRFJjuECgRvZcRYsplQzRbAFL5%2BD%2BvaxD3TzFGKC74eBN9%2FxgPZkX0m3zlpo69%2FEGcRHzscXheNV4Vt5l1ak9qtKBoMYVJ8SoyY2zSTxxVUyoS"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
683
content-type
text/html
date
Fri, 15 Jul 2022 20:22:36 GMT
location
https://xmod.in/blog/verify/?08aASc6R
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
Primary Request /
xmod.in/blog/ 		40 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xmod.in/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6df3da1c7ecefedd0315482faa6cadb8129cc451fd4047aba3962a5b8e064d9

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
72b53613aac89bdd-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:38 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://xmod.in/blog/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZVP1gazv%2FFW2mO3JCCkukFYATlwQ4D88x53CCKrlujIMVDfAvZSSDXbKXOwFmfItFwEy160fpnIkX7sxdYn%2B2tGFEZVktwEWt5JXX9eTfN74nputELlJMbhKUPSALMmwiF6HI0B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-dns-prefetch-control
on
x-litespeed-tag
ff5_HTTP.200
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: xmod.in
URL: https://xmod.in/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xmod.in/
Origin
https://xmod.in
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2132697
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19163-FRA, cache-iad-kiad7000030-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBaKntYVpox354z587ARAdwtvkPgdrhgVulX7wrbCZNBhx%2FinwW%2FsGul630iI1FVBKol%2B9X0VHj3WOrFPhG%2FcQShF2Jrn1QPFZZ%2B5MpaLdwXi7BIj0SZ9OSIOiVMb28AJbwzlWHbpDED9H5K624%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
72b5361daf81bb50-FRA
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: xmod.in
URL: https://xmod.in/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55475f690303f28766cea7ae2214bca689adb1d19426a636ae5f812d30ed88aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 19:47:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 15 Jul 2022 20:22:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Jul 2022 20:22:39 GMT
js
www.googletagmanager.com/gtag/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-124607845-15
Requested by
Host: xmod.in
URL: https://xmod.in/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bab1ec6588f078cdb89b7d70f9c407e13203db25fd1abf835907c9ddbf822214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40267
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Jul 2022 20:22:39 GMT
pg.xmod.article.js
m2d.m2.ai/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m2d.m2.ai/pg.xmod.article.js
Requested by
Host: xmod.in
URL: https://xmod.in/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-10.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96e2836abcf692cd6c5faa53cda329482428a2dddcdd17f7da1570980fed30ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:13:33 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2022 17:36:21 GMT
server
AmazonS3
age
547
etag
W/"6d4c1231b0d86d8d15da1f15d616e8db"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control
max-age=14400
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
lyhvnuIuRiOhwcJJ-ho_MOLf_Je2ctFAuGPxRoe6J3nYGKcDzUdo2w==
pbjs
lwgadm.com/lw/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lwgadm.com/lw/pbjs?pid=c470e392-a0b9-4f74-888a-12f92fae43f9
Requested by
Host: xmod.in
URL: https://xmod.in/blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.12.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-12-89.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a746f8d7b2c6e716567800e78178defa06a13c9663dbe4f420be0d3a0850abf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
content-encoding
gzip
etag
ecde500820c6487c84a7e5b68fb3a8dd|FAF8BD6B4EBC8A43DF0155F7790E4845
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
private,no-cache
access-control-allow-credentials
true
content-length
20339
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xmod.in
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 19:06:05 GMT
x-content-type-options
nosniff
age
350194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16720
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 19:06:05 GMT
pg-220518-fa2-nc-86d5133c2abe93c211076929b3bec352.js
m2d.m2.ai/v/ 		694 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m2d.m2.ai/v/pg-220518-fa2-nc-86d5133c2abe93c211076929b3bec352.js
Requested by
Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.xmod.article.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-10.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8673bc66033504473e51eec001675c3edea9c9de15de9b10dde11db227eb398c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:20:12 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 10:15:02 GMT
server
AmazonS3
age
509
etag
W/"cfd662ac7e88c0c94a79a5b7297bb2fa"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control
max-age=14400
x-amz-cf-pop
FRA60-P4
timing-allow-origin
*
x-amz-cf-id
T0WS63lmajnC6DQCovjA6Tn7TRaLjH_YYMbgfx94PWbyetQBIq6lDA==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161325/6083/ 		255 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161325/6083/pwt.js
Requested by
Host: xmod.in
URL: https://xmod.in/blog/verify/?08aASc6R
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
836732e9138946f09e64f7db0d9a26d1628cc744a6573bdab72bd397965afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
content-encoding
gzip
last-modified
Wed, 01 Dec 2021 04:42:56 GMT
server
Apache
etag
"17e1ea9-3fc9b-5d20e4ec88b7d"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=33775
accept-ranges
bytes
content-type
text/javascript
content-length
80552
expires
Sat, 16 Jul 2022 05:45:34 GMT
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13522617
Requested by
Host: lwgadm.com
URL: https://lwgadm.com/lw/pbjs?pid=c470e392-a0b9-4f74-888a-12f92fae43f9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
f522106cb8eef17f67ab33bb623590773c6c58f65bfc805fff1f34a0abdf9c75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 17:51:39 GMT
Server
nginx
ETag
W/"5e628dab-2e98"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Cache-Control
max-age=604800, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap4ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Credentials
true
Expires
Fri, 22 Jul 2022 20:22:39 GMT
prebid.js
content.lwgadm.com/hop/6.22.1/ 		505 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.lwgadm.com/hop/6.22.1/prebid.js
Requested by
Host: lwgadm.com
URL: https://lwgadm.com/lw/pbjs?pid=c470e392-a0b9-4f74-888a-12f92fae43f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1000:1b:7f5c:2c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44fa6b2486679a86fa74cfcf8d0fcca80c690fe137757a7833c7cc2d73a9d392

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 08:17:47 GMT
content-encoding
br
age
43493
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 03 May 2022 22:10:26 GMT
server
AmazonS3
etag
W/"45402548561308dfc44e8b4c14dabe39"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=604800, immutable
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
RAnqqwQ6W5rsNIbtR5fBTDKZZ0W-TMyusCwuveSaSY8CjFLNCLURRA==
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: lwgadm.com
URL: https://lwgadm.com/lw/pbjs?pid=c470e392-a0b9-4f74-888a-12f92fae43f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
3f3e0ebd2e286f5c8a1a31596caf7fe9d5d42db6204a047694c82a4f09162428
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28575
x-xss-protection
0
server
sffe
etag
"1274 / 599 of 1000 / last-modified: 1657883192"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Jul 2022 20:22:39 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: xmod.in
URL: https://xmod.in/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://xmod.in
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
252082
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27277
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwzlrBUSdylkCjmybY6H6Ncq5qRVkrXvSAb65NcwUFGqM59%2Fc65vmaFEh%2FnNaN87mLXt1qnblgyWh3TyGNydBaHe%2FeHHyuYPNWoaaVm7%2Ft4CR6rhx9uZC6CEjPkOLSTZgOKAr3t4E7XGQ5YW5H6wT2on"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72b5361f3824bb89-FRA
expires
Wed, 05 Jul 2023 20:22:39 GMT
fb.js
cdn.pubguru.com/ 		1013 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pubguru.com/fb.js
Requested by
Host: xmod.in
URL: https://xmod.in/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:c00:5:3aaa:f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d2ba1afbfd92cba1bed039b1562cfca77e23fdb8df3272c9cb6f51ebb02fa19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
dEl0hjkpHvGrYMHvUnuJgpp9lfixHU0U
content-encoding
gzip
last-modified
Fri, 09 Oct 2020 14:01:06 GMT
server
AmazonS3
age
59469
etag
W/"0275e34e092169e948a69b76ef396f31"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
date
Fri, 15 Jul 2022 03:51:32 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
EB5LSN__0mtSMrlh-ihxlRmnNsN-AjxA0Gcm3jgAbBw75o7KjdcbEg==
pbjs
lwgadm.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lwgadm.com/pbjs?69431965
Requested by
Host: lwgadm.com
URL: https://lwgadm.com/lw/pbjs?pid=c470e392-a0b9-4f74-888a-12f92fae43f9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.12.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-12-89.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
75a4520e5e6cdee5e757e5a7c58fcdd212ecd00940085366e24d080622be6ac7

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
text/plain

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xmod.in
cache-control
no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials
true
content-length
1300
/
a3.pubguru.net/ 		141 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.pubguru.net/?device=desktop&domain=xmod.in
Requested by
Host: m2d.m2.ai
URL: https://m2d.m2.ai/v/pg-220518-fa2-nc-86d5133c2abe93c211076929b3bec352.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.32.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-32-52.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
41b6fbc9b65326331b02575473370ef888ec39a9211c442c3ca0b78f31877d76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
x-content-type-options
nosniff
server
Apache/2.4.29 (Ubuntu)
access-control-allow-origin
https://xmod.in
x-frame-options
DENY
content-type
application/json
x-m2
1
access-control-expose-headers
X-M2, X-Duration
access-control-allow-credentials
true
x-duration
1
vary
Origin
content-length
141
x-xss-protection
1; mode=block
stream
a3.pubguru.net/ 		2 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a3.pubguru.net/stream?beacon=immediate
Requested by
Host: m2d.m2.ai
URL: https://m2d.m2.ai/v/pg-220518-fa2-nc-86d5133c2abe93c211076929b3bec352.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.32.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-32-52.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache/2.4.29 (Ubuntu)
access-control-allow-origin
https://xmod.in
x-frame-options
DENY
content-type
text/plain
x-m2
1
access-control-expose-headers
X-M2, X-Duration
access-control-allow-credentials
true
x-duration
2
vary
Origin,Accept-Encoding
x-xss-protection
1; mode=block
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: m2d.m2.ai
URL: https://m2d.m2.ai/v/pg-220518-fa2-nc-86d5133c2abe93c211076929b3bec352.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f8495f9c073d28c39b5fba3570941fe83294d070b378a40445738bc5337f2d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
server
sffe
etag
"1274 / 620 of 1000 / last-modified: 1657883192"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Jul 2022 20:22:39 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-124607845-15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5191
date
Fri, 15 Jul 2022 18:56:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 15 Jul 2022 20:56:08 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxmod.in%2F&domain=xmod.in&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://xmod.in
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://xmod.in
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 15 Jul 2022 20:22:39 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1113
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxmod.in%2F&domain=xmod.in&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=8HuQb3xJdDFpRGxvL0VnRXlCRlNFdE8zSjE4VkR0eXNkbC92cEdBVncwK1Vtc1Z2UEcvRWdYSnRZakEzV2hyZGlGb1BwUW94dm5lYW8veW1sYWVDTCs2WDlrZHNIaWVlMk9FcG9KdHpiRkpIMTZzbk5xYkRabzhpNzJ6b2...
318 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=8HuQb3xJdDFpRGxvL0VnRXlCRlNFdE8zSjE4VkR0eXNkbC92cEdBVncwK1Vtc1Z2UEcvRWdYSnRZakEzV2hyZGlGb1BwUW94dm5lYW8veW1sYWVDTCs2WDlrZHNIaWVlMk9FcG9KdHpiRkpIMTZzbk5xYkRabzhpNzJ6b2duK1FLZm1uYkUyMTZZbHgyUWVVaUlENFZFLzMvT1pwQktaaUR2L2FUVFFrMFJRcWhCZWxkS0p4NUxHMXNZU1MzeUhuQkNnbXh1b2ZnY0FKM05mR2tGOWF5SldDVWNkenRWK1U5SVFQY3YvMUluY0xhZmZ3PXw&cppv=2
Requested by
Host: xmod.in
URL: https://xmod.in/blog/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
3001ab6d7ce2ff81f63d4a653e691dc780789221c3404ce523fa6dcb5eb4cb01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:38 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3061
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:39 GMT
location
https://mug.criteo.com/sid?cpp=8HuQb3xJdDFpRGxvL0VnRXlCRlNFdE8zSjE4VkR0eXNkbC92cEdBVncwK1Vtc1Z2UEcvRWdYSnRZakEzV2hyZGlGb1BwUW94dm5lYW8veW1sYWVDTCs2WDlrZHNIaWVlMk9FcG9KdHpiRkpIMTZzbk5xYkRabzhpNzJ6b2duK1FLZm1uYkUyMTZZbHgyUWVVaUlENFZFLzMvT1pwQktaaUR2L2FUVFFrMFJRcWhCZWxkS0p4NUxHMXNZU1MzeUhuQkNnbXh1b2ZnY0FKM05mR2tGOWF5SldDVWNkenRWK1U5SVFQY3YvMUluY0xhZmZ3PXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://xmod.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1385
content-length
482
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxmod.in%2F&domain=xmod.in&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://xmod.in
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://xmod.in
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 15 Jul 2022 20:22:38 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1143
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxmod.in%2F&domain=xmod.in&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=e20SAnxQQXowNGJWY1ExMjk5bnZnNVJ0Z2JNSkFhektDaSt6ZkpsWU94WEora2lzbDlzUDNoaVVKL2l3UThJSXlQMUF0blk5dnNoTlJDZ2RseHdTWSt5NzFkbGhyUHpPNUluSEQ5cVVReGhRNmxramVoYktKN1NIa3RmNX...
312 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=e20SAnxQQXowNGJWY1ExMjk5bnZnNVJ0Z2JNSkFhektDaSt6ZkpsWU94WEora2lzbDlzUDNoaVVKL2l3UThJSXlQMUF0blk5dnNoTlJDZ2RseHdTWSt5NzFkbGhyUHpPNUluSEQ5cVVReGhRNmxramVoYktKN1NIa3RmNXFBVmlEZ1FiRTdDMStWNTJ3NEdtbld2QlNPQ1NENjQ2TmpGTm9oRGdsdTBGYzZNMGFRZ01Zb2lRNnhlWlVBV2xSSWwwU0VKZnVQNloxQUNWWmF3UzZodmxRTW5yVzA2YVRieVUzRzQ4T2NtTGkyYllKeitRPXw&cppv=2
Requested by
Host: xmod.in
URL: https://xmod.in/blog/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
67deff8159920f3e5a0c6d56d55b9c351bf879ee0610ec8d87a53716ad30111e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:39 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2510
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:38 GMT
location
https://mug.criteo.com/sid?cpp=e20SAnxQQXowNGJWY1ExMjk5bnZnNVJ0Z2JNSkFhektDaSt6ZkpsWU94WEora2lzbDlzUDNoaVVKL2l3UThJSXlQMUF0blk5dnNoTlJDZ2RseHdTWSt5NzFkbGhyUHpPNUluSEQ5cVVReGhRNmxramVoYktKN1NIa3RmNXFBVmlEZ1FiRTdDMStWNTJ3NEdtbld2QlNPQ1NENjQ2TmpGTm9oRGdsdTBGYzZNMGFRZ01Zb2lRNnhlWlVBV2xSSWwwU0VKZnVQNloxQUNWWmF3UzZodmxRTW5yVzA2YVRieVUzRzQ4T2NtTGkyYllKeitRPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://xmod.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1840
content-length
482
expires
0
pubads_impl_2022071401.js
securepubads.g.doubleclick.net/gpt/ 		377 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068474
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 18:37:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6335
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131659
x-xss-protection
0
last-modified
Thu, 14 Jul 2022 08:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 15 Jul 2023 18:37:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		212 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=xmod.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e00f706b7b43a19ea1a9270ecff634e316fcc89f94811ed01e133b3b753963d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Jul 2022 20:22:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127
x-xss-protection
0
expires
Fri, 15 Jul 2022 20:22:39 GMT
localstore.js
script.4dex.io/ 		483 B
943 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
631366
x-amz-request-id
txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2
txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhRweYUx%2BPPIwBc13Pe7WxmYHC0Kd5HY8sFJFEo%2B8VG1EXmdybyKIe1t4Ww2I05IrXV8mEPUZsZxQyc1bHJSaalgmqIa3rSD%2Bm7TjMWzm8iy4Y0czMQO0YHrg8U70Zeh%2B5zXM4kMIStXM%2ByN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
72b53620dff1901f-FRA
prebid
mp.4dex.io/ 		116 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77a281f8bd4c6a1514a88f6514a94228f7620a7b5eab894e4166af3ee382b11a

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
72b53620ff6f9122-FRA
pragma
no-cache
date
Fri, 15 Jul 2022 20:22:39 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xmod.in
expires
0
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
x-err
Parsing the Prebid Request. site archived
pb
ad.360yield.com/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/pb
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.141.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-141-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://xmod.in
date
Fri, 15 Jul 2022 20:22:39 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
ib.adnxs.com/ut/v3/ 		19 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 20:22:39 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
16ffc292-af9c-4300-a976-7908f02cb122
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://xmod.in
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ghb.adtelligent.com/v2/auction/ 		17 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
0e836b45cbcd5858facf1bb56b2517d30302fbc82a0048ffdc2f3a548874ba50

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Jul 2022 20:22:40 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://xmod.in
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1438
ad
lwgadm.com/ 		130 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lwgadm.com/ad
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.12.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-12-89.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1689fe30a2adbe7c7447b1d13c70f81b85454a425478aee1644eab9db544cc13

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xmod.in
cache-control
no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials
true
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=8HuQb3xJdDFpRGxvL0VnRXlCRlNFdE8zSjE4VkR0eXNkbC92cEdBVncwK1Vtc1Z2UEcvRWdYSnRZakEzV2hyZGlGb1BwUW94dm5lYW8veW1sYWVDTCs2WDlrZHNIaWVlMk9FcG9KdHpiRkpIMTZzbk5xYkRabzhpNzJ6b2duK1FLZm1uYkUyMTZZbHgyUWVVaUlENFZFLzMvT1pwQktaaUR2L2FUVFFrMFJRcWhCZWxkS0p4NUxHMXNZU1MzeUhuQkNnbXh1b2ZnY0FKM05mR2tGOWF5SldDVWNkenRWK1U5SVFQY3YvMUluY0xhZmZ3PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 15 Jul 2022 20:22:39 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1107
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=e20SAnxQQXowNGJWY1ExMjk5bnZnNVJ0Z2JNSkFhektDaSt6ZkpsWU94WEora2lzbDlzUDNoaVVKL2l3UThJSXlQMUF0blk5dnNoTlJDZ2RseHdTWSt5NzFkbGhyUHpPNUluSEQ5cVVReGhRNmxramVoYktKN1NIa3RmNXFBVmlEZ1FiRTdDMStWNTJ3NEdtbld2QlNPQ1NENjQ2TmpGTm9oRGdsdTBGYzZNMGFRZ01Zb2lRNnhlWlVBV2xSSWwwU0VKZnVQNloxQUNWWmF3UzZodmxRTW5yVzA2YVRieVUzRzQ4T2NtTGkyYllKeitRPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 15 Jul 2022 20:22:39 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1162
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
630489
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txdb6812dd2e3e45498e4ea-00629f4c3a
x-amz-id-2
txdb6812dd2e3e45498e4ea-00629f4c3a
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4Rvg6b6fUr1uBT94%2BydrGUljenAP%2F7aub7H0ZbXItUDluLwM4xg1G75ANkCP34pld%2BCAVb5gnAOfeE6w2vfsUL1ndwuou%2Fc6FEV3i%2BVdf5QE9r7Br54uNsGwYQIubYa30QBoyOMw8uWZ4dx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
72b536212bc19131-FRA
access-control-allow-headers
Authorization
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=172268299&t=pageview&_s=1&dl=https%3A%2F%2Fxmod.in%2Fblog%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1943768631&gjid=695683233&cid=1729997736.1657916560&tid=UA-124607845-15&_gid=1761243152.1657916560&_r=1&gtm=2ou7d0&z=597512473
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xmod.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
bids.gif
c.4dex.io/ 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=xmod_300x250_1&evt=init&ts=1657916559577&pv_id=af68b636-b906-4bb0-9f7f-fdda1fbd42cb&amts=ban&asizes=300x250&url=https%3A%2F%2Fxmod.in%2Fblog%2F&auct_id=c350a6bb-3fce-4c16-94c4-9e668cbb894f&auct_start=1657916559461&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1657916557381&partid=2022071520&bidders=adagio%2CappnexusAst%2Cadtelligent%2Clivewrapped%2Csmilewanted&cpm=%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C&cur=%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C&ttr=%2C%2C%2C%2C&bttr=%2C%2C%2C%2C&sts=%2C%2C%2C%2C&w=%2C%2C%2C%2C&h=%2C%2C%2C%2C&deal=%2C%2C%2C%2C&timeout=%2C%2C%2C%2C&won=%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C&mt=%2C%2C%2C%2C&cat=&dvc=&env=&org_id=1206&pgtyp=&plcmt=xmod.com_300x250_DK&site=xmod-in&subcat=&os=&brwsr=&u_ts=1657916559&adgjsv=1.15.0
Requested by
Host: xmod.in
URL: https://xmod.in/blog/verify/?08aASc6R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=xmod_300x250_2&evt=init&ts=1657916559577&pv_id=af68b636-b906-4bb0-9f7f-fdda1fbd42cb&amts=ban&asizes=300x250&url=https%3A%2F%2Fxmod.in%2Fblog%2F&auct_id=c350a6bb-3fce-4c16-94c4-9e668cbb894f&auct_start=1657916559461&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1657916557381&partid=2022071520&bidders=adagio%2CappnexusAst%2Cadtelligent%2Clivewrapped%2Csmilewanted&cpm=%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C&cur=%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C&ttr=%2C%2C%2C%2C&bttr=%2C%2C%2C%2C&sts=%2C%2C%2C%2C&w=%2C%2C%2C%2C&h=%2C%2C%2C%2C&deal=%2C%2C%2C%2C&timeout=%2C%2C%2C%2C&won=%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C&mt=%2C%2C%2C%2C&cat=&dvc=&env=&org_id=1206&pgtyp=&plcmt=xmod.com_300x250_DK&site=xmod-in&subcat=&os=&brwsr=&u_ts=1657916559&adgjsv=1.15.0
Requested by
Host: xmod.in
URL: https://xmod.in/blog/verify/?08aASc6R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=xmod_300x250_3&evt=init&ts=1657916559577&pv_id=af68b636-b906-4bb0-9f7f-fdda1fbd42cb&amts=ban&asizes=300x250&url=https%3A%2F%2Fxmod.in%2Fblog%2F&auct_id=c350a6bb-3fce-4c16-94c4-9e668cbb894f&auct_start=1657916559461&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1657916557381&partid=2022071520&bidders=adagio%2CappnexusAst%2Cadtelligent%2Clivewrapped%2Csmilewanted&cpm=%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C&cur=%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C&ttr=%2C%2C%2C%2C&bttr=%2C%2C%2C%2C&sts=%2C%2C%2C%2C&w=%2C%2C%2C%2C&h=%2C%2C%2C%2C&deal=%2C%2C%2C%2C&timeout=%2C%2C%2C%2C&won=%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C&mt=%2C%2C%2C%2C&cat=&dvc=&env=&org_id=1206&pgtyp=&plcmt=xmod.com_300x250_DK&site=xmod-in&subcat=&os=&brwsr=&u_ts=1657916559&adgjsv=1.15.0
Requested by
Host: xmod.in
URL: https://xmod.in/blog/verify/?08aASc6R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=xmod_300x250_4&evt=init&ts=1657916559577&pv_id=af68b636-b906-4bb0-9f7f-fdda1fbd42cb&amts=ban&asizes=300x250&url=https%3A%2F%2Fxmod.in%2Fblog%2F&auct_id=c350a6bb-3fce-4c16-94c4-9e668cbb894f&auct_start=1657916559461&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1657916557381&partid=2022071520&bidders=adagio%2CappnexusAst%2Cadtelligent%2Clivewrapped%2Csmilewanted&cpm=%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C&cur=%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C&ttr=%2C%2C%2C%2C&bttr=%2C%2C%2C%2C&sts=%2C%2C%2C%2C&w=%2C%2C%2C%2C&h=%2C%2C%2C%2C&deal=%2C%2C%2C%2C&timeout=%2C%2C%2C%2C&won=%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C&mt=%2C%2C%2C%2C&cat=&dvc=&env=&org_id=1206&pgtyp=&plcmt=xmod.com_300x250_DK&site=xmod-in&subcat=&os=&brwsr=&u_ts=1657916559&adgjsv=1.15.0
Requested by
Host: xmod.in
URL: https://xmod.in/blog/verify/?08aASc6R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=xmod_desktop-728x90-atf-dk&evt=init&ts=1657916559577&pv_id=af68b636-b906-4bb0-9f7f-fdda1fbd42cb&amts=ban&asizes=728x90&url=https%3A%2F%2Fxmod.in%2Fblog%2F&auct_id=c350a6bb-3fce-4c16-94c4-9e668cbb894f&auct_start=1657916559461&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1657916557381&partid=2022071520&bidders=adagio%2Cimprovedigital%2CappnexusAst%2Cadtelligent%2Clivewrapped%2Csmilewanted&cpm=%2C%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C&bttr=%2C%2C%2C%2C%2C&sts=%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C&cat=&dvc=&env=&org_id=1206&pgtyp=&plcmt=xmod.in_728x90_ATF_DK&site=xmod-in&subcat=&os=&brwsr=&u_ts=1657916559&adgjsv=1.15.0
Requested by
Host: xmod.in
URL: https://xmod.in/blog/verify/?08aASc6R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=xmod_desktop-728x90-atf-dk_1&evt=init&ts=1657916559577&pv_id=af68b636-b906-4bb0-9f7f-fdda1fbd42cb&amts=ban&asizes=728x90&url=https%3A%2F%2Fxmod.in%2Fblog%2F&auct_id=c350a6bb-3fce-4c16-94c4-9e668cbb894f&auct_start=1657916559461&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1657916557381&partid=2022071520&bidders=adagio%2Cimprovedigital%2CappnexusAst%2Cadtelligent%2Clivewrapped%2Csmilewanted&cpm=%2C%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C&bttr=%2C%2C%2C%2C%2C&sts=%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C&cat=&dvc=&env=&org_id=1206&pgtyp=&plcmt=xmod.in_728x90_ATF_DK&site=xmod-in&subcat=&os=&brwsr=&u_ts=1657916559&adgjsv=1.15.0
Requested by
Host: xmod.in
URL: https://xmod.in/blog/verify/?08aASc6R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=xmod_desktop-com-300x600-dk_1&evt=init&ts=1657916559577&pv_id=af68b636-b906-4bb0-9f7f-fdda1fbd42cb&amts=ban&asizes=300x600&url=https%3A%2F%2Fxmod.in%2Fblog%2F&auct_id=c350a6bb-3fce-4c16-94c4-9e668cbb894f&auct_start=1657916559461&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1657916557381&partid=2022071520&bidders=adagio%2CappnexusAst%2Cadtelligent%2Clivewrapped%2Csmilewanted&cpm=%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C&cur=%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C&ttr=%2C%2C%2C%2C&bttr=%2C%2C%2C%2C&sts=%2C%2C%2C%2C&w=%2C%2C%2C%2C&h=%2C%2C%2C%2C&deal=%2C%2C%2C%2C&timeout=%2C%2C%2C%2C&won=%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C&mt=%2C%2C%2C%2C&cat=&dvc=&env=&org_id=1206&pgtyp=&plcmt=xmod.com_300x600_DK&site=xmod-in&subcat=&os=&brwsr=&u_ts=1657916559&adgjsv=1.15.0
Requested by
Host: xmod.in
URL: https://xmod.in/blog/verify/?08aASc6R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
-1
bids.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=xmod_desktop-300x250-btf-dk&evt=init&ts=1657916559577&pv_id=af68b636-b906-4bb0-9f7f-fdda1fbd42cb&amts=ban&asizes=300x250&url=https%3A%2F%2Fxmod.in%2Fblog%2F&auct_id=c350a6bb-3fce-4c16-94c4-9e668cbb894f&auct_start=1657916559461&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1657916557381&partid=2022071520&bidders=adagio%2Cimprovedigital%2CappnexusAst%2Cadtelligent%2Clivewrapped%2Csmilewanted&cpm=%2C%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C&bttr=%2C%2C%2C%2C%2C&sts=%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C&cat=&dvc=&env=&org_id=1206&pgtyp=&plcmt=xmod.in_300x250_BTF_DK&site=xmod-in&subcat=&os=&brwsr=&u_ts=1657916559&adgjsv=1.15.0
Requested by
Host: xmod.in
URL: https://xmod.in/blog/verify/?08aASc6R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:39 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
-1
110220698
fundingchoicesmessages.google.com/i/ 		105 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/110220698?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js?cb=31068474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d79e8cfc6326fc43f865d3f6b101ce3c95a2fce600d4cab1d30f9fc0abca60c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oXytAg9p1ZLtYP8elFJWJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-oXytAg9p1ZLtYP8elFJWJw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-oXytAg9p1ZLtYP8elFJWJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-oXytAg9p1ZLtYP8elFJWJw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Fri, 15 Jul 2022 20:22:39 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVu2_zqp7YKfiW9DyWU6ddp2BrcBB7_MXGw5UqwW3ndh3dqzChnzmqArjTJilY6aa75WD02ql11MFCqxxgsN4E=
fundingchoicesmessages.google.com/f/ 		553 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVu2_zqp7YKfiW9DyWU6ddp2BrcBB7_MXGw5UqwW3ndh3dqzChnzmqArjTJilY6aa75WD02ql11MFCqxxgsN4E=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjU3OTE2NTU5LDg4MTAwMDAwMF0sIjEzODJFMTlFLTBBNEQtNDgzNS1CMUM4LTAyODQxN0UwNDEwNSIsIjgzODEyRjhFLTU0MjQtNEQyMy1CNDRBLTVGRDgyOUY0NDBENCIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3htb2QuaW4vYmxvZy8iLG51bGwsW11d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.NwfEAMvVWdk.es5.O/d=1/rs=AJlcJMyvY2xefUWlQ43_jEBVJokF3UyZpA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e7a4a45f43098618932a2503eb64f614ea37c920bb1c9427bd9aad5bea0892d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-71IxRr73PsPLwGu-6tsMcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-71IxRr73PsPLwGu-6tsMcg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-71IxRr73PsPLwGu-6tsMcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-71IxRr73PsPLwGu-6tsMcg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
date
Fri, 15 Jul 2022 20:22:40 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
stream
a3.pubguru.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a3.pubguru.net/stream?beacon=test
Requested by
Host: m2d.m2.ai
URL: https://m2d.m2.ai/v/pg-220518-fa2-nc-86d5133c2abe93c211076929b3bec352.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.32.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-32-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
css
fonts.googleapis.com/ 		60 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.KPYsJ_4ZZwk.es5.O/d=1/rs=AJlcJMwWTK78cfoVzrIG8AvMnoDRwroS6w/m=iabtcfv2wallscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
453cb626531e259d7b31435effa360042fd6e46eb27e2269a3764e67b026662e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 20:22:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 15 Jul 2022 20:22:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Jul 2022 20:22:40 GMT
08lkjrFGjjlBpADx7v5qtBXLN78xq8p4DP0swU0b5Z_sHK4X7LvATFTVa4VFdZd_LbVa0ZUGZK5zbyi2fGYbjYEAI87KYMVoVSwDfFF0Gfls3In1kLw=h60
lh3.googleusercontent.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/08lkjrFGjjlBpADx7v5qtBXLN78xq8p4DP0swU0b5Z_sHK4X7LvATFTVa4VFdZd_LbVa0ZUGZK5zbyi2fGYbjYEAI87KYMVoVSwDfFF0Gfls3In1kLw=h60
Requested by
Host: xmod.in
URL: https://xmod.in/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
65f361c3a20d2c3d5176c9e2c8cead8b8f3ad6ed865b3cbd7b86b68e80c48558
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 17:09:17 GMT
x-content-type-options
nosniff
age
11603
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9031
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 17 May 2022 19:05:28 GMT
AGSKWxUGF3nc4r1j7cbdtsPcmQpCcvOnmygAtyqGHRGMo-7WqiAQy6uHPoJ-Ytp0eg1HpcXObj0nhC4ZNb3XnPypZadqSN7RdOQIta0U02phQ-y2qDBZ_r2Ud_U0o_zTuq3LJ_eQkcqHoxgzyXscRowrptXifl0gXCFYufl0OMRoIopDwXTfhj756T5y4whJ
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUGF3nc4r1j7cbdtsPcmQpCcvOnmygAtyqGHRGMo-7WqiAQy6uHPoJ-Ytp0eg1HpcXObj0nhC4ZNb3XnPypZadqSN7RdOQIta0U02phQ-y2qDBZ_r2Ud_U0o_zTuq3LJ_eQkcqHoxgzyXscRowrptXifl0gXCFYufl0OMRoIopDwXTfhj756T5y4whJ?dmid=62303df8ec63c89d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.KPYsJ_4ZZwk.es5.O/d=1/rs=AJlcJMwWTK78cfoVzrIG8AvMnoDRwroS6w/m=iabtcfv2wallscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-78JyNpDRDeJnRNjNJm-lyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-78JyNpDRDeJnRNjNJm-lyA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Jul 2022 20:22:40 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://xmod.in
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-78JyNpDRDeJnRNjNJm-lyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-78JyNpDRDeJnRNjNJm-lyA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v134/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v134/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18d2477bb4ab72de48e44c52840b2e37a9a4f07f6bf9feefa9155ff0d4dcbce6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xmod.in
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 01:30:13 GMT
x-content-type-options
nosniff
age
154347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127960
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 21:29:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Jul 2023 01:30:13 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xmod.in
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 23:32:09 GMT
x-content-type-options
nosniff
age
334231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 23:32:09 GMT
beacon
vpod1q.qa.lijit.com/ Frame 28D4 		0
0
899.json
id5-sync.com/g/v2/ 		213 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/899.json
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216534.ip-141-95-98.eu
Software
/
Resource Hash
fa2852db9d46c271178d6ffa520163825dd38689cefdd3aaf74002828e0105f9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://xmod.in
date
Fri, 15 Jul 2022 20:22:40 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
d
ic.tynt.com/r/ Frame CCE2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://xmod.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Fri, 15 Jul 2022 20:22:41 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
/
onetag-sys.com/usync/ Frame 2AB9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?redir=https%3a%2f%2flwgadm.com%2fusermatch%2fpl%3fcb%3d637935133594857197%26bid%3d08d9af6e-a576-4661-84a3-a194f4d4c613%26lwuid%3decde500820c6487c84a7e5b68fb3a8dd%26buid%3d${USER_TOKEN}
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://xmod.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1400 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://xmod.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51001
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:41 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Jul 2022 10:32:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 3A09
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7381999337586498764
0
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7381999337586498764
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xmod.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Fri, 15 Jul 2022 20:22:41 GMT
Etag
16ec006d2f0b7801
Server
VertaMedia 1.0

Redirect headers

AN-X-Request-Uuid
feb696f6-138c-40f9-b604-d92de078509a
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Jul 2022 20:22:41 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7381999337586498764
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
sync.html
s.adtelligent.com/ Frame CF65 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:506:0:ec4:7aff:fec2:7e6e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef

Request headers

Referer
https://xmod.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://xmod.in
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
783
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
ads.us.e-planning.net/uspd/1/ Frame 1673
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
603694e2d3698acbc0ca005a076257ffb39694f2aa5a4ac26ee6a978c146dfbd

Request headers

Referer
https://xmod.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 20:22:41 GMT
expires
Fri, 15 Jul 2022 20:22:41 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-603

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Fri, 15 Jul 2022 20:22:41 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-603
csync
sync.adtelligent.com/ Frame 5433
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=e753e907-8c4c-482d-beda-63bdf8024e41
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=e753e907-8c4c-482d-beda-63bdf8024e41
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xmod.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Fri, 15 Jul 2022 20:22:41 GMT
Etag
16ec006d2f0b7801
Server
VertaMedia 1.0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72b5362b5ce69125-FRA
content-length
0
date
Fri, 15 Jul 2022 20:22:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=e753e907-8c4c-482d-beda-63bdf8024e41
server
cloudflare
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1AC5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://xmod.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
56626
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 15 Jul 2022 20:22:41 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 11 Jul 2022 04:38:47 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3, 770610
X-Served-By
cache-lga21938-LGA, cache-hhn4063-HHN
X-Timer
S1657916561.171614,VS0,VE0
/
onetag-sys.com/usync/ Frame E838 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://xmod.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.html
s.console.adtarget.com.tr/ Frame 5602 		1 KB
994 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.145.146 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://xmod.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://xmod.in
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
csync.smilewanted.com/ Frame CBEC 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
459bbb4f20da99d4483ee081a401d40d810393099db5381b92e91c33b9d2cd39

Request headers

Referer
https://xmod.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72b5362b3acb5c5c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
sync.html
s.adtelligent.com/ Frame E464 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=656378
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:506:0:ec4:7aff:fec2:7e6e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
56c924f8414c1a606b7caf2a58ab168ae053dacfee0cfd586fb23d805a4f85a8

Request headers

Referer
https://xmod.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://xmod.in
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1275
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
Adtelligent
X-Robots-Tag
noindex
pl
lwgadm.com/usermatch/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2flwgadm.com%2fusermatch%2fpl%3fcb%3d637935133594857197%26bid%3d03485854-5ae2-43d5-8d5d-cfe9b12ac08c%26lwuid%3decde500820c6487c84a7e5b68fb3a8dd%26buid%3d$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252flwgadm.com%252fusermatch%252fpl%253fcb%253d637935133594857197%2526bid%253d03485854-5ae2-43d5-8d5d-cfe9b12ac08c%2526lwuid%253decde500820c6...
  • https://lwgadm.com/usermatch/pl?cb=637935133594857197&bid=03485854-5ae2-43d5-8d5d-cfe9b12ac08c&lwuid=ecde500820c6487c84a7e5b68fb3a8dd&buid=4207215395475228676
70 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lwgadm.com/usermatch/pl?cb=637935133594857197&bid=03485854-5ae2-43d5-8d5d-cfe9b12ac08c&lwuid=ecde500820c6487c84a7e5b68fb3a8dd&buid=4207215395475228676
Protocol
H2
Server
18.159.12.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-12-89.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
cache-control
no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 20:22:41 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
cc2215a7-672f-4c01-b5de-814069a8c827
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://lwgadm.com/usermatch/pl?cb=637935133594857197&bid=03485854-5ae2-43d5-8d5d-cfe9b12ac08c&lwuid=ecde500820c6487c84a7e5b68fb3a8dd&buid=4207215395475228676
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pl
lwgadm.com/usermatch/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3a%2f%2flwgadm.com%2fusermatch%2fpl%3fcb%3d637935133594857197%26bid%3d094c0db2-5ca2-43f2-be9b-500255dd1cfd%26lwuid%3decde500820c6487c84a7...
  • https://lwgadm.com/usermatch/pl?cb=637935133594857197&bid=094c0db2-5ca2-43f2-be9b-500255dd1cfd&lwuid=ecde500820c6487c84a7e5b68fb3a8dd&buid=f103ff3f-2d6c-42a2-986c-1ad06039974e&gdpr=&gdpr_consent=&u...
70 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lwgadm.com/usermatch/pl?cb=637935133594857197&bid=094c0db2-5ca2-43f2-be9b-500255dd1cfd&lwuid=ecde500820c6487c84a7e5b68fb3a8dd&buid=f103ff3f-2d6c-42a2-986c-1ad06039974e&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
18.159.12.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-12-89.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xmod.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
cache-control
no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
70
content-type
image/gif

Redirect headers

location
https://lwgadm.com/usermatch/pl?cb=637935133594857197&bid=094c0db2-5ca2-43f2-be9b-500255dd1cfd&lwuid=ecde500820c6487c84a7e5b68fb3a8dd&buid=f103ff3f-2d6c-42a2-986c-1ad06039974e&gdpr=&gdpr_consent=&us_privacy=
date
Fri, 15 Jul 2022 20:22:41 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 1400 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32154667&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent={gdpr_consent}&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:40 GMT
content-length
0
async_usersync
ib.adnxs.com/ Frame 1AC5 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 20:22:41 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
1ff4d62e-31dd-445a-a75e-6aaef4ceb746
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame CBEC 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1325702
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
72b5362b9b6e5c5c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
pixelSync
pixel.sitescout.com/dmp/ Frame 1673 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D3df11b39b0572227
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:40 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
ptag
a.audrte.com/ Frame 1673 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8b3e4df901ea90b1fca9ae2a125401ce501fd86ceab9ff70e33e1c425ba70bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:41 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 1673 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:40 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 14 Jul 2027 20:22:40 GMT
um
u-ams02.e-planning.net/ Frame 1673
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D3df11b39b0572227%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=3df11b39b0572227&uid=4207215395475228676
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=3df11b39b0572227&uid=4207215395475228676
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 20:22:41 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
f5a04df9-d94f-4f41-a711-5d520f32ee5f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=3df11b39b0572227&uid=4207215395475228676
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 09FA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 20:22:41 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 15 Jul 2022 20:22:41 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E235 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D3df11b39b0572227%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51001
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:41 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Jul 2022 10:32:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
r.casalemedia.com/ Frame 1D27
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3df11b39b0572227%26uid%3D
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3df11b39b0572227%26uid%3D&s=190243&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3df11b39b0572227%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
358e288f0136077a73737fa91447ece4647cef4b00332161f2ed5c6fb5363631

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
72b5362c8bef9060-FRA
content-encoding
br
content-type
text/html
date
Fri, 15 Jul 2022 20:22:41 GMT
dropped-udsids
45|241|230|39|111|130|191|3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qrKCTFXRzEscbFeTwfckNys6BX0gsLLvRatzhlXMpF9RKnvh07ET177jnQxGbol1Mhq1heq0Hib6IdCxyQTeyUgtdro7ajKKFi0vTZO4wuB9UTw%2Faw3Fl5PCB5BSZKkGXpX"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
72b5362bf96d908a-FRA
content-type
text/html; charset=iso-8859-1
date
Fri, 15 Jul 2022 20:22:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3df11b39b0572227%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EChgAio852fKxXmqc064XbehBJcWuFJVypnr5hCFvzlt2gZkT8xhm9lK9NZ5Sa%2F8a%2BOEy9zTnY9BDERjRO%2FyVK%2Bqa2M8irqW4UFftp4n3OPgsltDtynaw0hlq%2FdiPoIRc82W6vc1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 50E4 		1 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
137109
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Fri, 15 Jul 2022 20:22:41 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
4d45ac5e6935aa1248939c2ab9b50f23
x-cf-tsc
1653097467
x-cf1
29080:fA.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 1EE7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame DCE2 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28947e3d7cb9cb098e4927627e82e6a7842b1c7e6b7f70837445d9cfe15d1244

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
72b5362beef5bb4d-FRA
content-encoding
br
content-type
text/html
date
Fri, 15 Jul 2022 20:22:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
drop_cookie_sw.php
csync.smilewanted.com/ Frame 5BC9 		0
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72b5362bdbd75c5c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
TYiIML05Xc7j5Y29ag3V
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 264E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/TYiIML05Xc7j5Y29ag3V?pi=smilewanted&tc=1
0
389 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/TYiIML05Xc7j5Y29ag3V?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72b5362c4cc35c5c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 15 Jul 2022 20:22:41 GMT Fri, 15 Jul 2022 20:22:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/TYiIML05Xc7j5Y29ag3V?pi=smilewanted&tc=1
pragma
no-cache
usync.js
eus.rubiconproject.com/ Frame 09FA 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42230
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Sat, 16 Jul 2022 08:06:31 GMT
setuid
ib.adnxs.com/prebid/ Frame 7602
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=fca94c6531e5d3a2822f1b69d37f89d2
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=fca94c6531e5d3a2822f1b69d37f89d2
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
a45e8f69-cd0d-4e7a-a322-e9a244ec056b
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 15 Jul 2022 20:22:41 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72b5362c2c825c5c-FRA
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=fca94c6531e5d3a2822f1b69d37f89d2
server
cloudflare
getuid
ib.adnxs.com/ Frame DCE2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame DCE2 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame DCE2
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=48de9396-9d08-415a-9c11-41663e45bb93&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=48de9396-9d08-415a-9c11-41663e45bb93&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72b5362dca7fbb4d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=48de9396-9d08-415a-9c11-41663e45bb93&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame DCE2 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame DCE2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D51c68854-b20f-455a-4167-3a1645d4292b%26reqId%3D48f24635-d29b-47f8-4cc9-09712dcb623f%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame DCE2 		0
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 varnish
server
nginx
x-timer
S1657916561.388354,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn4023-HHN
u
dmp.v.fwmrm.net/ad/ Frame DCE2 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f01:46b:43f6:5ec6:edd4 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 20:22:41 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame DCE2 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D51c68854-b20f-455a-4167-3a1645d4292b%26reqId%3D48f24635-d29b-47f8-4cc9-09712dcb623f%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame DCE2
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=d3021c63-9639-4cc8-8efb-2f980ddcb2b5&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=d3021c63-9639-4cc8-8efb-2f980ddcb2b5&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72b5362dca6abb4d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=d3021c63-9639-4cc8-8efb-2f980ddcb2b5&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame DCE2
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=51c68854-b20f-455a-4167-3a1645d4292b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=51c68854-b20f-455a-4167-3a1645d4292b&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=64378499865961631433371372573344658048&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=64378499865961631433371372573344658048&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72b5362d9a32bb4d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v036-0b9ed301b.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
PWDVWb4HRV0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=64378499865961631433371372573344658048&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame DCE2 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame DCE2
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=51c68854-b20f-455a-4167-3a1645d4292b&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022071601-58493-0.832731001657928912-c1340ba7c97ab19a55a8725ee874e560&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022071601-58493-0.832731001657928912-c1340ba7c97ab19a55a8725ee874e560&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72b5362d396ebb4d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022071601-58493-0.832731001657928912-c1340ba7c97ab19a55a8725ee874e560&zdid=533&env=mWeb
Date
Fri, 15 Jul 2022 23:48:32 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame DCE2
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7120697409005287563&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7120697409005287563&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72b5362d294fbb4d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7120697409005287563&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame DCE2
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=51c68854-b20f-455a-4167-3a1645d4292b
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=51c68854-b20f-455a-4167-3a1645d4292b
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=51c68854-b20f-455a-4167-3a1645d4292b
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=51c68854-b20f-455a-4167-3a1645d4292b
date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame DCE2
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=51c68854-b20f-455a-4167-3a1645d4292b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=51c68854-b20f-455a-4167-3a1645d4292b&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=sOKcN/wiold9g10rz09Fre&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=sOKcN/wiold9g10rz09Fre&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72b5362e0ad3bb4d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:40 GMT
via
1.1 google
last-modified
Fri, 15 Jul 2022 20:22:41 GMT
server
Weborama Collect Frontend
location
https://mwzeom.zeotap.com/mw?webouuid=sOKcN/wiold9g10rz09Fre&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame DCE2 		36 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=51c68854-b20f-455a-4167-3a1645d4292b&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-length
36
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame DCE2
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=51c68854-b20f-455a-4167-3a1645d4292b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventTyp...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=51c68854-b20f-455a-4167-3a1645d4292b?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eve...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72b5362dca7dbb4d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
expires
0
cache-control
no-cache
x-server
10.45.22.88
content-length
0
x-consent
absent
mw
mwzeom.zeotap.com/ Frame DCE2
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-CZR5.DdE2oqrhvpzDYAePO4DtuzOQrWMFw--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-CZR5.DdE2oqrhvpzDYAePO4DtuzOQrWMFw--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72b5362e2b19bb4d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Fri, 15 Jul 2022 20:22:41 GMT
via
http/1.1 spdc0105.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-CZR5.DdE2oqrhvpzDYAePO4DtuzOQrWMFw--~A&zpartnerid=570&env=mWeb
content-length
0
mw
mwzeom.zeotap.com/ Frame DCE2
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=KXNKX461uPfdA43c4POicTe6R3szFP9%2F%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=KXNKX461uPfdA43c4POicTe6R3szFP9%2F%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72b5362dca6ebb4d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=KXNKX461uPfdA43c4POicTe6R3szFP9%2F%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
usermatch.gif
beacon.krxd.net/ Frame DCE2 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.136.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-136-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
cache-control
private, no-cache, no-store
x-request-time
D=41 t=1657916561
x-served-by
beacon-n003-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame DCE2 		95 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=51c68854-b20f-455a-4167-3a1645d4292b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
168.119.79.223 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.223.79.119.168.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame DCE2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YtHMkQAQjpG6MAAo&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-097...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YtHMkQAQjpG6MAAo&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361&_test=YtHMkQAQjpG6MAAo
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72b5362ebc4abb4d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 varnish
server
Varnish
x-timer
S1657916562.713195,VS0,VE0
x-served-by
cache-hhn4061-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YtHMkQAQjpG6MAAo&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361&_test=YtHMkQAQjpG6MAAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame DCE2
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=3cb862d1-cc91-4800-9395-4bc91801e5bc&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f2463...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=3cb862d1-cc91-4800-9395-4bc91801e5bc&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72b5362f7dc4bb4d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
MT3 4475 c1dc35a master hkg-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=3cb862d1-cc91-4800-9395-4bc91801e5bc&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 15 Jul 2022 20:22:40 GMT
usermatch.gif
beacon.krxd.net/ Frame DCE2
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
63.33.136.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-136-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1657916561
x-served-by
beacon-n005-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
date
Fri, 15 Jul 2022 20:22:41 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a012-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame DCE2
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=51c68854-b20f-455a-4167-3a1645d4292b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-416...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=51c68854-b20f-455a-4167-3a1645d4292b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-416...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=51c68854-b20f-455a-4167-3a1645d4292b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 20:22:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Z6CP1TB52WZAT8RE5JPA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 20:22:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CGAKRCVYXK044ND4A9GD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=51c68854-b20f-455a-4167-3a1645d4292b&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame DCE2 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=51c68854-b20f-455a-4167-3a1645d4292b&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame DCE2
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D51c...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72b5362edc87bb4d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
date
Fri, 15 Jul 2022 20:22:41 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame DCE2 		557 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85c43996ec132b0003edd903d38b2ef161252fd35d39959a56074d37bad8f9b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72b5362c8822bb4d-FRA
date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
connectmyusers.php
cdn.connectad.io/ Frame 4707 		1 KB
910 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72b5362cc8e39b57-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
cmp
spl.zeotap.com/ Frame DCE2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
72b5362cb86abb4d-FRA
date
Fri, 15 Jul 2022 20:22:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
getuid
sync.smartadserver.com/ Frame 8B1D
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Fri, 15 Jul 2022 20:22:40 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Fri, 15 Jul 2022 20:22:41 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
899.json
id5-sync.com/g/v2/ 		212 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/899.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161325/6083/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216534.ip-141-95-98.eu
Software
/
Resource Hash
88a3e1fdc393a8f54877984a9e6fcfcf497fddb356ee713efb8a0d87a865cb51
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://xmod.in
date
Fri, 15 Jul 2022 20:22:41 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		63 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161325/6083/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
7469addd832e35dc873c74bc553919b343183198dc2f8caeb2338d8013c7a645

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://xmod.in
cache-control
no-cache
x-server
10.45.8.177
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		63 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161325/6083/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
ffeccdeba08a69d3bf14386c86e0b3d6e44d721a394cacf024a9b24543a18225

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xmod.in
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sun, 14 Aug 2022 20:22:41 GMT
899.json
id5-sync.com/g/v2/ 		213 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/899.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161325/6083/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216534.ip-141-95-98.eu
Software
/
Resource Hash
d121b3ce7fe2ffccc038fb549f4e8891c2345bdccef0762a9ae4f15d455df7e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://xmod.in
date
Fri, 15 Jul 2022 20:22:41 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		63 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161325/6083/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
540dfac5a47581c15ca5d9f3c4704d56d834fabd633796b4b911db0ffe3aea42

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://xmod.in
cache-control
no-cache
x-server
10.45.14.188
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		63 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161325/6083/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
ffeccdeba08a69d3bf14386c86e0b3d6e44d721a394cacf024a9b24543a18225

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xmod.in
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sun, 14 Aug 2022 20:22:41 GMT
crum
dsum-sec.casalemedia.com/ Frame 1D27
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YtHMkXhdfb48Dfcq3rMpVgAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YtHMkXhdfb48Dfcq3rMpVgAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJVuUnJTE8eTlsJ4qvVs9jQ&google_cver=1&gdpr=1
43 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJVuUnJTE8eTlsJ4qvVs9jQ&google_cver=1&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3df11b39b0572227%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72b5362e8a4b6961-FRA
pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4i1dPIS9ndYdVBQT2SkC%2BX1xYAOrTLWCuDzOk%2BqdRpIoBeK5o4woK2MxRS8bE4Zu9O6SJFFoBJnyV%2BMKL37BvWlzSj%2BQK5FkdoMwvSKGfUcIPXkS2N1M%2FscgZYNySKVlYstGTXTi%2FDdDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJVuUnJTE8eTlsJ4qvVs9jQ&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 1D27
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtHMkXhdfb48Dfcq3rMpVgAABIcAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtHMkXhdfb48Dfcq3rMpVgAABIcAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtHMkXhdfb48Dfcq3rMpVgAABIcAAAAB&dcc=t
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3df11b39b0572227%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 20:22:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YKPZ3PYJ7VZVN2V9DBF3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 20:22:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TBM5RRKRKTMTBTZMRBAY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtHMkXhdfb48Dfcq3rMpVgAABIcAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1D27 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YtHMkXhdfb48Dfcq3rMpVgAABIcAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3df11b39b0572227%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 1D27 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3df11b39b0572227%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
match
c1.adform.net/serving/cookie/ Frame 1D27 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3df11b39b0572227%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 1D27
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACmaU7Fo5kAAGAWQElzCA&expiration=1659126161&gdpr=1
43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACmaU7Fo5kAAGAWQElzCA&expiration=1659126161&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3df11b39b0572227%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72b5362e29c46961-FRA
pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18KGyHckv8pCLeNx%2FY74QrTapyBQ8hzlZ1c288daIN52EDIfG01PDJOmZ48dDGynE1ecK%2FOrTG%2B1hR36dOR4T2S2qL6PBiZCgSI8%2BTMm%2B7%2F8hDlCEDitJOyqqWTEMoIbbPmIRTYfjxAXnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACmaU7Fo5kAAGAWQElzCA&expiration=1659126161&gdpr=1
Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame 1D27
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3bb84ffc-7f5c-eba0-177efa75
43 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3bb84ffc-7f5c-eba0-177efa75
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3df11b39b0572227%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72b5362e29c66961-FRA
pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ei9uIM53IGDU1B9OqelAy78IYQeN%2FbCvk1vep2ygjZ2dMlePN59On2qd4DKSqXnZo1NzmVE3Ecx2LThndit9VhzfkXCJBjg%2F5CnXPPxO2MwkTnGuKZKGZ5SPq9NEg9GMJsavAYJognMfjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
server
nginx/1.22.0
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3bb84ffc-7f5c-eba0-177efa75
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
crum
dsum-sec.casalemedia.com/ Frame 1D27
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3cb862d1-cc91-4800-9395-4bc91801e5bc&gdpr=1&gdpr_consent=
43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3cb862d1-cc91-4800-9395-4bc91801e5bc&gdpr=1&gdpr_consent=
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3df11b39b0572227%26uid%3D&s=190243&C=1
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72b5362d5ceebb65-FRA
pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEDk1HWRQ23e8p3yf28nQ49QotBB5PTwlDh%2F0vaC6qrmRp379SteJa6CvXxfBUsSVZK0MGAOL9BAv%2Bu1rV7fnmCD0SPL9ijMhZVqmCYW94iieBQ2eodq1x4ViFVCcIeJGsdus5UaaEnbZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
MT3 4475 c1dc35a master cdg-pixel-x13 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=3cb862d1-cc91-4800-9395-4bc91801e5bc&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 15 Jul 2022 20:22:40 GMT
um
u-ams02.e-planning.net/ Frame 1D27 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=3df11b39b0572227&uid=YtHMkXhdfb48Dfcq3rMpVgAA%261159
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D3df11b39b0572227%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
server
openresty
content-type
image/gif
3524da36-7c36-4944-be3e-02a30146b9e9&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 356E
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/3524da36-7c36-4944-be3e-02a30146b9e9&partner_id=1010
0
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/3524da36-7c36-4944-be3e-02a30146b9e9&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72b5362d6ee65c5c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Fri, 15 Jul 2022 20:22:41 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/3524da36-7c36-4944-be3e-02a30146b9e9&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
1
sync-eu.connectad.io/syncer/ Frame 02FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
72b5362d39919b57-FRA
date
Fri, 15 Jul 2022 20:22:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
sync.php
pixel.rubiconproject.com/exchange/ Frame 5AF4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BBF1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51001
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:41 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Jul 2022 10:32:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
10
lwgadm.com/analytics/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lwgadm.com/analytics/10
Requested by
Host: content.lwgadm.com
URL: https://content.lwgadm.com/hop/6.22.1/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.12.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-12-89.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xmod.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Jul 2022 20:22:41 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://xmod.in
cache-control
no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials
true
YtHMkXhdfb48Dfcq3rMpVgAA%261159
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 84E9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtHMkXhdfb48Dfcq3rMpVgAA%261159
0
605 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtHMkXhdfb48Dfcq3rMpVgAA%261159
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72b5362ea9385c5c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
72b5362e68df8ff5-FRA
content-length
0
date
Fri, 15 Jul 2022 20:22:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtHMkXhdfb48Dfcq3rMpVgAA%261159
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BL7Yhu%2Ft1VMvvYNSaNT9dHqKQ7AiTI3Q856T9bZ%2B925pWLHFwDx84L6CBDs4IcnnGVFYYjrxrCgBEw6buTtMWQpL4iqGlLIs3aEOYso5yhthVqI5l99Lss70S1xXn8PA%2FQCRQ9Pexlnhg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 1673 		47 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 12:57:02 GMT
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
etag
W/"a31a707739fd82541fa40e577dbbfede"
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
age
64421
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
48227
x-amz-cf-id
zLFHlFqS3p3SzHHfZ2vawRZya_WXh-dMeXIyf6zJMg_3eZ5QiG2qcg==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame B5A7 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 20:22:41 GMT
etag
W/"601b131c-27c"
expires
Wed, 14 Jul 2027 20:22:41 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 49D8 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D3df11b39b0572227%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::20 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Fri, 15 Jul 2022 20:22:41 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AdRmOI3LIzKh
x-77-nzt-ray
077elpotVkM
x-77-pop
frankfurtDE
x-accel-expires
@1658953361
x-cache
MISS
csync
sync.adtelligent.com/ Frame 58A2 		0
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ANq358RQJd1yQzbu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Fri, 15 Jul 2022 20:22:41 GMT
Etag
c4a9d6054185c3b6
Server
VertaMedia 1.0
e0cc9429-047b-11ed-9831-12c786060306
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 8041
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=e0cc9468-047b-11ed-9831-12c786060306
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/e0cc9429-047b-11ed-9831-12c786060306
0
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/e0cc9429-047b-11ed-9831-12c786060306
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72b5362f0a145c5c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Fri, 15 Jul 2022 20:22:41 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/e0cc9429-047b-11ed-9831-12c786060306
Server
nginx
X-fe
10
GS.d
js.cookieless-data.com/ Frame B5A7 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1657916561655
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.116 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-116.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame E728
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
104 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72b53631aeab5c5c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:42 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Jul 2022 20:22:42 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
khaos.jpg
token.rubiconproject.com/ Frame 09FA 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?us_privacy=1---
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
cookie
cm.adform.net/ Frame 5ABA 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Fri, 15 Jul 2022 20:22:41 GMT
server
nginx
csync
sync.adtelligent.com/ Frame 5602
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=d2b3c941188e92fb
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=d2b3c941188e92fb
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
VertaMedia 1.0
Etag
c4a9d6054185c3b6
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=d2b3c941188e92fb
Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
VertaMedia 1.0
Etag
d2b3c941188e92fb
Content-Length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 09FA 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&us_privacy=1---
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6024 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51000
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:42 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Jul 2022 10:32:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B7F3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 20:22:42 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 15 Jul 2022 20:22:42 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame ACC7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame CF65 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
VertaMedia 1.0
Etag
c4a9d6054185c3b6
Content-Length
43
Content-Type
image/gif
ptrack
a.audrte.com/ Frame 1673 		368 B
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=185.213.155.165&p=M1353665098&artime=2022-07-15T20:22:42.177Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5hZHRlbGxpZ2VudC5jb20lMkZjc3luYyUzRnQlM0RhJTI2ZXAlM0QzMDc5NzElMjZleHR1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=eG1vZC5pbi8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
54c78797ad453eee6620bd6b35b774d3fec265eb6d2a4959541904c38f925991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:42 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
265
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 1673 		155 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Jul 2022 23:17:05 GMT
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
age
75939
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
SlXNeZHHXFN97rJAEoVFRtsoT5VKMpx13462vrHz6oPMnxKRiLH1Zg==
sync.html
s.adtelligent.com/ Frame 398D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:506:0:ec4:7aff:fec2:7e6e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=656378
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
783
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 20:22:42 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame 3C53 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FF78 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51000
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:42 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Jul 2022 10:32:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 2FF9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4207215395475228676
0
390 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4207215395475228676
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Fri, 15 Jul 2022 20:22:41 GMT
Etag
c4a9d6054185c3b6
Server
VertaMedia 1.0

Redirect headers

AN-X-Request-Uuid
242b2185-16f3-4fee-8e3d-d97ead8f9bb8
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 15 Jul 2022 20:22:42 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4207215395475228676
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
d
ic.tynt.com/r/ Frame 4D57 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Fri, 15 Jul 2022 20:22:42 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
csync
sync.adtelligent.com/ Frame 537F
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=e753e907-8c4c-482d-beda-63bdf8024e41
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=e753e907-8c4c-482d-beda-63bdf8024e41
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Fri, 15 Jul 2022 20:22:41 GMT
Etag
c4a9d6054185c3b6
Server
VertaMedia 1.0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72b53631c95a901f-FRA
content-length
0
date
Fri, 15 Jul 2022 20:22:42 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=e753e907-8c4c-482d-beda-63bdf8024e41
server
cloudflare
sync.html
s.console.adtarget.com.tr/ Frame 5AA7 		1 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.145.146 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
ads.us.e-planning.net/uspd/1/ Frame 4CF7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
6dff9da061a2c09fc263e212faff712c2dbd02a69d23e73f03f9f377b3929563

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 20:22:42 GMT
expires
Fri, 15 Jul 2022 20:22:42 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-603
csync
sync.adtelligent.com/ Frame E464
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=80716b3d-3900-4277-aeeb-544df02c7bec
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=80716b3d-3900-4277-aeeb-544df02c7bec
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
VertaMedia 1.0
Etag
c4a9d6054185c3b6
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=80716b3d-3900-4277-aeeb-544df02c7bec
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
di05e8ndd887ea3bcqplfmi1p9lrd1ce
csync
sync.adtelligent.com/ Frame E464
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4207215395475228676
0
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4207215395475228676
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
VertaMedia 1.0
Etag
c4a9d6054185c3b6
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 20:22:42 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
1b87eb71-7ad8-4151-8e86-f7b5a56a21cd
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=4207215395475228676
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
ap.lijit.com/ Frame E464 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 15 Jul 2022 20:22:42 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame E464
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d9679133-3472-471f-a2c9-3f656a40965f
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d9679133-3472-471f-a2c9-3f656a40965f
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
VertaMedia 1.0
Etag
c4a9d6054185c3b6
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=d9679133-3472-471f-a2c9-3f656a40965f
date
Fri, 15 Jul 2022 20:22:42 GMT
cache-control
no-store no-transform
server
nginx
content-length
166
content-type
text/html; charset=utf-8
sync
vid.vidoomy.com/ Frame E464 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::20 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame E464
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1657916562237
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7837686897
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7837686897
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:42 GMT
etag
RXf70b68ec91274a379ca099cb32d4b512003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7837686897
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
csync
sync.adtelligent.com/ Frame E464
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=3524da36-7c36-4944-be3e-02a30146b9e9
0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=3524da36-7c36-4944-be3e-02a30146b9e9
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
VertaMedia 1.0
Etag
c4a9d6054185c3b6
Content-Length
0

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=3524da36-7c36-4944-be3e-02a30146b9e9
date
Fri, 15 Jul 2022 20:22:42 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pl
lwgadm.com/usermatch/ Frame E464
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Flwgadm.com%2Fusermatch%2Fpl%3Fbid%3De224d663-d5a0-49ff-baf5-6a5e88c72e07%26buid%3D%7Buid%7D
  • https://lwgadm.com/usermatch/pl?bid=e224d663-d5a0-49ff-baf5-6a5e88c72e07&buid=c4a9d6054185c3b6
70 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lwgadm.com/usermatch/pl?bid=e224d663-d5a0-49ff-baf5-6a5e88c72e07&buid=c4a9d6054185c3b6
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
H2
Server
18.159.12.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-12-89.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:42 GMT
cache-control
no-cache,no-store,max-age=0,must-revalidate,private
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
70
content-type
image/gif

Redirect headers

Location
https://lwgadm.com/usermatch/pl?bid=e224d663-d5a0-49ff-baf5-6a5e88c72e07&buid=c4a9d6054185c3b6
Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
VertaMedia 1.0
Etag
c4a9d6054185c3b6
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame B7F3 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42229
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Sat, 16 Jul 2022 08:06:31 GMT
data
bcp.crwdcntrl.net/6/ Frame 1673 		20 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:42 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.8.177
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
pixelSync
pixel.sitescout.com/dmp/ Frame 4CF7 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D8482cdaf4be90419
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:41 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
ptag
a.audrte.com/ Frame 4CF7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8b3e4df901ea90b1fca9ae2a125401ce501fd86ceab9ff70e33e1c425ba70bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:42 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 4CF7 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:42 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 14 Jul 2027 20:22:42 GMT
um
u-ams02.e-planning.net/ Frame 4CF7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D8482cdaf4be90419%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=8482cdaf4be90419&uid=4207215395475228676
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=8482cdaf4be90419&uid=4207215395475228676
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:42 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 20:22:42 GMT
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
6f4b65ac-b49c-4e60-a65d-50e4ae8cfddb
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=8482cdaf4be90419&uid=4207215395475228676
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 679D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 20:22:42 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 15 Jul 2022 20:22:42 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 886C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D8482cdaf4be90419%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=51000
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:42 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Jul 2022 10:32:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 5C96 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D8482cdaf4be90419%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4d7d8ceca0024e1581e8b79335b541322b7f5c0c7546cfb912eee941cb7adc5

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
72b5363239cb68fb-FRA
content-encoding
br
content-type
text/html
date
Fri, 15 Jul 2022 20:22:42 GMT
dropped-udsids
46|73|88|206|105|57|241|31
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAAH3Do0MVAZU9%2FnBokq7ZgjQLV3AldS8cUVMJceRUjfi036Kht1dQeFUccXxGyNcp2QaQNxZwsB5%2FzcqiTDv9M9%2FL8SWeIufA6POBt%2BjhgrBYK1l6CREOeejkrlXS8eyiEODv8w"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 129B 		1 KB
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
137109
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Fri, 15 Jul 2022 20:22:42 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 May 2027 11:39:16 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
317ec86d401f93a2d28cedf9e30a05c9
x-cf-tsc
1653097467
x-cf1
29080:fA.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame 76E6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 094C 		530 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deca804a9175275f831e1a360ca77b20d4e321a831771c669f8b9629fcfa780f

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
72b536321a44bb4d-FRA
content-encoding
br
content-type
text/html
date
Fri, 15 Jul 2022 20:22:42 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
usync.js
eus.rubiconproject.com/ Frame 679D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42229
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Sat, 16 Jul 2022 08:06:31 GMT
mw
mwzeom.zeotap.com/ Frame 094C
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D51c...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=82dab74c-661b-49e3-568c-5d219276ab1d&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=82dab74c-661b-49e3-568c-5d219276ab1d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
72b53632ab59bb4d-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=82dab74c-661b-49e3-568c-5d219276ab1d&zdid=1361
date
Fri, 15 Jul 2022 20:22:42 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 094C 		557 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=82dab74c-661b-49e3-568c-5d219276ab1d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3bf06d5f0782307d38e9599984cc41753987e3e58002ebe889f299de2965535

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72b536326ae5bb4d-FRA
date
Fri, 15 Jul 2022 20:22:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
cookie
cm.adform.net/ Frame CA62 		43 B
105 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Fri, 15 Jul 2022 20:22:42 GMT
server
nginx
csync
sync.adtelligent.com/ Frame 5AA7
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=d2b3c941188e92fb
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=d2b3c941188e92fb
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
VertaMedia 1.0
Etag
c4a9d6054185c3b6
Content-Length
0

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=d2b3c941188e92fb
Date
Fri, 15 Jul 2022 20:22:41 GMT
Server
VertaMedia 1.0
Etag
d2b3c941188e92fb
Content-Length
0
getuid
secure.adnxs.com/ Frame 5C96 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D8482cdaf4be90419%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.154 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
955.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
YtHMkXhdfb48Dfcq3rMpVgAABIcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5C96 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YtHMkXhdfb48Dfcq3rMpVgAABIcAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D8482cdaf4be90419%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:80b2:ded:f09c:81b2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 5C96 		85 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D8482cdaf4be90419%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:42 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1657916562.342843,VS0,VE92
x-served-by
cache-hhn4061-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame 5C96 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YtHMkXhdfb48Dfcq3rMpVgAABIcAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D8482cdaf4be90419%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:42 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 5C96
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D8482cdaf4be90419%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72b5363339576961-FRA
pragma
no-cache
date
Fri, 15 Jul 2022 20:22:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZ8eGY%2BRmmQxw%2FpW4xpyWPeOuIhcmK7epqNuB%2Fpes2DQU6Z4qVxXrXnmEWGexokQFw4nA8e9%2BKZrHsEsKV9Dc57NGdQyMbvx6XWJp0JSUMERmCkwhKdbeu5Zooz429g6ux2nh3bv4b4akA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Fri, 15 Jul 2022 20:22:42 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame 5C96
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588520844268795
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588520844268795
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D8482cdaf4be90419%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72b53633193f6961-FRA
pragma
no-cache
date
Fri, 15 Jul 2022 20:22:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5L8dl%2B7TrDIXrgHJJNdd8tVJ7z2HVPuApPu%2BSDS55Yrf6PYbfAY6UA4orPHGbyyd9RR8w8fg2Lq5VVDm3x48p42g3pHTJAkfx%2FJG4rUKwd5iK8TOq5a62m0ODs9j3gHLtxTL%2FwXfaxkTnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588520844268795
Date
Fri, 15 Jul 2022 20:22:42 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
s.amazon-adsystem.com/ Frame 5C96
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtHMkXhdfb48Dfcq3rMpVgAABIcAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtHMkXhdfb48Dfcq3rMpVgAABIcAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtHMkXhdfb48Dfcq3rMpVgAABIcAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D8482cdaf4be90419%26uid%3D
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 20:22:42 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
DYV2232NA2E65SZBC0VB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 20:22:42 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
J5V23D6EQDBN17TY7VQ2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YtHMkXhdfb48Dfcq3rMpVgAABIcAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
noop
px.owneriq.net/ Frame 5C96
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7112029622139369136&uid=Q7112029622139369136&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D8482cdaf4be90419%26uid%3D
Protocol
HTTP/1.1
Server
23.75.246.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-246-168.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:42 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Fri, 15 Jul 2022 20:22:42 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame 5C96 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=8482cdaf4be90419&uid=YtHMkXhdfb48Dfcq3rMpVgAA%261159
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D8482cdaf4be90419%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 20:22:42 GMT
server
openresty
content-type
image/gif
cmp
spl.zeotap.com/ Frame 094C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=82dab74c-661b-49e3-568c-5d219276ab1d&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=82dab74c-661b-49e3-568c-5d219276ab1d&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
72b53632ab5cbb4d-FRA
date
Fri, 15 Jul 2022 20:22:42 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
via
1.1 google
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 4CF7 		47 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 12:57:02 GMT
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
etag
W/"a31a707739fd82541fa40e577dbbfede"
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
age
64422
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
48227
x-amz-cf-id
Vus9_h2_Q60HvwgPU5_EZji6wxfDaC55va9OB1IfCdwrgVpsY8R92w==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 77C8 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=157680000
content-encoding
gzip
content-type
text/html
date
Fri, 15 Jul 2022 20:22:42 GMT
etag
W/"601b131c-27c"
expires
Wed, 14 Jul 2027 20:22:42 GMT
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
server
openresty
sync
vid.vidoomy.com/ Frame 17BC 		49 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D8482cdaf4be90419%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::20 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Fri, 15 Jul 2022 20:22:42 GMT
etag
W/"61c991db-c5bc"
last-modified
Mon, 27 Dec 2021 10:13:47 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AdRmOI27/0yh
x-77-nzt-ray
Y2pBnVMFmDg
x-77-pop
frankfurtDE
x-accel-expires
@1658953362
x-cache
MISS
csync
sync.adtelligent.com/ Frame 5633 		0
387 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=ANq358RQJd1yQzbu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
0
Date
Fri, 15 Jul 2022 20:22:42 GMT
Etag
c4a9d6054185c3b6
Server
VertaMedia 1.0
GS.d
js.cookieless-data.com/ Frame 77C8 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1657916562601
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.116 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-116.rev.poneytelecom.eu
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Jul 2022 20:22:42 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
p
a.audrte.com/ Frame 1673
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=gd7TpUHXixtS-OPhaTZ8SNKKA&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=gd7TpUHXixtS-OPhaTZ8SNKKA&gdpr=0&gdpr_consent=&google_gid=CAESEOVkn6TqDKDajNiATZoDkEo&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:42 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 15 Jul 2022 20:22:42 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 1673 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=gd7TpUHXixtS-OPhaTZ8SNKKA&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:42 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
p
a.audrte.com/ Frame 1673
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?CC=1&party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7992967453716416126
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:42 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 15 Jul 2022 20:22:42 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
ptrack
a.audrte.com/ Frame 4CF7 		368 B
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=185.213.155.165&p=M1353665098&artime=2022-07-15T20:22:42.666Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9kdT1odHRwcyUzQSUyRiUyRnN5bmMuYWR0ZWxsaWdlbnQuY29tJTJGY3N5bmMlM0Z0JTNEYSUyNmVwJTNEMzA3OTcxJTI2ZXh0dWlkJTNEJTI0VUlE&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
54c78797ad453eee6620bd6b35b774d3fec265eb6d2a4959541904c38f925991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:42 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
265
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 4CF7 		155 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-8.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Jul 2022 23:17:05 GMT
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
age
75939
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 15 Jun 2022 17:05:13 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
Vxccvzg1Af5FUVG0G0Ohb8TI4t_i3tO9MuR7Ta6sXd1KqTjddUgIdQ==
data
bcp.crwdcntrl.net/6/ Frame 4CF7 		20 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Jul 2022 20:22:42 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
expires
0
cache-control
no-cache
x-server
10.45.23.51
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
20
x-consent
absent
khaos.jpg
token.rubiconproject.com/ Frame B7F3 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
p
a.audrte.com/ Frame 4CF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=gd7TpUHXixtS-OPhaTZ8SNKKA&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=gd7TpUHXixtS-OPhaTZ8SNKKA&gdpr=0&gdpr_consent=&google_gid=CAESEOVkn6TqDKDajNiATZoDkEo&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
HTTP/1.1
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:43 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 15 Jul 2022 20:22:42 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
p
a.audrte.com/ Frame 4CF7
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7992967453716416126
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
HTTP/1.1
Server
54.89.128.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-128-231.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:43 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 15 Jul 2022 20:22:42 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 4CF7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=gd7TpUHXixtS-OPhaTZ8SNKKA&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=656378
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:42 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
sync.php
pixel.rubiconproject.com/exchange/ Frame B7F3 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
khaos.jpg
token.rubiconproject.com/ Frame 679D 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CB98 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50999
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 15 Jul 2022 20:22:43 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 16 Jul 2022 10:32:42 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0D84
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Jul 2022 20:22:43 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 15 Jul 2022 20:22:43 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184-d
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 8772 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 398D 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:42 GMT
Server
VertaMedia 1.0
Etag
c4a9d6054185c3b6
Content-Length
43
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 0D84 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 15 Jul 2022 20:22:43 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42228
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Sat, 16 Jul 2022 08:06:31 GMT
um
u-ams02.e-planning.net/ Frame 49D8 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=3df11b39b0572227&uid=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D3df11b39b0572227%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Fri, 15 Jul 2022 20:22:43 GMT
server
openresty
khaos.jpg
token.rubiconproject.com/ Frame 0D84 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/jpg
um
u-ams02.e-planning.net/ Frame 17BC 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams02.e-planning.net/um?dc=3ab023ac29ea5990&fi=8482cdaf4be90419&uid=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3ab023ac29ea5990%26fi%3D8482cdaf4be90419%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Fri, 15 Jul 2022 20:22:44 GMT
server
openresty

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
vpod1q.qa.lijit.com
URL
https://vpod1q.qa.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=1---
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer object| lwhb object| adUnits object| adBidders object| pgGamNetwork object| pgPublisher object| pgDomain object| pg object| livewrapped object| pbjs boolean| lwanalytic object| script object| doc boolean| pbjslspbjs string| api string| fetchon function| _0x399a function| _0x4ab95a function| _0x3372fe function| _0x4bf212 function| yuidea function| yuideascrolldown function| _0x347c string| message function| rtclickcheck number| timeset function| _0xc34331 function| _0x56cce1 function| _0x2fc4d9 number| timer number| max number| percentage string| dialColor string| percColor function| _0x4989 function| setPercentage function| updatePercentage function| init object| cedit function| invalidLIC function| checkLIC function| _0x2e57 string| o function| _pbChunk object| _pb object| _pbjsGlobals object| m2hb function| __logBidWon function| __logAdRender object| googletag boolean| loadPushedlwhb object| google_tag_manager function| $ function| jQuery object| google_tag_data string| GoogleAnalyticsObject function| ga function| owpbjsChunk object| owpbjs object| ucTag object| PWT object| OWT string| partnerName string| key object| sovrn boolean| beaconFlag string| zioYPPYqeqis string| GdZeLTxyIp number| xWJlgqPfVJ number| aNjULuTZuY number| ieliXLUGrh number| hssUsCebGC function| XlYZxJUoBW object| JmaTAMJGmB number| c2 number| c1 object| 0JvcUdiLSrrM function| oYTXkZnaej object| ggeac object| google_js_reporting_queue object| pbjsChunk object| ADAGIO object| gaplugins object| gaGlobal object| gaData object| sas object| apntag object| _ADAGIO undefined| google_measure_js_timing object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| NzdiODFkNDJmYjg1MzY3Y2xvYWRlcl9qcw== string| NzdiODFkNDJmYjg1MzY3Y2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager object| default_ContributorIabTcfV2ClientJs function| __g78fHfh446__ boolean| dnt

98 Cookies

Domain/Path Name / Value
byrl.me/ Name: XSRF-TOKEN
Value: eyJpdiI6ImIzMUhzeElxRWIwSy9EemVOOCtqcHc9PSIsInZhbHVlIjoiRjlJZHZvUDV0dlhPZGRFMVBESVdSNmRFVVBJaEJNOHdYVHhFeW9keHFQR0taQ21mU1JWd2o4RG5SamVCdXVubVNHWUl0V093VWlraDhxdWRTRnNkaGRiUVA0OW5nbWxEdGZib1RzQlBwaTJvRThrZGVXanFQQkQ5bzNvbWtVL1QiLCJtYWMiOiIwNjVhM2RmNjBmMWQyYmNlOGVmMmNiYTk4NzU1Y2RiMjY2Y2I3ZTRiNzBlYWJjYzQ4NDlkN2IxOTI4NDBhYTViIiwidGFnIjoiIn0%3D
byrl.me/ Name: axlsin_session
Value: eyJpdiI6Im1mb0ZCNS96L0lTNFIrRldFOTVnTEE9PSIsInZhbHVlIjoiRUFuWjZsMFdnME9pYkc4djA1cHhBMnRnNlZ1dkpreGwvVmRJbzZwUE1pR2NPY3NhWXQrbWQxc3lWWVVSbXRpNHNDRmZOd0MzZnlBTXRqekJwamRUelMvK09UQ3NnSjQrV0k4U1FtUWxJNUVqWUxJNmpqM3Z0ekNOTUJlcldXcHUiLCJtYWMiOiI4M2VjMzc2NmU2YTdlNGZjNjc5OTQyNDNlMjQzNzk1ZGNkMGU5MWQxMGJjNmQ4ZjIzYjgyNmUzYTQ2N2ViOTA0IiwidGFnIjoiIn0%3D
xmod.in/ Name: PHPSESSID
Value: 11b6c131615aed7983e4ecd1ca269c20
xmod.in/ Name: cap_y
Value: 10
xmod.in/ Name: JSON_fetch
Value: 08aASc6R
lwgadm.com/ Name: uid
Value: ecde500820c6487c84a7e5b68fb3a8dd
xmod.in/ Name: pg_buildfile
Value: 220518-fa2-nc-86d5133c2abe93c211076929b3bec352
xmod.in/ Name: pg_unq_cohort_key
Value: 1:2206221614
xmod.in/ Name: lwuid
Value: ecde500820c6487c84a7e5b68fb3a8dd
xmod.in/ Name: pg_session_depth
Value: 1
xmod.in/ Name: pg_preconnecting
Value: disabled
xmod.in/ Name: pg_geo_response_time
Value: 85
xmod.in/ Name: pg_geo
Value: {"country":"DE","region":"HE","ip":"185.213.155.165"}
xmod.in/ Name: pg_custom_timeout
Value:
xmod.in/ Name: pg_ip
Value: 185.213.155.165
xmod.in/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.xmod.in/ Name: _pubcid
Value: c0918fee-b443-497f-970a-ac60ffdfaf69
xmod.in/ Name: pg_after_init_response_time
Value: 96
.xmod.in/ Name: _ga
Value: GA1.2.1729997736.1657916560
.xmod.in/ Name: _gid
Value: GA1.2.1761243152.1657916560
.xmod.in/ Name: _gat_gtag_UA_124607845_15
Value: 1
.360yield.com/ Name: tuuid
Value: 3524da36-7c36-4944-be3e-02a30146b9e9
.360yield.com/ Name: tuuid_lu
Value: 1657916559
xmod.in/ Name: cto_bidid
Value: rE2JDl9IcHZ3UGpPZ1QlMkYwZ0lXSHo4cmhzSUdqTkswUnJUOXolMkJIVVRNTjhNNkRtb1dsWXZjeEQ1YnBReXNRUjVUNFBhYVd3MTRXc0thcXlzUjBpbjVRMXhBZXclM0QlM0Q
xmod.in/ Name: cto_bundle
Value: YaFCa18ybE5ZZlhTSXFMbWdQTUxlaHQ4UnVZYUlibm92JTJGMlptVyUyQkgwNWRqcGxQZENVYnE2RGFCRzJ6NjMzWnIyQ2c2RE9LeXVpSnZZeWFzWUVveW5nUk0xNVFxV0d0ZUpUcUxaRXd2d1lXeGlRaVklM0Q
xmod.in/ Name: pg_beacon
Value: 1
.adnxs.com/ Name: uuid2
Value: 4207215395475228676
ads.us.e-planning.net/ Name: CT
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: e753e907-8c4c-482d-beda-63bdf8024e41
lwgadm.com/ Name: uidum
Value: ecde500820c6487c84a7e5b68fb3a8dd
.e-planning.net/ Name: E
Value: ANq358RQJd1yQzbu
.casalemedia.com/ Name: CMID
Value: YtHMkXhdfb48Dfcq3rMpVgAA
.casalemedia.com/ Name: CMPS
Value: 5134
.creativecdn.com/ Name: u
Value: TYiIML05Xc7j5Y29ag3V
.creativecdn.com/ Name: ts
Value: 1657916561
.zeotap.com/ Name: zc
Value: 51c68854-b20f-455a-4167-3a1645d4292b
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2GTz?w>g#!@wnf-Te9(SNP7Qd)KmvZ6'#8FTI[KEsq1PG:<Z'FSpScTa0>sExr.IWs?I!DS-]Mp7-2'(j'5?)fy*.!BUf]
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiJmY2E5NGM2NTMxZTVkM2EyODIyZjFiNjlkMzdmODlkMiIsImV4cGlyZXMiOiIyMDIyLTEwLTEzVDIwOjIyOjQxWiJ9fSwiYmlydGhkYXkiOiIyMDIyLTA3LTE1VDIwOjIyOjQxWiJ9
xmod.in/ Name: _lr_retry_request
Value: true
xmod.in/ Name: _lr_env_src_ats
Value: false
.casalemedia.com/ Name: CMPRO
Value: 1159
.adfarm1.adition.com/ Name: UserID1
Value: 7120697409005287563
xmod.in/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-07-15T20%3A22%3A41%22%7D
.tapad.com/ Name: TapAd_TS
Value: 1657916561451
.tapad.com/ Name: TapAd_DID
Value: 48de9396-9d08-415a-9c11-41663e45bb93
.mathtag.com/ Name: uuid
Value: 3cb862d1-cc91-4800-9395-4bc91801e5bc
.demdex.net/ Name: demdex
Value: 64378499865961631433371372573344658048
.tidaltv.com/ Name: tidal_ttid
Value: d3021c63-9639-4cc8-8efb-2f980ddcb2b5
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.theadex.com/ Name: axd
Value: 4299923322826829045
.theadex.com/ Name: tis_dwL
Value: dwLeAsAy
.dpm.demdex.net/ Name: dpm
Value: 64378499865961631433371372573344658048
.weborama.fr/ Name: AFFICHE_W
Value: Ue09iU1kK1dR84
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjS3tDK0MAIAvK0sCgkAAAA="
.agkn.com/ Name: ab
Value: 0001%3AXy9ktf%2BnJtS4JNbq67NCBQW%2BxtDNt7%2FE
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.brand-display.com/ Name: _knxq_
Value: 3bb84ffc-7f5c-eba0-177efa75.1657916561.0.1657916561.1657916561
.bidr.io/ Name: bito
Value: AACmaU7Fo5kAAGAWQElzCA
.bidr.io/ Name: bitoIsSecure
Value: ok
.xmod.in/ Name: panoramaId_expiry
Value: 1658002961575
.richaudience.com/ Name: avcid-zeo-uid
Value: 51c68854-b20f-455a-4167-3a1645d4292b
.krxd.net/ Name: _kuid_
Value: O9ZQS3KE
.doubleclick.net/ Name: IDE
Value: AHWqTUkX7x6Yy6RqH_MTYzNHXPxXBmOWKRQuG_etmpCer74FBXIoRqqf9IHttsJSAMA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YtHMkQAQjpG6MAAo
.spotxchange.com/ Name: audience
Value: e0cc9429-047b-11ed-9831-12c786060306
.smilewanted.com/ Name: sw_user_params_infos
Value: xASzYNfAxzrgL07bfYnAW1DPuoYxJgyXc51cKzuNMlfyOdvmrEx9XBY8kjjVWrn2vvTfa8dvm00Lca0flBOX0J3WYgAiDyXilk4XZUEtL9FyHm9K4Mk1eS1kgp1CwV0FO%2Fg9fHD86iYbebag5ySwFZJBzDEn%2B7sDDEG05FthTbXUqTIrBfRvlMc%2Fp2AJSkAbhueuflPk1ji08003V3XJK612t5wzR6JvQaibQP%2BWeAJuAEP2lFJqY0aq83uFKdKR0KBD3GTPcY%2BJO9M0YtU0gXs5VRG0f3hLDNM6oqVVGn91wdl54yFPkyCmkJ1YQYJT9%2FWDKWdZFSyP5gZDwoDilQ%3D%3D
.fwmrm.net/ Name: _uid
Value: "o2995_7120697408992765367"
.adtelligent.com/ Name: a319130
Value: e753e907-8c4c-482d-beda-63bdf8024e41
.adtelligent.com/ Name: vmuid
Value: c4a9d6054185c3b6
.adtelligent.com/ Name: a307971
Value: ANq358RQJd1yQzbu
.openx.net/ Name: i
Value: 6a03dbab-2918-4e69-9fb1-5cb015508a9c|1657916562
.console.adtarget.com.tr/ Name: vmuid
Value: d2b3c941188e92fb
a4p.adpartner.pro/ Name: apuid
Value: d9679133-3472-471f-a2c9-3f656a40965f
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f70b68ec-9127-4a37-9ca0-99cb32d4b512-003%22%2C%22zdxidn%22%3A%222069.44%22%2C%22nxtrdr%22%3Afalse%7D
.zeotap.com/ Name: zsc
Value: %0EAa%D4%AB%21%22%F6%A0%F0%82S%FC%E9%D7bT%22%A0U%AA%1E%CBP%FD%BD%A2%7F%E9%09%F9%91%E8Q%08%0F%ED%AE%3B%A7%CA%5D%12%9E%FB%B9%C6%83%8E%C1~%3Bd%7Cqj%971%B5%C6%EA%E3K%7Dm%9F%87%AE%DB%0Cz%A4%97%83K%13g%85%F61%FC%03H%A6%C3%9A%C4%B7X%5C%2AN%3B%CA%83%F8%9A%B0%96%13%02D%9F%E4%12%A9%28%7BH%AE%13%BD%99Z%26%B0%AF%F2%F8%7BR%00%C3y%EA%14%15v%D2%E5%FAq%91X%D5%3A%16%BC%99%A2%A4kOA%1Ds.%3C%DE%07%F9%B6o%D8%1DG%DB%F3%1B%FC%ED%C7E%C6p%E2%2AM
lwgadm.com/ Name: um
Value: EjgKEglUWEgD4lrVQxGNXc%2FpsSrAjBIiChM0MjA3MjE1Mzk1NDc1MjI4Njc2EgsIksjGz7mq8zoQBRJJChIJsg1MCaJc8kMRvptQAlXdHP0SMwokZjEwM2ZmM2YtMmQ2Yy00MmEyLTk4NmMtMWFkMDYwMzk5NzRlEgsIys%2FSz7mq8zoQBRI1ChIJY9Yk4qDV%2F0kRuvVqXojHLgcSHwoQYzRhOWQ2MDU0MTg1YzNiNhILCKixhNq5qvM6EAU%3D
.adtelligent.com/ Name: a584890
Value: 4207215395475228676
.casalemedia.com/ Name: CMRUM3
Value: bf62d1cc9100013bb84ffc-7f5c-eba0-177efa75&2e62d1cc9205a0&e662d1cc912760&f162d1cc9205a0&1f62d1cc9205a00&5862d1cc9205a0&2762d1cc910b40&6f62d1cc9105a0&0362d1cc9127603cb862d1-cc91-4800-9395-4bc91801e5bc&8262d1cc912760AACmaU7Fo5kAAGAWQElzCA&ce62d1cc9205a0&4962d1cc9205a0&3962d1cc9205a0&2d62d1cc9105a0CAESEJVuUnJTE8eTlsJ4qvVs9jQ&6962d1cc9205a0
.casalemedia.com/ Name: CMST
Value: YtHMkWLRzJIA
.adtelligent.com/ Name: a297253
Value: 4207215395475228676
.adtelligent.com/ Name: a289656
Value: 3524da36-7c36-4944-be3e-02a30146b9e9
.owneriq.net/ Name: si
Value: Q7112029622139369136
.owneriq.net/ Name: p2
Value: cc
.adtelligent.com/ Name: a318342
Value: d2b3c941188e92fb
.adtelligent.com/ Name: a307558
Value: d9679133-3472-471f-a2c9-3f656a40965f
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmpuCSTMjEwMLABHQO-TEAAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MTG1sDA1MrAwMTEyszC3NBXiM9StyAgz88lOc8829jcHAKryQgAlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MTG1sDA1MrAwMTEyszC3NBXiM9StyAgz88lOc8829jcHAKryQgAlAAAA
.yahoo.com/ Name: A3
Value: d=AQABBJHM0WICEIQqDLB1l01RuySVnI4iyLwFEgEBAQEe02LbYgAAAAAA_eMAAA&S=AQAAAhXTh2WW29xkvWM-80Pkxjg
.adtelligent.com/ Name: a309255
Value: 80716b3d-3900-4277-aeeb-544df02c7bec
.casalemedia.com/ Name: CMTS
Value: 5156
.adform.net/ Name: C
Value: 1
.eyeota.net/ Name: SERVERID
Value: 21328~DM
.adform.net/ Name: uid
Value: 7992967453716416126
.audrte.com/ Name: arcki2_ddp
Value: CAESEOVkn6TqDKDajNiATZoDkEo!20210804!1657916562749
.audrte.com/ Name: arcki2_TTT
Value: 1657916562820!gd7TpUHXixtS-OPhaTZ8SNKKA!H4sIAAAAAAAAAEWWS45sJwyGF8MYCWwDZphBBlGUDKK7Acxj/0u43+lJSuruqj4U2L//B77HiyUrd1kjq7yZV7eatZyQVuaN11KNIq/ZzmIrst168ryvZDv9ad2vxZup77lsnpbHc8l6O4vK4x1fLn3qqWum6FLrPDWzumXr8+XVqueYd4+zT3uvJtnzvVJ6Hjda1lZvXjVYxA49Wnl7e1q+T3jzfMva2aK3HN57liLNq41atCe5bfvckvftk0WXRdUjF5/hHPbT3bjaz6UmeQoEoRzn/NLew29p5fSZ5qW71SOvNzyrN3DanDl3r+NWu8VeinLFfHo+S+mu7p7nCs1uS/tc/bq81BVEtpc8yrRsIJyjUZjvUTTO2PM4YPZ3u99sZfZsYg2cHsuftLprKbEsvVV7u7t9x1nW8yjndc2t8nXxU8fRxHzb12qO+17WBaLu8+Z+Vz9DGbtYsurX9ezc56DxWx6zs5Lj9V0tpKpJalql377zHMKiAgHmKCvLHTTdhvd30rFZ36addzrVT+Vg7SXvmGzrzVposhO2DHTa2PRkLPIpO597136UvZ6n+tYFfc38p0KVxXFNNBeTKL2Ve8dI60LMwdg2L+hLzbO2kYNxzKKPV0931nIE9NaHk40FBJWVq9R14o4CIOntJjAf9O4RqCJQZbeS7yxhICgWLS0bsYvO3HUri2yhlhZZdtt2KufJTCNUfTRh9opG6BR675VbP3ObC4N6SZ7Pfq+B+EZSEjs7uIGDxTiuRe9I/SxwPRDgMTabRWCBvVweolj0dlqkqO3JOYdF4GgXoUyfJSvVtzlQn2jSd5+1+Wmk9k+3UKUeBqzbpktMM08bvi8ZNNYB047QwoiZ7zt2zfUVFon61aOSpUdkNbZba1g+Z50xliDzndS0t4eC95afnQ4nxccHeImScI2X3qyTAShU7IylB8e1CZ+gE8r04JX++vefP/77+89fGVE3/EccWY9x6QdhiNCDiiKxgyz9+Yvu25lHQpNRFf5Q08jm57I9TIRiF5n0gTyTNMYvWBViZ5HhR34KA+ule4CcDuhaWrtYY776AK/QcnzVKBK66gudbvyImgqEwBBoFC/K8+A8Wuq7o8cBrwQbK/6kqGtOJhQct2CiVkWmyvZH2MnXFo7r0z9nA5e1Cs7TXznL7DOvNEC3VRR79necfs8fYiwY6/QDGxuyLrLPBSe8wyHZRLt87VtZNSY+75KmM9dAYhJBd7WxqFM9oYBremdEN5XbxhrH8psDnIZ9sKKDmPwJfEHXTW7jPDfJcAAmFqk8L5UW8SzdZcxdk3lAZrojAD7+0ELMoPAX/PvwvkHXEgGXLllS2cl5N50pdWt23zKpZmmQKvej1lxfdNmAP70TE68V675wRk9MJXaIZ6HSLya+fMP+6qriAx/vOpJtLApnRfsLnNZikYya2wMl3rQiC9OyddFBXl/IoReiy3olS7Q5+Gq7Nz3b5/ij0hid6ILdqyPb3dDxO0wAZzPE3z9gBsJiLD/qqLRw4wLfdiMBjD3RNwTYdzGWwXFQOh997mPXjTITpL34S817OIU/R+CfyruN2xjH/MRYy4Ujn1piQ3TCBvrOkbtD9yCA3l5pE74Pi6M74lj7xkWOnwynXe0unWRJc6L8VWpyYxFVwEzs7cvRIFyx/pk2yFtjtkgIjlckg6/y0UW2ToHp+r+sTfFI+UZZMU7YCrfyvehUmTiKbj0XeGjYXYuPrtxKimNy/AAeRvjVQEsFH5uoOqyk/a6iM4x5shPWwkAndhZxbvWlSPskxY7DBnR3rV/GHhD+pnICa8VErLfkX8TxOd/zeSJSzlPu/DJ0cGfpMJ+09seW+l2i9nerQfb+phIgnatBszPIfTxLWYYBPf+ZOsJwpuri9Z7yXbheajEqOdC+nqjJSZG18dFSz4m9iePREyPCd+x7/s1CCic9iDuvTTbD0ttI+MoSQitvgYS6mUW8ge0LidQJ9YNiZQ8CgiLud7sjCch9+RCHMtiw3NiX+FzHNne+6B9OUAYD4f7DRUUrimkyR4oW1g0I5xdQ1uS7HECnORe+uFS5ZOH4rSI4z3zNPwkha9sjN31T3q26sL+2LzcFdLw3kf81kQmJg4TsgnbArpmAB5/j+ZBPIodrKTYluAhXC46JY/U37u7PZ9sKAAA=
.audrte.com/ Name: arcki2_adform
Value: 7992967453716416126!20210804!1657916562856
.audrte.com/ Name: arcki2
Value: gd7TpUHXixtS-OPhaTZ8SNKKA!20210804!1657916563052

23 Console Messages

Source Level URL
Text
javascript error URL: https://xmod.in/blog/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://xmod.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://xmod.in/blog/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://xmod.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://xmod.in/blog/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://xmod.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://xmod.in/blog/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://xmod.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://xmod.in/blog/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://xmod.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://xmod.in/blog/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://xmod.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://xmod.in/blog/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://xmod.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://xmod.in/blog/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://xmod.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://xmod.in/blog/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://xmod.in' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://tags.bluekai.com/site/87734?id=51c68854-b20f-455a-4167-3a1645d4292b&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=51c68854-b20f-455a-4167-3a1645d4292b&reqId=48f24635-d29b-47f8-4cc9-09712dcb623f&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a3.pubguru.net
a4p.adpartner.pro
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ads.pubmatic.com
ads.us.e-planning.net
ap.lijit.com
api.rlcdn.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bn01.er.bemail.it
byrl.me
c.4dex.io
c1.adform.net
cdn.connectad.io
cdn.jsdelivr.net
cdn.pubguru.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
content.lwgadm.com
creativecdn.com
csync.loopme.me
csync.smilewanted.com
d.adroll.com
dmp.adform.net
dmp.brand-display.com
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
ghb.adtelligent.com
gum.criteo.com
i.e-planning.net
ib.adnxs.com
ic.tynt.com
ice.360yield.com
id.crwdcntrl.net
id5-sync.com
idsync.frontend.weborama.fr
image6.pubmatic.com
js.cookieless-data.com
lh3.googleusercontent.com
link.short2url.in
loadeu.exelator.com
lwgadm.com
m2d.m2.ai
match.adsrvr.org
match.prod.bidr.io
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-sys.com
p.rfihub.com
pixel-eu.rubiconproject.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.smilewanted.com
ps.eyeota.net
px.owneriq.net
r.casalemedia.com
rtb.openx.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.smilewanted.com
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
trc.taboola.com
u-ams02.e-planning.net
ups.analytics.yahoo.com
usermatch.krxd.net
vid.vidoomy.com
vpod1q.qa.lijit.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
xmod.in
api.rlcdn.com
prebid.smilewanted.com
vpod1q.qa.lijit.com
100.24.249.189
104.111.215.191
104.18.18.126
104.18.19.126
141.95.98.69
142.250.185.66
142.250.186.34
147.75.85.234
15.197.193.217
151.1.205.165
151.101.194.49
151.101.65.108
162.0.235.151
168.119.79.223
172.67.10.198
178.250.0.157
18.156.0.31
18.156.126.13
18.159.12.89
18.198.69.109
18.66.139.10
18.66.97.8
185.15.245.82
185.184.8.90
185.29.134.244
185.86.137.131
185.89.210.154
185.89.211.12
185.94.180.126
193.0.160.129
198.47.127.19
2.18.233.201
205.234.175.175
212.82.100.182
213.19.147.44
216.10.243.64
216.52.2.19
23.205.235.133
23.227.137.155
23.227.139.243
23.227.145.146
23.35.236.201
23.75.240.210
23.75.246.168
2600:1f16:e61:3f01:46b:43f6:5ec6:edd4
2600:9000:223f:c00:5:3aaa:f40:93a1
2600:9000:2490:1000:1b:7f5c:2c80:93a1
2606:4700:10::6816:37ce
2606:4700:10::ac43:db6
2606:4700:20::ac43:4bf1
2606:4700:3034::ac43:8960
2606:4700::6810:5714
2606:4700::6811:190e
2606:4700::6812:272
2606:4700::6813:ac6c
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a02:2638::1c
2a02:6ea0:c700::20
2a04:4e42:200::300
2a05:d018:24:b002:d4fc:f527:7aed:872f
2a05:d018:d29:3602:80b2:ded:f09c:81b2
2a06:8640:506:0:ec4:7aff:fec2:7e6e
3.251.27.103
34.111.131.239
34.111.151.213
34.240.24.63
35.156.32.52
35.186.253.211
35.227.248.159
35.241.34.106
37.157.4.28
37.157.6.252
46.137.141.240
5.178.65.246
5.178.65.253
51.15.145.116
51.83.220.94
51.89.9.254
52.213.127.205
52.215.200.154
52.46.143.56
52.50.170.21
52.57.150.20
52.95.115.196
54.89.128.231
63.33.136.29
64.74.236.255
66.155.71.25
67.202.105.34
69.173.144.138
69.173.144.165
85.114.159.93
074691f1175a4040f292124afbff0c87cd24290b7b9672577f33b7c7de205384
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e836b45cbcd5858facf1bb56b2517d30302fbc82a0048ffdc2f3a548874ba50
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
1689fe30a2adbe7c7447b1d13c70f81b85454a425478aee1644eab9db544cc13
18d2477bb4ab72de48e44c52840b2e37a9a4f07f6bf9feefa9155ff0d4dcbce6
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
28947e3d7cb9cb098e4927627e82e6a7842b1c7e6b7f70837445d9cfe15d1244
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d2ba1afbfd92cba1bed039b1562cfca77e23fdb8df3272c9cb6f51ebb02fa19
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3001ab6d7ce2ff81f63d4a653e691dc780789221c3404ce523fa6dcb5eb4cb01
358e288f0136077a73737fa91447ece4647cef4b00332161f2ed5c6fb5363631
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f3e0ebd2e286f5c8a1a31596caf7fe9d5d42db6204a047694c82a4f09162428
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41b6fbc9b65326331b02575473370ef888ec39a9211c442c3ca0b78f31877d76
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44fa6b2486679a86fa74cfcf8d0fcca80c690fe137757a7833c7cc2d73a9d392
453cb626531e259d7b31435effa360042fd6e46eb27e2269a3764e67b026662e
459bbb4f20da99d4483ee081a401d40d810393099db5381b92e91c33b9d2cd39
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
540dfac5a47581c15ca5d9f3c4704d56d834fabd633796b4b911db0ffe3aea42
54c78797ad453eee6620bd6b35b774d3fec265eb6d2a4959541904c38f925991
55475f690303f28766cea7ae2214bca689adb1d19426a636ae5f812d30ed88aa
56c924f8414c1a606b7caf2a58ab168ae053dacfee0cfd586fb23d805a4f85a8
603694e2d3698acbc0ca005a076257ffb39694f2aa5a4ac26ee6a978c146dfbd
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
65f361c3a20d2c3d5176c9e2c8cead8b8f3ad6ed865b3cbd7b86b68e80c48558
67deff8159920f3e5a0c6d56d55b9c351bf879ee0610ec8d87a53716ad30111e
68243aa91619029e216090d8f4c8b69e240835016136ca73f67c5708e249da8a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dff9da061a2c09fc263e212faff712c2dbd02a69d23e73f03f9f377b3929563
7469addd832e35dc873c74bc553919b343183198dc2f8caeb2338d8013c7a645
75a4520e5e6cdee5e757e5a7c58fcdd212ecd00940085366e24d080622be6ac7
77a281f8bd4c6a1514a88f6514a94228f7620a7b5eab894e4166af3ee382b11a
7d79e8cfc6326fc43f865d3f6b101ce3c95a2fce600d4cab1d30f9fc0abca60c
7e7a4a45f43098618932a2503eb64f614ea37c920bb1c9427bd9aad5bea0892d
7f8495f9c073d28c39b5fba3570941fe83294d070b378a40445738bc5337f2d7
836732e9138946f09e64f7db0d9a26d1628cc744a6573bdab72bd397965afced
85c43996ec132b0003edd903d38b2ef161252fd35d39959a56074d37bad8f9b2
8673bc66033504473e51eec001675c3edea9c9de15de9b10dde11db227eb398c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88a3e1fdc393a8f54877984a9e6fcfcf497fddb356ee713efb8a0d87a865cb51
8a77716d191bdcbb71ccafbe17e67b9e6f45d58e3c7477e3c9b7d7b9321c6f5a
8b3e4df901ea90b1fca9ae2a125401ce501fd86ceab9ff70e33e1c425ba70bb2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
96e2836abcf692cd6c5faa53cda329482428a2dddcdd17f7da1570980fed30ec
9c79af78cb324a3ca6c879d38313c4eb4025972decd05170d88f4b486f43acef
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a746f8d7b2c6e716567800e78178defa06a13c9663dbe4f420be0d3a0850abf6
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4d7d8ceca0024e1581e8b79335b541322b7f5c0c7546cfb912eee941cb7adc5
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
bab1ec6588f078cdb89b7d70f9c407e13203db25fd1abf835907c9ddbf822214
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d3e53145b2e47ef3c4a2a08c8a644b8acf51380859a40d48a39447646e9a02
c6df3da1c7ecefedd0315482faa6cadb8129cc451fd4047aba3962a5b8e064d9
d121b3ce7fe2ffccc038fb549f4e8891c2345bdccef0762a9ae4f15d455df7e3
d3bf06d5f0782307d38e9599984cc41753987e3e58002ebe889f299de2965535
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
deca804a9175275f831e1a360ca77b20d4e321a831771c669f8b9629fcfa780f
e00f706b7b43a19ea1a9270ecff634e316fcc89f94811ed01e133b3b753963d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f522106cb8eef17f67ab33bb623590773c6c58f65bfc805fff1f34a0abdf9c75
fa2852db9d46c271178d6ffa520163825dd38689cefdd3aaf74002828e0105f9
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e
ffeccdeba08a69d3bf14386c86e0b3d6e44d721a394cacf024a9b24543a18225