dvwqrjezrqfys.cloudfront.net Open in urlscan Pro
2600:9000:2490:3400:18:47f6:9500:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://dvwqrjezrqfys.cloudfront.net/
Submission Tags: demotag1 demotag2 Search All
Submission: On July 04 via api (July 4th 2022, 9:22:24 pm UTC) from US — Scanned from DE

Summary HTTP 202 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 94 IPs in 11 countries across 89 domains to perform 202 HTTP transactions. The main IP is 2600:9000:2490:3400:18:47f6:9500:93a1, located in United States and belongs to AMAZON-02, US. The main domain is dvwqrjezrqfys.cloudfront.net.

This is the only time dvwqrjezrqfys.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2600:9000:249... 2600:9000:2490:3400:18:47f6:9500:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	54.156.217.194 54.156.217.194	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6813:b777	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2600:9000:249... 2600:9000:2490:3000:18:47f6:9500:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:480... 2a02:26f0:480:3::210:ee87	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	13.226.171.150 13.226.171.150	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 6	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:223... 2600:9000:223f:fc00:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
1 2	178.250.2.140 178.250.2.140	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2600:9000:249... 2600:9000:2491:5e00:1f:95f6:9b00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	95.101.77.203 95.101.77.203	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
4	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
4	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1 2	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
3	52.10.147.33 52.10.147.33	16509 (AMAZON-02) (AMAZON-02)
1	52.222.206.214 52.222.206.214	16509 (AMAZON-02) (AMAZON-02)
3	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
1	18.66.248.48 18.66.248.48	16509 (AMAZON-02) (AMAZON-02)
3 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	130.211.33.132 130.211.33.132	15169 (GOOGLE) (GOOGLE)
2	2600:9000:249... 2600:9000:2491:6e00:8:ac1e:8ec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 15	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
1	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
1 3	54.154.103.240 54.154.103.240	16509 (AMAZON-02) (AMAZON-02)
3	104.89.29.143 104.89.29.143	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.124.55.177 3.124.55.177	16509 (AMAZON-02) (AMAZON-02)
2	185.86.139.106 185.86.139.106	201081 (SMARTADSE...) (SMARTADSERVER)
1 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	35.158.225.181 35.158.225.181	16509 (AMAZON-02) (AMAZON-02)
2	35.158.225.163 35.158.225.163	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 3	18.203.96.202 18.203.96.202	16509 (AMAZON-02) (AMAZON-02)
2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	34.251.193.248 34.251.193.248	16509 (AMAZON-02) (AMAZON-02)
1	52.218.91.123 52.218.91.123	16509 (AMAZON-02) (AMAZON-02)
2 2	141.94.170.64 141.94.170.64	16276 (OVH) (OVH)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 5	139.162.172.91 139.162.172.91	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	51.77.65.169 51.77.65.169	16276 (OVH) (OVH)
1 1	91.210.226.73 91.210.226.73	48314 (IP-PROJECTS) (IP-PROJECTS)
4 4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	108.128.241.23 108.128.241.23	16509 (AMAZON-02) (AMAZON-02)
3 5	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
2	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	52.222.214.97 52.222.214.97	16509 (AMAZON-02) (AMAZON-02)
2 3	3.224.245.7 3.224.245.7	14618 (AMAZON-AES) (AMAZON-AES)
2 3	52.30.153.205 52.30.153.205	16509 (AMAZON-02) (AMAZON-02)
1 1	54.76.93.140 54.76.93.140	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	52.57.77.229 52.57.77.229	16509 (AMAZON-02) (AMAZON-02)
1	216.46.185.183 216.46.185.183	13649 (ASN-VINS) (ASN-VINS)
1	141.95.98.69 141.95.98.69	16276 (OVH) (OVH)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
2	104.89.28.165 104.89.28.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	95.216.101.186 95.216.101.186	24940 (HETZNER-AS) (HETZNER-AS)
2	2600:9000:223... 2600:9000:223f:200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	3.74.89.102 3.74.89.102	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	52.215.192.132 52.215.192.132	16509 (AMAZON-02) (AMAZON-02)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	34.96.67.224 34.96.67.224	15169 (GOOGLE) (GOOGLE)
3 3	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.66.148.198 3.66.148.198	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2	52.49.242.166 52.49.242.166	16509 (AMAZON-02) (AMAZON-02)
2 2	54.205.192.169 54.205.192.169	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4602:5071:4299:50e2:8b7b	14618 (AMAZON-AES) (AMAZON-AES)
3	34.102.232.42 34.102.232.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
202	94

10 2600:9000:2490:3400:18:47f6:9500:93a1 (United States)

ASN16509 (AMAZON-02, US)

dvwqrjezrqfys.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.217.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-217-194.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:b777 (United States)

ASN13335 (CLOUDFLARENET, US)

uiepkt6livx9uscgsxxisxblarp1fy-lib.idwall.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:2490:3000:18:47f6:9500:93a1 (United States)

ASN16509 (AMAZON-02, US)

devassets.bitso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:3::210:ee87 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.171.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-171-150.mxp64.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:fc00:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.140 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:5e00:1f:95f6:9b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.cgcmd.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.101.77.203 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-77-203.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.49 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.10.147.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-147-33.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-214.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

fast.appcues.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-48.dus51.r.cloudfront.net

static.clevertap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.33.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.33.211.130.bc.googleusercontent.com

md-ll.apptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:6e00:8:ac1e:8ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

us1.wzrkt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.157.4.24 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.154.103.240 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-103-240.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.89.29.143 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-29-143.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.55.177 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-55-177.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.158.225.181 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-225-181.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.225.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-225-163.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.243.60.138 (Aalborg, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.203.96.202 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-96-202.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.193.248 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-193-248.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.91.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.170.64 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.162.172.91 (Frankfurt am Main, Germany) 4 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1489-91.members.linode.com

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.65.169 (Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: tags11.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.210.226.73 (Germany) 1 redirects

ASN48314 (IP-PROJECTS, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.241.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-241-23.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.91 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-97.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.224.245.7 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-245-7.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.30.153.205 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-153-205.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.93.140 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-93-140.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Sankt Georgen im Schwarzwald, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.77.229 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-77-229.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.46.185.183 (United States)

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.69 (France)

ASN16276 (OVH, FR)
PTR: ns3216534.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.28.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-28-165.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.101.186 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.74.89.102 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-89-102.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.192.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-192-132.eu-west-1.compute.amazonaws.com

bitso.statuspage.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.sift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.90 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.66.148.198 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-148-198.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.242.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-242-166.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.205.192.169 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-192-169.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4602:5071:4299:50e2:8b7b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	bitso.com devassets.bitso.com	11 MB
18	adform.net 3 redirects s2.adform.net — Cisco Umbrella Rank: 5651 a2.adform.net — Cisco Umbrella Rank: 5942 c1.adform.net — Cisco Umbrella Rank: 583 dmp.adform.net — Cisco Umbrella Rank: 4326	40 KB
12	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	1 KB
12	criteo.com 5 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4153 gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2727 sslwidget.criteo.com — Cisco Umbrella Rank: 1530 widget.us.criteo.com — Cisco Umbrella Rank: 16628 dis.criteo.com — Cisco Umbrella Rank: 717	34 KB
10	cloudfront.net dvwqrjezrqfys.cloudfront.net	127 KB
8	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 408 ib.adnxs.com — Cisco Umbrella Rank: 244	8 KB
7	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	585 KB
7	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 119 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	3 KB
6	adsafety.net 5 redirects cm.adsafety.net — Cisco Umbrella Rank: 4618 tags.adsafety.net — Cisco Umbrella Rank: 138219	10 KB
6	mathtag.com 2 redirects pixel.mathtag.com — Cisco Umbrella Rank: 987	5 KB
5	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 299 ads.yahoo.com — Cisco Umbrella Rank: 1058	1021 B
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 982 trc.taboola.com — Cisco Umbrella Rank: 672 trc-events.taboola.com — Cisco Umbrella Rank: 1600 sync-t1.taboola.com — Cisco Umbrella Rank: 1188	20 KB
4	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	2 KB
4	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 516	972 B
4	t.co t.co — Cisco Umbrella Rank: 455	898 B
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 395 www.linkedin.com — Cisco Umbrella Rank: 485 px4.ads.linkedin.com — Cisco Umbrella Rank: 5675	3 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 966	71 KB
4	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1888	34 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
3	hexagon-analytics.com hexagon-analytics.com — Cisco Umbrella Rank: 5512	480 B
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 543 i6.liadm.com — Cisco Umbrella Rank: 1491	1 KB
3	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 192	3 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2310	5 KB
3	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 716	805 B
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1268 load77.exelator.com — Cisco Umbrella Rank: 3214	2 KB
3	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1128 se.semasio.net — Cisco Umbrella Rank: 22927	2 KB
3	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608 r.casalemedia.com — Cisco Umbrella Rank: 1528	3 KB
3	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3088	2 KB
3	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 642	1 KB
3	appcues.com fast.appcues.com — Cisco Umbrella Rank: 6485	124 KB
3	segment.io api.segment.io — Cisco Umbrella Rank: 960	547 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 5133 www.google.com — Cisco Umbrella Rank: 8	921 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	196 KB
2	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1767	439 B
2	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 410	279 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 444	581 B
2	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 659	480 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 11945	805 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 938 criteo-sync.teads.tv — Cisco Umbrella Rank: 1626	344 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10026	528 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 790	1 KB
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 611	797 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 367	529 B
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3729	968 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 483	654 B
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 321	107 B
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 559	69 B
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 653	326 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 3590	692 B
2	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 711 pixel.rubiconproject.com — Cisco Umbrella Rank: 336	453 B
2	wzrkt.com us1.wzrkt.com — Cisco Umbrella Rank: 42707	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5448	565 B
2	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1355	89 KB
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 694	476 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1333	40 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 529	785 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1529	235 B
1	sift.com cdn.sift.com — Cisco Umbrella Rank: 12138	20 KB
1	statuspage.io bitso.statuspage.io — Cisco Umbrella Rank: 725710	682 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 939	134 B
1	contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 19375	49 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 550	1 KB
1	ib-ibi.com global.ib-ibi.com — Cisco Umbrella Rank: 1773	72 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1653	456 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 445	489 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 16505	444 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 457	338 B
1	smartstream.tv 1 redirects ads.smartstream.tv — Cisco Umbrella Rank: 34125	849 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 20252	406 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 1861	275 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 976	344 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 681	711 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 17454	334 B
1	apptimize.com md-ll.apptimize.com — Cisco Umbrella Rank: 337956	16 KB
1	clevertap.com static.clevertap.com — Cisco Umbrella Rank: 202083	15 KB
1	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 3935	18 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1534	157 B
1	globo.com tags.cgcmd.globo.com — Cisco Umbrella Rank: 352698	5 KB
1	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 20612	9 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	995 B
1	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 627	2 KB
1	segment.com cdn.segment.com — Cisco Umbrella Rank: 1452	58 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 780	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 632	15 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1395	8 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	idwall.services uiepkt6livx9uscgsxxisxblarp1fy-lib.idwall.services	48 KB
1	freshchat.com wchat.freshchat.com — Cisco Umbrella Rank: 10033	17 KB
202	89

	Domain	Requested by
20	devassets.bitso.com	dvwqrjezrqfys.cloudfront.net devassets.bitso.com
12	c1.adform.net	2 redirects a2.adform.net c1.adform.net
12	www.facebook.com	dvwqrjezrqfys.cloudfront.net
10	dvwqrjezrqfys.cloudfront.net	devassets.bitso.com dvwqrjezrqfys.cloudfront.net
7	connect.facebook.net	dvwqrjezrqfys.cloudfront.net connect.facebook.net
6	pixel.mathtag.com	2 redirects dvwqrjezrqfys.cloudfront.net pixel.mathtag.com
5	secure.adnxs.com	3 redirects c1.adform.net
5	cm.adsafety.net	4 redirects c1.adform.net
4	cm.g.doubleclick.net	4 redirects
4	x.bidswitch.net	2 redirects
4	gum.criteo.com	3 redirects dynamic.criteo.com
4	analytics.twitter.com	dvwqrjezrqfys.cloudfront.net
4	t.co	dvwqrjezrqfys.cloudfront.net
4	analytics.tiktok.com	dvwqrjezrqfys.cloudfront.net analytics.tiktok.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com dvwqrjezrqfys.cloudfront.net
3	hexagon-analytics.com
3	dis.criteo.com
3	ib.adnxs.com	3 redirects
3	dmp.adform.net	c1.adform.net
3	dpm.demdex.net	2 redirects
3	a.audrte.com	2 redirects c1.adform.net
3	sync.crwdcntrl.net	2 redirects c1.adform.net
3	ups.analytics.yahoo.com	1 redirects c1.adform.net
3	ad.yieldlab.net	c1.adform.net
3	ad.360yield.com	1 redirects c1.adform.net
3	fast.appcues.com	cdn.segment.com fast.appcues.com
3	api.segment.io	devassets.bitso.com
3	www.googletagmanager.com	dvwqrjezrqfys.cloudfront.net www.googletagmanager.com
2	i.liadm.com	2 redirects
2	sync-criteo.ads.yieldmo.com
2	ads.yahoo.com
2	trc-events.taboola.com	devassets.bitso.com
2	eb2.3lift.com	c1.adform.net
2	pixel.tapad.com	2 redirects
2	s.ad.smaato.net	c1.adform.net
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	simage2.pubmatic.com	c1.adform.net
2	match.adsrvr.org	c1.adform.net
2	pixel.onaudience.com	2 redirects
2	tags.bluekai.com	c1.adform.net
2	idsync.rlcdn.com	c1.adform.net
2	loadm.exelator.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	match.sharethrough.com	c1.adform.net
2	rtb-csync.smartadserver.com	c1.adform.net
2	ih.adscale.de	2 redirects
2	us1.wzrkt.com	static.clevertap.com
2	a2.adform.net	1 redirects dvwqrjezrqfys.cloudfront.net
2	px.ads.linkedin.com	2 redirects
2	dynamic.criteo.com	1 redirects dvwqrjezrqfys.cloudfront.net
2	www.google.de	dvwqrjezrqfys.cloudfront.net
2	region1.analytics.google.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.googleoptimize.com	www.googletagmanager.com
1	i6.liadm.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	pixel.rubiconproject.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	contextual.media.net
1	r.casalemedia.com
1	visitor.omnitagjs.com
1	cdn.sift.com	dvwqrjezrqfys.cloudfront.net
1	bitso.statuspage.io	devassets.bitso.com
1	widget.us.criteo.com	dvwqrjezrqfys.cloudfront.net
1	sslwidget.criteo.com	1 redirects
1	e1.emxdgt.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	global.ib-ibi.com	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	se.semasio.net	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	a1.seadform.net	dvwqrjezrqfys.cloudfront.net
1	mug.criteo.com	dvwqrjezrqfys.cloudfront.net
1	md-ll.apptimize.com	devassets.bitso.com
1	static.clevertap.com	cdn.segment.com
1	cdn.amplitude.com	cdn.segment.com
1	trc.taboola.com	cdn.taboola.com
1	alb.reddit.com	dvwqrjezrqfys.cloudfront.net
1	px4.ads.linkedin.com	dvwqrjezrqfys.cloudfront.net
1	www.linkedin.com	1 redirects
1	www.google.com	dvwqrjezrqfys.cloudfront.net
1	tags.cgcmd.globo.com	www.googletagmanager.com
1	cdn.taboola.com	dvwqrjezrqfys.cloudfront.net
1	s2.adform.net	dvwqrjezrqfys.cloudfront.net
1	cdn.matomo.cloud	dvwqrjezrqfys.cloudfront.net
1	fonts.googleapis.com	devassets.bitso.com
1	static.hotjar.com	dvwqrjezrqfys.cloudfront.net
1	cdn.segment.com	dvwqrjezrqfys.cloudfront.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	uiepkt6livx9uscgsxxisxblarp1fy-lib.idwall.services	dvwqrjezrqfys.cloudfront.net
1	wchat.freshchat.com	dvwqrjezrqfys.cloudfront.net
202	114

This site contains links to these domains. Also see Links.

Domain
bitso.com
blog.bitso.com
support.bitso.com
www.youtube.com
www.facebook.com
twitter.com
instagram.com
t.me
status.bitso.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.freshchat.com Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh
*.idwall.services Sectigo RSA Domain Validation Secure Server CA	`2022-05-25` - `2023-06-02`	a year	crt.sh
devassets.bitso.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-08` - `2023-04-08`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-03` - `2022-12-30`	6 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-16` - `2022-07-15`	3 months	crt.sh
cdn.matomo.cloud Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
tags.cgcmd.globo.com Amazon	`2022-06-06` - `2023-07-04`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-03` - `2022-12-30`	6 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.apptimize.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-20`	a year	crt.sh
fast.appcues.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-01-28` - `2023-03-01`	a year	crt.sh
us1.wzrkt.com Amazon	`2022-04-06` - `2023-05-05`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.ib-ibi.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-01` - `2023-04-01`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2022-05-31` - `2023-06-04`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.statuspage.io DigiCert TLS RSA SHA256 2020 CA1	`2021-07-12` - `2022-08-12`	a year	crt.sh
*.sift.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-07` - `2023-01-20`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.360yield.com Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2021-08-05` - `2022-09-03`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-18` - `2022-08-03`	2 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-07` - `2022-11-30`	6 months	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
*.hexagon-analytics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh

This page contains 6 frames:

Primary Page: http://dvwqrjezrqfys.cloudfront.net/
Frame ID: DD44C91F193577E36CA861AED3359AAE
Requests: 123 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/sampling-data-scripts/0099/5674.json?t=460269
Frame ID: 4FA8BA853C385947E9A0334FE8251A66
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=656562c3-5a09-4400-a016-9c52f9220daa&no_iframe=1&mt_adid=250816&source=mathtag
Frame ID: A525A5CF2130EE5823E98374111333BA
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=dvwqrjezrqfys.cloudfront.net&origin=onetag
Frame ID: 6B96C9B8DCD77F5D1E78830013A3AE7B
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Frame ID: FD48A45CF72E2DDF7FC2E61341F24327
Requests: 46 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6479559261711099152
Frame ID: 8BFF1E51022151218A52F44987023016
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Buy and sell bitcoin and other cryptocurrencies in a few minutes | Bitso

Detected technologies

Freshchat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

wchat\.freshchat\.com/js/widget\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

Page Statistics

202
Requests

77 %
HTTPS

26 %
IPv6

89
Domains

114
Subdomains

94
IPs

11
Countries

12748 kB
Transfer

16114 kB
Size

119
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://bitso.com/landing/plus
Title: Learn more ↗

Search URL Search Domain Scan URL

URL: https://blog.bitso.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://support.bitso.com/hc/en-us
Title: Help Center

Search URL Search Domain Scan URL

URL: https://www.youtube.com/bitso

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BitsoGlobal

Search URL Search Domain Scan URL

URL: https://twitter.com/bitso

Search URL Search Domain Scan URL

URL: https://instagram.com/bitso

Search URL Search Domain Scan URL

URL: https://t.me/Bitso_Global

Search URL Search Domain Scan URL

URL: http://status.bitso.com/
Title: All systems operational

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

http://pixel.mathtag.com/event/js?mt_id=1574886&mt_adid=250816&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP 302
https://pixel.mathtag.com/event/js?mt_id=1574886&mt_adid=250816&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=

Request Chain 31

http://dynamic.criteo.com/js/ld/ld.js?a=94442 HTTP 302
https://dynamic.criteo.com/js/ld/ld.js?a=94442

Request Chain 49

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3596236%2C1655746&time=1656969737375&url=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3596236%252C1655746%26time%3D1656969737375%26url%3Dhttp%253A%252F%252Fdvwqrjezrqfys.cloudfront.net%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3596236%2C1655746&time=1656969737375&url=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3596236%2C1655746&time=1656969737375&url=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&liSync=true&e_ipv6=AQKDEsH75AmtRQAAAYHLF7gbF72ewucbSAId5SzSrfCGNEQGovLKNEpRZV9X9dMKlEnMzK1uHqqBBvMLUP-ha-gOj_yX6w

Request Chain 62

https://a2.adform.net/Serving/TrackPoint/?pm=2579328&ADFdivider=%7C&ord=729135611793&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2579328&ADFdivider=%7C&ord=729135611793&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F

Request Chain 84

https://gum.criteo.com/sid/json?origin=onetag&domain=dvwqrjezrqfys.cloudfront.net&sn=ChromeSyncframe&so=0&topUrl=dvwqrjezrqfys.cloudfront.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=7zVGEXxPeDlrREdwNytWd1lJQ0lYR1pJcUxDOVI0QWdmNkt5VzQvVnBudzA0cTBOQy9DNmg2SVBPaTRGcG5KV2hRSTFkeHpPZ3dNMzEvQmkvY3dPVHoyUW0rcGVhelU3NVlpdmdlbUtIR3EwbUt4M1A4WEE5aVpvTXFDOHRWa0dJdjI1Zk5XZC9SRmJNeURjcTNFd1ZCb25HemJObzc3em45L3laTXYvbjY5QnlPNG4rR1ZoSFBsV0wvVjFtZEtQV29rN3FwQjVhMFBrU0tyNTcwMUpRS04xZFFHTUY5bVNwYkNmVEVpdTNzSk9nK1h5VVlaczljRnFzWThZUmFlcE5FWFM1bkQ0MnRRMmFDcXhPbmpwTmVZSlZqNmttRVBhamt3d3RncTRaRUtGc20ycz18&cppv=2

Request Chain 92

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=8824525853337226152&Expiration=1658179337 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=8824525853337226152&Expiration=1658179337

Request Chain 95

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=8824525853337226152&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=8824525853337226152&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=17cc41e8fe23419db93b1aa045dbb343 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=a8aadfde8b19f7945ef41106c49426e2c367d7a0412a947deeabf6ef2f185491

Request Chain 97

https://ups.analytics.yahoo.com/ups/55944/sync?uid=8824525853337226152&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=8824525853337226152&_origin=1&verify=true

Request Chain 99

https://x.bidswitch.net/sync?dsp_id=70&user_id=8824525853337226152 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=8824525853337226152 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=23766f42-0082-4438-b02e-9db4de8857b5&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=

Request Chain 100

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8824525853337226152&expiration=1658179337 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8824525853337226152&expiration=1658179337&C=1

Request Chain 101

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=8824525853337226152&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=8824525853337226152&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=8824525853337226152&gdpr=&gdpr_consent=&sInitiator=external

Request Chain 103

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8824525853337226152 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8824525853337226152&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 105

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=8824525853337226152/gdpr=/gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=8824525853337226152/gdpr=/gdpr_consent=

Request Chain 108

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 109

https://pixel.onaudience.com/?mapped=8824525853337226152&partner=68 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0cd79b888fe55605/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 110

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=8824525853337226152 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM12022070421091cb33a957922a9a6d&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=bf3944d01da2ef4123bfc60eab2d1f09 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12022070421091cb33a957922a9a6d&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=bf3944d01da2ef4123bfc60eab2d1f09&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMjA3MDQyMTA5MWNiMzNhOTU3OTIyYTlhNmQ HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEEroINNVp15uqm7bxuRU8ok&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12022070421091cb33a957922a9a6d HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=8824525853337226152

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=ODgyNDUyNTg1MzMzNzIyNjE1Mg HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELZlx5_fzQ-AH3G9YhkWjTk&google_cver=1&google_ula=1641347,0

Request Chain 113

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=6479559261711099152&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=8824525853337226152

Request Chain 117

https://a.audrte.com/a?adform_uid=8824525853337226152 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEB4BJ4oRV466_OX05FJu-A8&google_cver=1 HTTP 302
https://a.audrte.com/p

Request Chain 118

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=8824525853337226152&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=8824525853337226152&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=62156898293777233190154425285124627686&noredirect=1

Request Chain 119

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=8824525853337226152 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219973204202004636147

Request Chain 120

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7116630835187611791

Request Chain 122

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=656562c3-5a09-4400-a016-9c52f9220daa

Request Chain 123

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=4itdNy001O8twm5

Request Chain 127

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2699333156 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=jhmIDN3Y24LNS3HiGwM76.

Request Chain 129

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=8824525853337226152 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=8824525853337226152&cs=1

Request Chain 131

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=8824525853337226152&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=8824525853337226152&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=3822843f-37cc-4f6a-b291-28075953b5a0

Request Chain 136

https://sslwidget.criteo.com/event?a=94442&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=V957X19yMEJ0bVpXJTJGd1ZvWmdWbVhaNXRHa0Eya0swbXNzd0xvOWhIdGslMkJwZUxlUUFQOTZ6c0NLUEl3Mzk5JTJCdXA2a2F3VzlScmpEMkFDMnRGOTBMSUZuQ0gyaHNUNDFhMmFTR25DcUo5U3J3cjlFanVTQ29mRCUyRjJEN3NEaHR0MHdkenJ0RmN6TUNOUW9nVHRnaUJYc3dQeVMzMHZvbXlkQ08yOWZDR3VqdktTV1J2VSUzRA&tld=dvwqrjezrqfys.cloudfront.net&dy=1&fu=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&dtycbr=95388 HTTP 302
https://widget.us.criteo.com/event?a=94442&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=V957X19yMEJ0bVpXJTJGd1ZvWmdWbVhaNXRHa0Eya0swbXNzd0xvOWhIdGslMkJwZUxlUUFQOTZ6c0NLUEl3Mzk5JTJCdXA2a2F3VzlScmpEMkFDMnRGOTBMSUZuQ0gyaHNUNDFhMmFTR25DcUo5U3J3cjlFanVTQ29mRCUyRjJEN3NEaHR0MHdkenJ0RmN6TUNOUW9nVHRnaUJYc3dQeVMzMHZvbXlkQ08yOWZDR3VqdktTV1J2VSUzRA&tld=dvwqrjezrqfys.cloudfront.net&dy=1&fu=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&dtycbr=95388

Request Chain 166

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6479559261711099152

Request Chain 167

https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6479559261711099152

Request Chain 169

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-d2wQyP_jnn07gURqtBtlCEOqJ5fVnyH6A9edcQ&google_cm&google_hm=ay1kMndReVBfam5uMDdnVVJxdEJ0bENFT3FKNWZWbnlINkE5ZWRjUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-d2wQyP_jnn07gURqtBtlCEOqJ5fVnyH6A9edcQ&google_gid=CAESEO_h3gsFP_-Vied0pu3CBpg&google_cver=1&google_ula=913071,0

Request Chain 173

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=N5pR941zUMsakUiZQOUA2Kd4CbHKqHKp

Request Chain 189

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ULVj4f_jnn07gURqtBtlCEOqJ5ey45wmeP1Y7g HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ULVj4f_jnn07gURqtBtlCEOqJ5ey45wmeP1Y7g&_li_chk=true&previous_uuid=f25e27bd47a64794ba63dc3aa3ebd75c HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ULVj4f_jnn07gURqtBtlCEOqJ5ey45wmeP1Y7g

Request Chain 195

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=auQffjc1swQvoxNFNZ09hUoEYo8JkCnh

202 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
dvwqrjezrqfys.cloudfront.net/ 12 KB
13 KB 295ms
261ms Document
text/html 2600:9000:2490:3400:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: HTTP/1.1
Server: 2600:9000:2490:3400:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e424e2753ee9ff953867ccff859fd907c24a6978a535f40eab7b9d91bc98046

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: public,max-age=1,s-maxage=31536000
Connection: keep-alive
Content-Length: 12515
Content-Type: text/html
Date: Mon, 04 Jul 2022 21:22:16 GMT
ETag: "a36309ccf4fd5b9c4470873e011c6037"
Last-Modified: Mon, 04 Jul 2022 20:04:26 GMT
Server: AmazonS3
Via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 65Dlbmuf2tX5fUooZT2aDWCndSAzfIC3XsKc0UqoWX10udVxJ33GHA==
X-Amz-Cf-Pop: FRA56-P6
X-Cache: Error from cloudfront
x-amz-replication-status: COMPLETED
x-amz-version-id: LKtt6gBpdY5HOOi6NGSKlLuY8JRLc_M3

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 41ms
20ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-46463905-2

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a28fa88da3fc0245440ac2d55cac638928235332433fa683608ee15d8fa8149

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40373
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Jul 2022 21:22:15 GMT

GET
H/1.1 200
OK widget.js Show response
wchat.freshchat.com/js/ 55 KB
17 KB 705ms
489ms Script
application/javascript 54.156.217.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.217.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-217-194.compute-1.amazonaws.com

Software

fwe /

Resource Hash

b07907a9874e59df58448f4daba3df53b43c6339ec6f610b458aa660f50630ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 21:22:16 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 0834b010-0362-9cf6-b170-3217f7622498
x-trace-id: 00-6439d034a74c9bfae495e4a554b1e2ac-27879a5bb541fd32-01
served-by: 5323
last-modified: Thu, 30 Jun 2022 14:04:23 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 5323
Content-Type: application/javascript

GET
H2 200 index.js Show response
uiepkt6livx9uscgsxxisxblarp1fy-lib.idwall.services/ 149 KB
48 KB 258ms
29ms Script
text/javascript 2606:4700::6813:b777
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uiepkt6livx9uscgsxxisxblarp1fy-lib.idwall.services/index.js

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b777 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b068a1bf231b42c941bb2fd705c6ec74cd82cdd93b51fa65fdba1686d078eaf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:16 GMT
content-encoding: gzip
vary: x-fh-requested-host, accept-encoding
cf-cache-status: DYNAMIC
x-cache: HIT
content-length: 48199
x-served-by: cache-fra19175-FRA
last-modified: Tue, 03 May 2022 19:47:09 GMT
server: cloudflare
x-timer: S1656969736.160897,VS0,VE0
etag: "2161d785fd223058971b4f02e8b400b6eb3f3c6a60198825aea9304872a6c35d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 725aea52ee5f23f7-ZRH
x-cache-hits: 2

GET
H2 200 35.25f9e66a.chunk.css
devassets.bitso.com/static/css/ 18 KB
18 KB 55ms
7ms Stylesheet
text/css 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://devassets.bitso.com/static/css/35.25f9e66a.chunk.css
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22b83895c849be59e6dd61220a87731301d55e438014db2b355d26dc545198e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 19:23:32 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Mon, 20 Jun 2022 18:47:31 GMT
server: AmazonS3
age: 1216724
etag: "bbdd21f0d0d9206e4a80bddb9759b25a"
x-cache: Hit from cloudfront
x-amz-version-id: hZMp.SRPaeNS1MOoLrfy3iaJwBoInNEw
cache-control: public,max-age=31536000,s-maxage=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-type: text/css
content-length: 18030
x-amz-cf-id: GfT2ISmwq9PijrwprC7C7l7FHnoagzBn3gwEOu-_6kw1HifyjlK8Sw==

GET
H2 200 main.632acc9a.chunk.css
devassets.bitso.com/static/css/ 406 KB
407 KB 60ms
12ms Stylesheet
text/css 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://devassets.bitso.com/static/css/main.632acc9a.chunk.css
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54ce164d81d37d31f11a22b96115427013788698707b90275401913be8f58254

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 19:23:32 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Mon, 20 Jun 2022 18:47:31 GMT
server: AmazonS3
age: 1216724
etag: "30660f7a58801a04bf584c164a6e6277"
x-cache: Hit from cloudfront
x-amz-version-id: vOw77uhh7jBfMkpIRuEfn03iWjrLT0jq
cache-control: public,max-age=31536000,s-maxage=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-type: text/css
content-length: 416036
x-amz-cf-id: Ado66zyH6Qme7diI5WxBOUN37-ZghbMrlWmpcYXliLknv-RtGpbKBQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 302 KB
86 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5B8XC

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5caaa252cbd5c9edb4320c2afe15034455aada66c587fdf1dc1275b0b7d3573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88061
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Jul 2022 21:22:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-46463905-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1568
date: Mon, 04 Jul 2022 20:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Jul 2022 22:56:08 GMT

GET
H2 200 35.520465e5.chunk.js Show response
devassets.bitso.com/static/js/ 4 MB
4 MB 68ms
68ms Script
application/javascript 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://devassets.bitso.com/static/js/35.520465e5.chunk.js
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4b5fbd0f6fe592c10a5d2ee7ace74c60b325d73c3c59be3a3b8f42eabc6fe21

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:03:00 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Mon, 04 Jul 2022 20:03:57 GMT
server: AmazonS3
age: 1156
etag: "918b66eb7cefd2fa33a00245ab6f3acc"
x-cache: Hit from cloudfront
x-amz-version-id: W0Yj50RwWKozgGAW6T12yunVbzvO_xIR
cache-control: public,max-age=31536000,s-maxage=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-type: application/javascript
content-length: 3692715
x-amz-cf-id: a69QlBhILbwRQO0RFL5A89LwGTNsdTN6VqSBgwO3hHTRfxpAMyJpfQ==

GET
H2 200 main.e0de7eb9.chunk.js Show response
devassets.bitso.com/static/js/ 5 MB
5 MB 11ms
11ms Script
application/javascript 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://devassets.bitso.com/static/js/main.e0de7eb9.chunk.js
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4f92c8bd54fde116543b873056fb6e75866160e39ce9c8265302cb0ad822e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:03:01 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Mon, 04 Jul 2022 20:04:05 GMT
server: AmazonS3
age: 1156
etag: "0cf5186b32ac6470994d559f03e99f60"
x-cache: Hit from cloudfront
x-amz-version-id: 7TIZzC7RI6fu0D4RRrQ4od_f6G4vDdiI
cache-control: public,max-age=31536000,s-maxage=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-type: application/javascript
content-length: 4993721
x-amz-cf-id: h8UXnwLqc_Tm7d4PG2Qie3iu9RAs6RpjbHeJL7R3aaeXyCMVXAUgFw==

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 106 KB
41 KB 42ms
21ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-58KFV9M

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5B8XC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6cc89ce7939361c4938a6c029a15ceed9e5f393b065164626370ae93f4aedf22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41423
x-xss-protection: 0
expires: Mon, 04 Jul 2022 21:22:16 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
70 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3SEYSRMJJL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5B8XC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0bd68a44bde3bc97553d0345869239790b25dafd1e6e31529527f980e9ffc84a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71249
x-xss-protection: 0
expires: Mon, 04 Jul 2022 21:22:16 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 51ms
16ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5B8XC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Jul 2022 21:22:16 GMT

GET
H2 200 5674.js Show response
script.crazyegg.com/pages/scripts/0099/ 6 KB
2 KB 76ms
23ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0099/5674.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5B8XC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708bddd932753f031a7a067f655352c69302994f527a7a9493af85d6abae03bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:16 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 14759
cf-polished: origSize=6055
cf-ray: 725aea55ee830211-ZRH
ce-version: 11.1.455
last-modified: Mon, 04 Jul 2022 17:16:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 24 KB
8 KB 77ms
16ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5B8XC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:16 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 18 Apr 2022 22:30:59 GMT
server: snooserv
etag: "5dcf2f59e7a6e0d30193fedad78db790"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
accept-ranges: bytes
content-encoding: gzip
content-length: 7461

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 55 KB
15 KB 58ms
8ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5B8XC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:16 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 16:20:35 GMT
etag: "f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15166
x-served-by: cache-iad-kiad7000021-IAD, cache-hhn11543-HHN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 55ms
13ms Script
application/x-javascript 2a02:26f0:480:3::210:ee87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5B8XC
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:3::210:ee87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 21:22:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=47872
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H3 200 optimize.js Show response
www.googleoptimize.com/ 131 KB
48 KB 37ms
22ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-53L2SGR

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5B8XC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13cd74548a61c1450f7e0df8a067651a3f1d97ea960544e0d083754e08736230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49321
x-xss-protection: 0
expires: Mon, 04 Jul 2022 21:22:16 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=238155691&t=pageview&_s=1&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&ul=en-us&de=UTF-8&dt=Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABQAAAAC~&jid=1624334718&gjid=103308754&cid=33744332.1656969736&tid=UA-46463905-2&_gid=1509299429.1656969736&_r=1&gtm=2ou6t0&z=1682616271

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://dvwqrjezrqfys.cloudfront.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://dvwqrjezrqfys.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=238155691&t=pageview&_s=1&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&ul=en-us&de=UTF-8&dt=Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABQAAAAC~&jid=561991048&gjid=1195763694&cid=33744332.1656969736&tid=UA-46463905-1&_gid=1509299429.1656969736&_r=1&gtm=2wg6t0W5B8XC&z=2105282677

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://dvwqrjezrqfys.cloudfront.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://dvwqrjezrqfys.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
448 B 61ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-46463905-1&cid=33744332.1656969736&jid=561991048&gjid=1195763694&_gid=1509299429.1656969736&_u=aEDAAUABQAAAAC~&z=656115074

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://dvwqrjezrqfys.cloudfront.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 04 Jul 2022 21:22:16 GMT
content-type: text/plain
access-control-allow-origin: http://dvwqrjezrqfys.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
356 B 48ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3SEYSRMJJL&gtm=2oe6t0&_p=238155691&_z=ccd.v9B&_gaz=1&cid=33744332.1656969736&ul=en-us&sr=1600x1200&_s=1&sid=1656969736&sct=1&seg=0&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&dt=Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso&en=page_view&_fv=1&_ss=1&ep.custom_timestamp=1656969736531
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3SEYSRMJJL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://dvwqrjezrqfys.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 30ms
20ms Ping
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3SEYSRMJJL&cid=33744332.1656969736&gtm=2oe6t0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3SEYSRMJJL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://dvwqrjezrqfys.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 54ms
31ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3SEYSRMJJL&cid=33744332.1656969736&gtm=2oe6t0&aip=1&z=467254917

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/931193357/ 2 KB
2 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/931193357/?random=1656969736567&cv=9&fst=1656969736567&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&tiba=Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d6c6bd331b4ae72409753f2c30fb20b22105ac2539d35a0ee08e1ce53d92a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/zbxNUXW9p6HLmFqJ1IFfMZc7XDgEhhCT/ 373 KB
58 KB 737ms
674ms Script
text/javascript 13.226.171.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/zbxNUXW9p6HLmFqJ1IFfMZc7XDgEhhCT/analytics.min.js
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.171.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-171-150.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3166ab72d400c6236915abf1f44c5a1f2203f223864b3ce55ba26349d4bb00d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: Zd9rUcImAo9BPoBzwugc2yftPJC9kNuJ
content-encoding: br
etag: W/"a3601c1a8e1899a1d87915dcb0c91719"
x-amz-cf-pop: MXP64-C3
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 15 Jun 2022 20:32:36 GMT
server: AmazonS3
date: Mon, 04 Jul 2022 21:22:18 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 57a9fd6199fd862b4428c6c309905a74.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: O7vPDXoYsvkQUDUZDYw7R6utx71i3hOMHQ8A6XygCuFTXVfH20x29g==

GET
H2 200 hotjar-2718535.js Show response
static.hotjar.com/c/ 4 KB
2 KB 65ms
42ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2718535.js?sv=6

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

7086097badd696d4700754f863e94acf5b50a162b6f7c1715599030b60d9ef01

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:16 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 2035
access-control-allow-origin: *
x-cache-hit: 1
etag: W/9bbaef73b6bd4d3651d1059e83be158b
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-id: JkUIRfjxNwq7E6LC3lqdlaClpFCZ9cA0LH6KrbQoQXQYSWfOqw8ldg==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
995 B 36ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu+Mono

Requested by

Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/css/main.632acc9a.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2327fde75b38f16195ee96e5a3b6f34369626534c819aa9064e2941e314484a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://devassets.bitso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Jul 2022 21:00:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Jul 2022 21:22:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Jul 2022 21:22:16 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 33ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: OmZqrqlw6w96Liv7rJCBQYEKGUKgg8M1/oqLePENOWu+kOD98/yhxtq0kCRIEEv5duO+vd3FXyHpVrX8dj7qGg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Jul 2022 21:22:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

js Show response
pixel.mathtag.com/event/
Redirect Chain

http://pixel.mathtag.com/event/js?mt_id=1574886&mt_adid=250816&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
https://pixel.mathtag.com/event/js?mt_id=1574886&mt_adid=250816&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=

1 KB
2 KB

86ms
36ms

Script
text/javascript

2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1574886&mt_adid=250816&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: HTTP/1.1
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x9 config:1.0.0 /
Resource Hash: 732aa8a749ff45224203d4fce0ac17a28e12555149dcd792cdc3fcdb01f9ee15

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 21:22:17 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x9 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1485
Expires: Mon, 04 Jul 2022 21:22:16 GMT

Redirect headers

Date: Mon, 04 Jul 2022 21:22:16 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x14 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://pixel.mathtag.com/event/js?mt_id=1574886&mt_adid=250816&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 0
Expires: Mon, 04 Jul 2022 21:22:15 GMT

GET
H2 200 container_s1jZjiVL.js Show response
cdn.matomo.cloud/reverseads.matomo.cloud/ 27 KB
9 KB 35ms
6ms Script
application/javascript 2600:9000:223f:fc00:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/reverseads.matomo.cloud/container_s1jZjiVL.js
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:fc00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29c55bcdec23f1376efb2d2ae768bb893a7cda01e5f174a4ff1fc1ed060c9413

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 14:27:41 GMT
content-encoding: gzip
age: 370476
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 22 Jun 2022 07:24:30 GMT
server: AmazonS3
etag: W/"ad7516840bb5ff49686353839ba4b75c"
vary: Accept-Encoding
x-amz-version-id: xuCnzOpf3tcEToomj0PFMlakC1dpfmJ6
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
cache-control: max-age=691200
x-amz-cf-pop: FRA56-P5
content-type: application/javascript; charset=utf-8
x-amz-cf-id: hKQvrayN-pjONwJ71Ud6ISA0zKsgIL7KQFJjor8d50OhVuxl1UJMHA==

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
30 KB 143ms
29ms Script
application/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:16 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 11:34:23 GMT
server: nginx
x-amz-request-id: tx000000000000086ee99a0-0062c35758-3233e7e3-default
etag: W/"552eeb5f0620fb6f56733d625b5e719e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800

GET
H2

200

ld.js Show response
dynamic.criteo.com/js/ld/
Redirect Chain

http://dynamic.criteo.com/js/ld/ld.js?a=94442
https://dynamic.criteo.com/js/ld/ld.js?a=94442

42 KB
14 KB

52ms
25ms

Script
application/javascript

178.250.2.140
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=94442

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Server

178.250.2.140 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42f05e82f35f77d75b0e1fe97d9084997683540782eb653ba74cbe9444d7eb87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:16 GMT
content-encoding: br
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

Redirect headers

location: https://dynamic.criteo.com/js/ld/ld.js?a=94442
cache-control: no-cache
content-length: 0

GET
H/1.1 200
OK tfa.js Show response
cdn.taboola.com/libtrc/unip/1448272/ 55 KB
18 KB 19ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/unip/1448272/tfa.js
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: HTTP/1.1
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59a9925f18e1a165069c92666f9297ade9b7e908bcb0dc8ccad3e19c83751d47

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 6.xKCxZgznZydO9WKpqaUee_thwoBYBe
Content-Encoding: gzip
ETag: "48c0ffb4b983f0afc8a1aa5a525e22ef"
Age: 155
X-Cache: HIT
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 17389
x-amz-id-2: E1LeW1B7HKjmxVgjU/Hlce3tXP937Ts0togGQcPtc0pD3cTapursReIUGbE/S39JIA3U5SIR4Ts=
X-Served-By: cache-hhn4069-HHN
Last-Modified: Sun, 03 Jul 2022 11:08:10 GMT
Server: AmazonS3
X-Timer: S1656969737.700793,VS0,VE1
Date: Mon, 04 Jul 2022 21:22:16 GMT
Vary: Accept-Encoding
x-amz-request-id: F21G27692GSK52K2
Via: 1.1 varnish
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 1
X-Cache-Hits: 1

GET
H2 200 3ba26cf5-4a8a-4e37-958d-7f4c04e75fa1.js Show response
tags.cgcmd.globo.com/gp/ 26 KB
5 KB 480ms
7ms Script
text/javascript 2600:9000:2491:5e00:1f:95f6:9b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.cgcmd.globo.com/gp/3ba26cf5-4a8a-4e37-958d-7f4c04e75fa1.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5B8XC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:5e00:1f:95f6:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc7f157591d878ccb905b1c78123902f7c92f59b69ca19473f368664cc8a6ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: raxjOWFHZu9lClyzo5MVICpwxGyH4YkP
content-encoding: gzip
last-modified: Fri, 08 Apr 2022 16:24:58 GMT
server: AmazonS3
age: 526
etag: W/"62ce85bd9a5a371697c5ce7ff1830d45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
date: Mon, 04 Jul 2022 21:19:45 GMT
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: fDzztURn63pt07luTHb6WgK2jlxVN2f5jiX1A4I-HhBriYtelspUkQ==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
38 KB 160ms
98ms Script
application/javascript 95.101.77.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAH3Q2JC77U6DCD5S4TG&lib=ttq
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.77.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-77-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6b752dcc0e1a7704e2512964abc8c22e43f5ca960cf246545d228dbb42f51348

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-akamai-request-id: 2f9b52da.11609b87
date: Mon, 04 Jul 2022 21:22:16 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a172-232-9-7.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-77-199.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time: 91,95.101.77.199
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=9, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 202207042122160100040030050060030130675294F
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,172.232.9.7
x-tt-trace-host: 014bf54fae761ad62fa63ab54a879b6b527e5ff937cee81da60deabf2e4b8953bc53e337fc64332dfe07d9c137e0a8de245d16fd4386ec737f99aae2bdc10d43f376907df23a68c893bf52859a56e83276a0bc53a8027f717e0d5fa2705ed7b5cba72fdd0ff8e341c9bf78c998285a841f
expires: Mon, 04 Jul 2022 21:22:16 GMT

GET
H2 200 5674.json Show response
script.crazyegg.com/pages/data-scripts/0099/ 30 KB
3 KB 48ms
23ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0099/5674.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0099/5674.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a625bf40efc6cb275ae38b66e3b66512493be068852f74d2975c6bfacdaf27b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:16 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22517
ce-version: 11.1.455
content-length: 2516
timing-allow-origin: *
last-modified: Mon, 04 Jul 2022 15:06:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 725aea569e9901e7-ZRH

GET
H2 200 40.0cff1388.chunk.css
devassets.bitso.com/static/css/ 4 KB
4 KB 8ms
8ms Stylesheet
text/css 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://devassets.bitso.com/static/css/40.0cff1388.chunk.css
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e0a29d72a6a2e572e93429dea4479d1672e5cdb1fdbfcc853299cb13c9f1f69

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 17:19:48 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Thu, 16 Jun 2022 16:30:00 GMT
server: AmazonS3
age: 1569750
etag: "1bb19cf40d58d78172e4523e9c991fd2"
x-cache: Hit from cloudfront
x-amz-version-id: yWqkaf788wefpc4Kp_y3Ge2NGFWeTJWp
cache-control: public,max-age=31536000,s-maxage=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-type: text/css
content-length: 3869
x-amz-cf-id: a1tsH0B8WtXTgU5etpdlW_HyNTansDXk1ScGHVnbrXWTiPNGnaHsgw==

GET
H2 200 40.130f0231.chunk.js Show response
devassets.bitso.com/static/js/ 33 KB
33 KB 468ms
468ms Script
application/javascript 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://devassets.bitso.com/static/js/40.130f0231.chunk.js
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad36df86f597b3e99cba8bd189a7c621e2d3ec06d35d6ce36dfaeef91879e9f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Mon, 04 Jul 2022 20:03:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
etag: "c3292357eb9d743f22bb885634366091"
x-cache: Miss from cloudfront
x-amz-version-id: ZEIijHTypBF09vW408ZmLWYHvBrQ7pTn
cache-control: public,max-age=31536000,s-maxage=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: application/javascript
content-length: 33397
x-amz-cf-id: mSKxsl6EqF-C-yzdfffw-6pcszvgbnYD19xYPYYZQzekirAmHgnoBg==

GET
H2 200 5.509850f5.chunk.js Show response
devassets.bitso.com/static/js/ 32 KB
32 KB 490ms
489ms Script
application/javascript 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://devassets.bitso.com/static/js/5.509850f5.chunk.js
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ea00fcdbb1f0b48f11a12a672d1992f786e5e55f4a3c983fa56dcde2671492a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Mon, 04 Jul 2022 20:03:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
etag: "03884f2c1e5a9df73b88c075a42c5b92"
x-cache: Miss from cloudfront
x-amz-version-id: gtcwuVa0c7wSCNVYDCy37Fwcd8gkqyiH
cache-control: public,max-age=31536000,s-maxage=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: application/javascript
content-length: 32271
x-amz-cf-id: 8z6biXnSBJLSjOArOdHJnhF-LupDC88zroLLy9z_tkfyRMUhbeWqcQ==

GET
H2 200 37.291e930d.chunk.css
devassets.bitso.com/static/css/ 174 KB
174 KB 509ms
509ms Stylesheet
text/css 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://devassets.bitso.com/static/css/37.291e930d.chunk.css
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d5c068a045c07e3e416bfd7fb4a47bcfd298a4811f227089a37dac5562f6bbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Mon, 04 Jul 2022 20:03:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
etag: "279486470df1c80c68b7254939e112bd"
x-cache: Miss from cloudfront
x-amz-version-id: apo6jlEj4.gz57XEI6WvE1UXFXPbny_q
cache-control: public,max-age=31536000,s-maxage=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: text/css
content-length: 177819
x-amz-cf-id: O9Jdtqgd4_LpQeIx7TaHf2IHiatM4X0jzMiV7v7tnHBIR-2UVx0egg==

GET
H2 200 37.c5d615cf.chunk.js Show response
devassets.bitso.com/static/js/ 68 KB
69 KB 481ms
481ms Script
application/javascript 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://devassets.bitso.com/static/js/37.c5d615cf.chunk.js
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b021716c13a30574135730289aa7b17583f214dc38e190d09be7fd91480d135f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Mon, 04 Jul 2022 20:03:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
etag: "fac8cd77ac6ebde9e0eacf23a86329a8"
x-cache: Miss from cloudfront
x-amz-version-id: qD7nJUlBSvTeDlKVLPVh6zH4RRNnB4yK
cache-control: public,max-age=31536000,s-maxage=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: application/javascript
content-length: 70015
x-amz-cf-id: oyhh0a1jYn8Kh_meGRg-tEeBScz9XP4uvYqFDegYL4Q4U8f3p5gqmA==

GET
H/1.1 200
OK account_status Show response
dvwqrjezrqfys.cloudfront.net/api/v3/ 12 KB
13 KB 267ms
266ms XHR
text/html 2600:9000:2490:3400:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dvwqrjezrqfys.cloudfront.net/api/v3/account_status
Requested by: Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/js/35.520465e5.chunk.js
Protocol: HTTP/1.1
Server: 2600:9000:2490:3400:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e424e2753ee9ff953867ccff859fd907c24a6978a535f40eab7b9d91bc98046

Request headers

Accept: application/json, text/plain, */*
Referer: http://dvwqrjezrqfys.cloudfront.net/
Authorization: Bitso-CSRF-TOKEN undefined
Accept-Language: de-DE,de;q=0.9
bts-client-name: bitbank-wallet-web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
bts-client-version: 59b44ce18

Response headers

Date: Mon, 04 Jul 2022 21:22:18 GMT
Via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
Last-Modified: Mon, 04 Jul 2022 20:04:26 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P6
ETag: "a36309ccf4fd5b9c4470873e011c6037"
X-Cache: Error from cloudfront
x-amz-version-id: LKtt6gBpdY5HOOi6NGSKlLuY8JRLc_M3
Cache-Control: public,max-age=1,s-maxage=31536000
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 12515
X-Amz-Cf-Id: odVsY2K3h6go1w478djp98QTe8LxBl-IWRTgIILPchQBz91aRgr_Ag==

GET
H/1.1 200
OK settings Show response
dvwqrjezrqfys.cloudfront.net/api/v3/ 12 KB
13 KB 261ms
254ms XHR
text/html 2600:9000:2490:3400:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dvwqrjezrqfys.cloudfront.net/api/v3/settings
Requested by: Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/js/35.520465e5.chunk.js
Protocol: HTTP/1.1
Server: 2600:9000:2490:3400:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e424e2753ee9ff953867ccff859fd907c24a6978a535f40eab7b9d91bc98046

Request headers

Accept: application/json, text/plain, */*
Referer: http://dvwqrjezrqfys.cloudfront.net/
Authorization: Bitso-CSRF-TOKEN undefined
Accept-Language: de-DE,de;q=0.9
bts-client-name: bitbank-wallet-web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
bts-client-version: 59b44ce18

Response headers

Date: Mon, 04 Jul 2022 21:22:18 GMT
Via: 1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
Last-Modified: Mon, 04 Jul 2022 20:04:26 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P6
ETag: "a36309ccf4fd5b9c4470873e011c6037"
X-Cache: Error from cloudfront
x-amz-version-id: LKtt6gBpdY5HOOi6NGSKlLuY8JRLc_M3
Cache-Control: public,max-age=1,s-maxage=31536000
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 12515
X-Amz-Cf-Id: UiA_Xq5bGKxRzoVJplfT88YuLcjPvO-NrH4PTjE_zvnkbf0Pf4E7_A==

GET
H/1.1 200
OK mxn Show response
dvwqrjezrqfys.cloudfront.net/api/v3/get_exchange_rates/ 12 KB
13 KB 264ms
258ms XHR
text/html 2600:9000:2490:3400:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dvwqrjezrqfys.cloudfront.net/api/v3/get_exchange_rates/mxn
Requested by: Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/js/35.520465e5.chunk.js
Protocol: HTTP/1.1
Server: 2600:9000:2490:3400:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e424e2753ee9ff953867ccff859fd907c24a6978a535f40eab7b9d91bc98046

Request headers

Accept: application/json, text/plain, */*
Referer: http://dvwqrjezrqfys.cloudfront.net/
Authorization: Bitso-CSRF-TOKEN undefined
Accept-Language: de-DE,de;q=0.9
bts-client-name: bitbank-wallet-web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
bts-client-version: 59b44ce18

Response headers

Date: Mon, 04 Jul 2022 21:22:18 GMT
Via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
Last-Modified: Mon, 04 Jul 2022 20:04:26 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P6
ETag: "a36309ccf4fd5b9c4470873e011c6037"
X-Cache: Error from cloudfront
x-amz-version-id: LKtt6gBpdY5HOOi6NGSKlLuY8JRLc_M3
Cache-Control: public,max-age=1,s-maxage=31536000
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 12515
X-Amz-Cf-Id: hR-CfA1Ts4k3Pnz7udhY1h7jqd0AgNfvWKBn-G8x-Mx5SLMiTnaRTQ==

GET
H/1.1 200
OK catalogues Show response
dvwqrjezrqfys.cloudfront.net/api/v3/ 12 KB
13 KB 263ms
256ms XHR
text/html 2600:9000:2490:3400:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dvwqrjezrqfys.cloudfront.net/api/v3/catalogues
Requested by: Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/js/35.520465e5.chunk.js
Protocol: HTTP/1.1
Server: 2600:9000:2490:3400:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e424e2753ee9ff953867ccff859fd907c24a6978a535f40eab7b9d91bc98046

Request headers

Accept: application/json, text/plain, */*
Referer: http://dvwqrjezrqfys.cloudfront.net/
Authorization: Bitso-CSRF-TOKEN undefined
Accept-Language: de-DE,de;q=0.9
bts-client-name: bitbank-wallet-web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
bts-client-version: 59b44ce18

Response headers

Date: Mon, 04 Jul 2022 21:22:18 GMT
Via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
Last-Modified: Mon, 04 Jul 2022 20:04:26 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P6
ETag: "a36309ccf4fd5b9c4470873e011c6037"
X-Cache: Error from cloudfront
x-amz-version-id: LKtt6gBpdY5HOOi6NGSKlLuY8JRLc_M3
Cache-Control: public,max-age=1,s-maxage=31536000
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 12515
X-Amz-Cf-Id: tG2aqFkxdVcd5RHLCNWztsS0A10uD_NeX4ZOYjmtvP8rZzUnliQ5YQ==

GET
H/1.1 200
OK settings Show response
dvwqrjezrqfys.cloudfront.net/api/v3/ 12 KB
13 KB 265ms
260ms XHR
text/html 2600:9000:2490:3400:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dvwqrjezrqfys.cloudfront.net/api/v3/settings
Requested by: Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/js/35.520465e5.chunk.js
Protocol: HTTP/1.1
Server: 2600:9000:2490:3400:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e424e2753ee9ff953867ccff859fd907c24a6978a535f40eab7b9d91bc98046

Request headers

Accept: application/json, text/plain, */*
Referer: http://dvwqrjezrqfys.cloudfront.net/
Authorization: Bitso-CSRF-TOKEN undefined
Accept-Language: de-DE,de;q=0.9
bts-client-name: bitbank-wallet-web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
bts-client-version: 59b44ce18

Response headers

Date: Mon, 04 Jul 2022 21:22:18 GMT
Via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
Last-Modified: Mon, 04 Jul 2022 20:04:26 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P6
ETag: "a36309ccf4fd5b9c4470873e011c6037"
X-Cache: Error from cloudfront
x-amz-version-id: LKtt6gBpdY5HOOi6NGSKlLuY8JRLc_M3
Cache-Control: public,max-age=1,s-maxage=31536000
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 12515
X-Amz-Cf-Id: GHKSsMW8mbFSXj1P4gunGrvYRmP5r9xoZDhCn2-i7_f8x2_WveKvYg==

GET
H3 200 2207664046137135 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 386ms
374ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2207664046137135?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a4313dd615eaf56667b0743b9218b8af9f38e8897339d7aeff488a9b0e8cb387

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: xY5ugmBccdtyxhHwppWR8aRqCZQGRZ83/7EyDNLz6v8b1mYEjbXeCLc1QybjohUGLHjEOBE+zxSOSSBm3zzV7Q==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Jul 2022 21:22:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656969737756
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/931193357/ 42 B
548 B 56ms
31ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/931193357/?random=1656969736567&cv=9&fst=1656968400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&frm=0&url=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&tiba=Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso&async=1&fmt=3&is_vtc=1&random=964687167&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/931193357/ 42 B
64 B 41ms
23ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/931193357/?random=1656969736567&cv=9&fst=1656968400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&frm=0&url=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&tiba=Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso&async=1&fmt=3&is_vtc=1&random=964687167&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3596236%2C1655746&time=1656969737375&url=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3596236%252C1655746%26time%3D1656969737375%26url%3Dhttp%253A%252F%252Fdvwqrjezrqf...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3596236%2C1655746&time=1656969737375&url=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3596236%2C1655746&time=1656969737375&url=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&liSync=true&e_ipv6=AQKDEsH75AmtRQAAAYHLF7gbF72ewucbSAId5SzS...

0
264 B

266ms
202ms

Image
application/javascript

13.107.43.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3596236%2C1655746&time=1656969737375&url=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&liSync=true&e_ipv6=AQKDEsH75AmtRQAAAYHLF7gbF72ewucbSAId5SzSrfCGNEQGovLKNEpRZV9X9dMKlEnMzK1uHqqBBvMLUP-ha-gOj_yX6w
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Server: 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:17 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 521F4A12C1614265B8E1FDA926BF8890 Ref B: VIEEDGE2616 Ref C: 2022-07-04T21:22:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXjAVSsJGoD6o7DI4rqPA==
x-li-fabric: prod-lor1

Redirect headers

date: Mon, 04 Jul 2022 21:22:17 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 38149D56FEA84C569EACA7C6DBE8AF25 Ref B: VIEEDGE1909 Ref C: 2022-07-04T21:22:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3596236%2C1655746&time=1656969737375&url=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&liSync=true&e_ipv6=AQKDEsH75AmtRQAAAYHLF7gbF72ewucbSAId5SzSrfCGNEQGovLKNEpRZV9X9dMKlEnMzK1uHqqBBvMLUP-ha-gOj_yX6w
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXjAVSm9cLpQtwx5mu0Qw==

GET
H2 200 11.1.455.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 86 KB
28 KB 18ms
18ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0099/5674.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ca48df6d8db3e41cb4ab81fd3d2dfe447e8ef2950e0a21ea29b759b93116d2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Jul 2022 21:22:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 24 Jun 2022 04:57:06 GMT
server: cloudflare
age: 30239
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 725aea5aae140211-ZRH
content-length: 28087

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 149ms
105ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1656969737388&id=t2_36lvg1kb&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=defabcf6-7ac1-4687-af20-8948a1280332&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_90e98f9f
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:17 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 adsct
t.co/i/ 43 B
188 B 224ms
119ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=1c927f92-d586-4213-b36c-b3cb6f817a31&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=ab9b4197-fc45-4eec-9f8c-4ec749c4d4b3&tw_document_href=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nve99&type=javascript&version=2.4.12

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 04 Jul 2022 21:22:17 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 25dd4406c01a42e454610f9e49763c94158714cbed7b0e56ddb1371636b3a559
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
356 B 140ms
117ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=1c927f92-d586-4213-b36c-b3cb6f817a31&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=ab9b4197-fc45-4eec-9f8c-4ec749c4d4b3&tw_document_href=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nve99&type=javascript&version=2.4.12

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 110
date: Mon, 04 Jul 2022 21:22:16 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5d0dea47c96cdbfaebff521b125c3963a16ec83af3772026c09e7b8f5935645f
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
186 B 226ms
121ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=e854c2f3-c5dc-4167-91a1-a55dd3359863&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=ab9b4197-fc45-4eec-9f8c-4ec749c4d4b3&tw_document_href=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6hk0&type=javascript&version=2.4.12

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 04 Jul 2022 21:22:17 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 25dd4406c01a42e454610f9e49763c94158714cbed7b0e56ddb1371636b3a559
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
200 B 141ms
118ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e854c2f3-c5dc-4167-91a1-a55dd3359863&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=ab9b4197-fc45-4eec-9f8c-4ec749c4d4b3&tw_document_href=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6hk0&type=javascript&version=2.4.12

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 04 Jul 2022 21:22:16 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5d0dea47c96cdbfaebff521b125c3963a16ec83af3772026c09e7b8f5935645f
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
337 B 220ms
115ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=3badfacd-2ac8-4361-99c9-a37f4b8f0179&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=ab9b4197-fc45-4eec-9f8c-4ec749c4d4b3&tw_document_href=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6hgk&type=javascript&version=2.4.12

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 106
date: Mon, 04 Jul 2022 21:22:17 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 25dd4406c01a42e454610f9e49763c94158714cbed7b0e56ddb1371636b3a559
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
199 B 122ms
121ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=3badfacd-2ac8-4361-99c9-a37f4b8f0179&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=ab9b4197-fc45-4eec-9f8c-4ec749c4d4b3&tw_document_href=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6hgk&type=javascript&version=2.4.12

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 112
date: Mon, 04 Jul 2022 21:22:16 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5d0dea47c96cdbfaebff521b125c3963a16ec83af3772026c09e7b8f5935645f
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
187 B 192ms
123ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=72d914a0-71cf-4226-80cc-3252e0934b31&events=%5B%5B%22viewcontent%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=ab9b4197-fc45-4eec-9f8c-4ec749c4d4b3&tw_document_href=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nve99&type=javascript&version=2.4.12

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 112
date: Mon, 04 Jul 2022 21:22:17 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 25dd4406c01a42e454610f9e49763c94158714cbed7b0e56ddb1371636b3a559
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
217 B 121ms
120ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=72d914a0-71cf-4226-80cc-3252e0934b31&events=%5B%5B%22viewcontent%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=ab9b4197-fc45-4eec-9f8c-4ec749c4d4b3&tw_document_href=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nve99&type=javascript&version=2.4.12

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 04 Jul 2022 21:22:17 GMT
server: tsa_o
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5d0dea47c96cdbfaebff521b125c3963a16ec83af3772026c09e7b8f5935645f
content-length: 43

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=238155691&t=pageview&_s=1&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&ul=en-us&de=UTF-8&dt=Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABQAAAAC~&jid=&gjid=&cid=33744332.1656969736&tid=UA-46463905-1&_gid=1509299429.1656969736&gtm=2wg6t0W5B8XC&z=2054070179

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 10:31:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39046
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1448272/trc/3/ 2 KB
2 KB 102ms
55ms Script
application/javascript 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1448272/trc/3/json?tim=1656969737414&data=%7B%22id%22%3A324%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1656969737410%2C%22cv%22%3A%2220220630-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dreverseads-payconiq-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1656969737413%2C%22ref%22%3Anull%2C%22item-url%22%3A%22http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/unip/1448272/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a5d6c7035b0110255eae06bd0c360c0649a38bbb62013a439528e4f540d6a94

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms: 37
date: Mon, 04 Jul 2022 21:22:17 GMT
content-encoding: gzip
server: nginx
x-timer: S1656969737.490529,VS0,VE37
x-served-by: cache-mxp6967-MXP
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2579328&ADFdivider=%7C&ord=729135611793&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2579328&ADFdivider=%7C&ord=729135611793&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F

809 B
1 KB

86ms
86ms

Script
text/javascript

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2579328&ADFdivider=%7C&ord=729135611793&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

48cd63023a6c82a30b0f633707cfd17ff89c65a2fd82860d28ffd098688e4531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:17 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 688
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:17 GMT
server: nginx
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2579328&ADFdivider=%7C&ord=729135611793&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
32 KB 98ms
98ms Script
application/javascript 95.101.77.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAH3Q2JC77U6DCD5S4TG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.77.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-77-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8e53ff1ed1e86e6e55ce41ddd909d8802b08b66ca24171ecae21c65b3da77c75

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-akamai-request-id: 2f9b63c2.11609cfb
date: Mon, 04 Jul 2022 21:22:17 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a172-232-9-7.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-77-199.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time: 91,95.101.77.199
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=9, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 202207042122170100040030050060030250DBB4604
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,172.232.9.7
x-tt-trace-host: 014bf54fae761ad62fa63ab54a879b6b527e5ff937cee81da60deabf2e4b8953bc53e337fc64332dfe07d9c137e0a8de2497f606730b9dfb152fc46d8ea6904cf315fdea4ac8c6df5b9e21903da933287d4dccd183665da26267c07fac701aba882b2f171a35b2c121a89fe57b7b497b22
expires: Mon, 04 Jul 2022 21:22:17 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 887 B
1 KB 114ms
114ms Script
application/javascript 95.101.77.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=CAH3Q2JC77U6DCD5S4TG&hostname=dvwqrjezrqfys.cloudfront.net
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAH3Q2JC77U6DCD5S4TG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.77.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-77-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8d5cc7228f71d9c4c035c44002a5b631c96b5f3739f30a7cb9784bdda471578a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-akamai-request-id: 2f9b452b.11609d0d
date: Mon, 04 Jul 2022 21:22:17 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a172-232-9-7.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-77-199.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time: 105,95.101.77.199
server-timing: cdn-cache; desc=MISS, edge; dur=81, origin; dur=24, inner; dur=18
content-length: 364
pragma: no-cache
server: nginx
x-tt-logid: 202207042122170100040030050060030040D2FF2C9
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,172.232.9.7
x-tt-trace-host: 014bf54fae761ad62fa63ab54a879b6b527e5ff937cee81da60deabf2e4b8953bc53e337fc64332dfe07d9c137e0a8de2482e0c1388e880df828f9d3d1d54916813b4fec7d3d78240e7f164f9be81506a6c17ef091ef54b5a20b3c9f1395d10c745b1a453095368eeca4a26657f84ba568
expires: Mon, 04 Jul 2022 21:22:17 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
182 B 477ms
156ms XHR
application/json 52.10.147.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/js/35.520465e5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.147.33 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-147-33.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://dvwqrjezrqfys.cloudfront.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dvwqrjezrqfys.cloudfront.net
date: Mon, 04 Jul 2022 21:22:17 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 amplitude-5.2.2-min.gz.js Show response
cdn.amplitude.com/libs/ 54 KB
18 KB 36ms
7ms Script
application/javascript 52.222.206.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/zbxNUXW9p6HLmFqJ1IFfMZc7XDgEhhCT/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-214.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 23:28:42 GMT
content-encoding: gzip
age: 13643616
x-cache: Hit from cloudfront
content-length: 17889
access-control-allow-origin: *
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "b568e7b3c9d94da6a1d4845b18400f7a"
x-amz-version-id: aZB1RIRJqET7nosqRtOBVideRuh0jIV6
via: 1.1 bafba29f1325f15932567e0ae2d444a4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: TU5Gjme16Uj6eyWVYwJ9yYZTVCnFZIpTrQM4DwL9TVJBLWzUFZPzMg==

GET
H/1.1 200
OK 76130.js Show response
fast.appcues.com/ 23 KB
6 KB 48ms
18ms Script
text/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://fast.appcues.com/76130.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/zbxNUXW9p6HLmFqJ1IFfMZc7XDgEhhCT/analytics.min.js
Protocol: HTTP/1.1
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2df3b032ddd4c85559fc5141ab09307f02f748333f95c2c5df3929d8fc60c822

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 21:22:17 GMT
content-encoding: gzip
Age: 160
X-Cache: HIT
Connection: keep-alive
Content-Length: 5481
x-request-id: Fv69DSGl8gCQ8U8Z8wmB
X-Served-By: cache-mxp6965-MXP
access-control-allow-origin: *
server: Cowboy
X-Timer: S1656969738.576668,VS0,VE1
Vary: accept-encoding, Accept-Encoding
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/javascript; charset=utf-8
Via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=120,public
access-control-allow-credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,Authorization
X-Cache-Hits: 1

GET
H/1.1 200
OK a.js Show response
static.clevertap.com/js/ 45 KB
15 KB 44ms
11ms Script
application/javascript 18.66.248.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://static.clevertap.com/js/a.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/zbxNUXW9p6HLmFqJ1IFfMZc7XDgEhhCT/analytics.min.js
Protocol: HTTP/1.1
Server: 18.66.248.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-48.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a69dcd566deb9aa452447b8c0ab461f1a8194d91e96f44e9ea8cecba1549054

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 21:13:37 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 26 Nov 2021 12:38:11 GMT
Server: AmazonS3
Age: 521
ETag: W/"302b621b546dd41b7010d10f46b1937a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
Cache-Control: max-age=1800, private
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: 8-AIUJSwSIv7TWgDB-dZHt_rR4Q8Bmr9UMEtQbhJMN4Q_5nkAGTd1A==

GET
H2 200 5674.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0099/ Frame 4FA8 2 KB
744 B 19ms
19ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0099/5674.json?t=460269
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68799045dc896067202a14cc175aa7f11c260b814744e1af87211372b20908a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23157
ce-version: 11.1.455
content-length: 627
timing-allow-origin: *
last-modified: Mon, 04 Jul 2022 14:56:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 725aea5b8d2c01e7-ZRH

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame A525 705 B
1 KB 42ms
42ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=656562c3-5a09-4400-a016-9c52f9220daa&no_iframe=1&mt_adid=250816&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: http://pixel.mathtag.com/event/js?mt_id=1574886&mt_adid=250816&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x28 config:1.0.0 /
Resource Hash: 0a02cb2d7190c4675ee2cb667418b06615b563bc0b541fa4964518f48e98dfd2

Request headers

Referer: http://dvwqrjezrqfys.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 705
Content-Type: text/html
Date: Mon, 04 Jul 2022 21:22:17 GMT
Expires: Mon, 04 Jul 2022 21:22:16 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4475 c1dc35a master cdg-pixel-x28 config:1.0.0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
525 B 68ms
39ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x33 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 21:22:17 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x33 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 04 Jul 2022 21:22:16 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6B96 15 KB
6 KB 149ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=dvwqrjezrqfys.cloudfront.net&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: http://dynamic.criteo.com/js/ld/ld.js?a=94442

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://dvwqrjezrqfys.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 21:22:17 GMT
server-processing-duration-in-ticks: 2132
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
182 B 268ms
156ms XHR
application/json 52.10.147.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/js/35.520465e5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.147.33 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-147-33.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://dvwqrjezrqfys.cloudfront.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dvwqrjezrqfys.cloudfront.net
date: Mon, 04 Jul 2022 21:22:17 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 DZsXLUsk34x7esUznjsYJ2eKs95Ldda Show response
md-ll.apptimize.com/api/metadata/v4/ 16 KB
16 KB 150ms
103ms XHR
application/octet-stream 130.211.33.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://md-ll.apptimize.com/api/metadata/v4/DZsXLUsk34x7esUznjsYJ2eKs95Ldda
Requested by: Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/js/35.520465e5.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.33.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.33.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 2a22d380c64bb8b4600b0912c017768086e7e7d6b0d23c1956bc4405bfba62eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:17 GMT
via: 1.1 google
age: 0
etag: 1434
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag, If-None-Match
cache-control: public, max-age=600
access-control-allow-headers: ETag, If-None-Match
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16480

GET
H/1.1 200
OK catalogues Show response
dvwqrjezrqfys.cloudfront.net/api/v3/ 12 KB
13 KB 11ms
11ms XHR
text/html 2600:9000:2490:3400:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dvwqrjezrqfys.cloudfront.net/api/v3/catalogues
Requested by: Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/js/35.520465e5.chunk.js
Protocol: HTTP/1.1
Server: 2600:9000:2490:3400:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e424e2753ee9ff953867ccff859fd907c24a6978a535f40eab7b9d91bc98046

Request headers

Accept: application/json, text/plain, */*
Referer: http://dvwqrjezrqfys.cloudfront.net/
Authorization: Bitso-CSRF-TOKEN undefined
Accept-Language: de-DE,de;q=0.9
bts-client-name: bitbank-wallet-web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
bts-client-version: 59b44ce18

Response headers

Date: Mon, 04 Jul 2022 21:22:18 GMT
Via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
Last-Modified: Mon, 04 Jul 2022 20:04:26 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P6
ETag: "a36309ccf4fd5b9c4470873e011c6037"
X-Cache: Error from cloudfront
x-amz-version-id: LKtt6gBpdY5HOOi6NGSKlLuY8JRLc_M3
Cache-Control: public,max-age=1,s-maxage=31536000
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 12515
X-Amz-Cf-Id: 84rzHPLUg85t7OvoK21yjOb7MvNbSn5t_Oj6g5tHQYqBtgPeTDzKVA==

GET
H/1.1 200
OK available_books Show response
dvwqrjezrqfys.cloudfront.net/api/v3/ 12 KB
13 KB 11ms
11ms XHR
text/html 2600:9000:2490:3400:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dvwqrjezrqfys.cloudfront.net/api/v3/available_books
Requested by: Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/js/35.520465e5.chunk.js
Protocol: HTTP/1.1
Server: 2600:9000:2490:3400:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e424e2753ee9ff953867ccff859fd907c24a6978a535f40eab7b9d91bc98046

Request headers

Accept: application/json, text/plain, */*
Referer: http://dvwqrjezrqfys.cloudfront.net/
Authorization: Bitso-CSRF-TOKEN undefined
Accept-Language: de-DE,de;q=0.9
bts-client-name: bitbank-wallet-web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
bts-client-version: 59b44ce18

Response headers

Date: Mon, 04 Jul 2022 21:22:18 GMT
Via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
Last-Modified: Mon, 04 Jul 2022 20:04:26 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P6
ETag: "a36309ccf4fd5b9c4470873e011c6037"
X-Cache: Error from cloudfront
x-amz-version-id: LKtt6gBpdY5HOOi6NGSKlLuY8JRLc_M3
Cache-Control: public,max-age=1,s-maxage=31536000
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 12515
X-Amz-Cf-Id: S3JDV2tmgWO0gloFH3WCdbfpN-Icolu9aVz8Nime_Za26NgiCEOfaA==

GET
H/1.1 200
OK ticker Show response
dvwqrjezrqfys.cloudfront.net/api/v3/ 12 KB
13 KB 9ms
9ms XHR
text/html 2600:9000:2490:3400:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dvwqrjezrqfys.cloudfront.net/api/v3/ticker?book=all
Requested by: Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/js/35.520465e5.chunk.js
Protocol: HTTP/1.1
Server: 2600:9000:2490:3400:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e424e2753ee9ff953867ccff859fd907c24a6978a535f40eab7b9d91bc98046

Request headers

Accept: application/json, text/plain, */*
Referer: http://dvwqrjezrqfys.cloudfront.net/
Authorization: Bitso-CSRF-TOKEN undefined
Accept-Language: de-DE,de;q=0.9
bts-client-name: bitbank-wallet-web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
bts-client-version: 59b44ce18

Response headers

Date: Mon, 04 Jul 2022 21:22:18 GMT
Via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
Last-Modified: Mon, 04 Jul 2022 20:04:26 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P6
ETag: "a36309ccf4fd5b9c4470873e011c6037"
X-Cache: Error from cloudfront
x-amz-version-id: LKtt6gBpdY5HOOi6NGSKlLuY8JRLc_M3
Cache-Control: public,max-age=1,s-maxage=31536000
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 12515
X-Amz-Cf-Id: kbMImi6MZFZsBONtmqqSevo3ciGSJMzowwDn2zrIcAe31Td5cbSYMg==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
183 B 236ms
156ms XHR
application/json 52.10.147.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/js/35.520465e5.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.147.33 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-147-33.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://dvwqrjezrqfys.cloudfront.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: http://dvwqrjezrqfys.cloudfront.net
date: Mon, 04 Jul 2022 21:22:17 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 bitso-light-webfont.32241150.woff2
devassets.bitso.com/static/media/ 48 KB
49 KB 489ms
472ms Font
binary/octet-stream 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://devassets.bitso.com/static/media/bitso-light-webfont.32241150.woff2
Requested by: Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/css/main.632acc9a.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee42b2cbe8e866c44b3468769c62662fa71167b9c9b2137c523fb8c1e495b3d1

Request headers

Referer: https://devassets.bitso.com/static/css/main.632acc9a.chunk.css
Origin: http://dvwqrjezrqfys.cloudfront.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 49452
last-modified: Mon, 04 Jul 2022 20:04:09 GMT
server: AmazonS3
etag: "32241150b35f0c3c13c0ff2efc860f7d"
access-control-max-age: 300
access-control-allow-methods: GET
x-amz-version-id: yPZ0L9Wi0lEPtSKEoHbOhbZCWeE3Q4kX
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=31536000
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: zPM3nwbEgyNhkbs2iryLVLbdLnaDTXsdbj8M_w9CEnkDoSXip4tqaQ==

GET
H2 200 bitso-bold-webfont.2793358d.woff2
devassets.bitso.com/static/media/ 48 KB
49 KB 503ms
487ms Font
binary/octet-stream 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://devassets.bitso.com/static/media/bitso-bold-webfont.2793358d.woff2
Requested by: Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/css/main.632acc9a.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f778e6f9cde4c934213dbca3989ddb76595c9a6c8d045a5b16f326ae5a1016f0

Request headers

Referer: https://devassets.bitso.com/static/css/main.632acc9a.chunk.css
Origin: http://dvwqrjezrqfys.cloudfront.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 49264
last-modified: Mon, 04 Jul 2022 20:04:09 GMT
server: AmazonS3
etag: "2793358d1c4101aa41a2954ee025ced5"
access-control-max-age: 300
access-control-allow-methods: GET
x-amz-version-id: DywsCY2K1.qQrzRoa_PLOH.cecI3CSGl
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=31536000
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: aptQCE3CLyK9nPBLY38W1SUyjIWEHH6Sqhbwqet-NWkCQhUqBT-1qg==

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
715 B 122ms
120ms Ping
application/octet-stream 95.101.77.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAH3Q2JC77U6DCD5S4TG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.77.203 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-77-203.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dvwqrjezrqfys.cloudfront.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 2f9b6747.11609db8
date: Mon, 04 Jul 2022 21:22:17 GMT
x-cache-remote: TCP_MISS from a172-232-9-7.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-77-199.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time: 114,95.101.77.199
server-timing: cdn-cache; desc=MISS, edge; dur=83, origin; dur=31, inner; dur=13
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202207042122170100020030050060030110F10DDCE
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 31,172.232.9.7
x-tt-trace-host: 014bf54fae761ad62fa63ab54a879b6b527e5ff937cee81da60deabf2e4b8953bc53e337fc64332dfe07d9c137e0a8de245c91f3e80b4f8db5c03f73a9f1e971efde09561c83aab9c9c2c8df2c0dc7a8bfbda072467e617b96ead441cb1af50cd7bc8a37b130a352c9b46481114eaed57a
expires: Mon, 04 Jul 2022 21:22:17 GMT

GET
H2 200 appcues.main.7276ca310b54b8595f86ce61d477522cee15c555.js Show response
fast.appcues.com/generic/main/4.38.0/ 410 KB
115 KB 60ms
19ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.38.0/appcues.main.7276ca310b54b8595f86ce61d477522cee15c555.js
Requested by: Host: fast.appcues.com
URL: http://fast.appcues.com/76130.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b1817b720e445653645fa08626788e1ee267e41d8240c7f99b1ec480412364e

Request headers

Referer: http://dvwqrjezrqfys.cloudfront.net/
Origin: http://dvwqrjezrqfys.cloudfront.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:17 GMT
content-encoding: gzip
age: 371288
via: 1.1 varnish
x-cache: HIT
content-length: 117576
x-amz-id-2: NkWoWHU3TF2+dlfotI6Agze2Jr2rstWfFosZS3OTqScPLTv40mKe56KsEVYruFXL2OI6JbtDTGY=
x-served-by: cache-mxp6938-MXP
timing-allow-origin: *
last-modified: Thu, 30 Jun 2022 13:28:09 GMT
server: AmazonS3
x-timer: S1656969738.825145,VS0,VE0
etag: "20285d0c8227a7175d48871cdc2e08da"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
x-amz-request-id: 81CR6MNENSR3KAN5
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 5154

GET
H/1.1 200
OK a Show response
us1.wzrkt.com/ 401 B
916 B 173ms
149ms Script
text/javascript 2600:9000:2491:6e00:8:ac1e:8ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://us1.wzrkt.com/a?t=96&type=page&d=N4IglgJiBcICoFEDKcC0AWASp1B1AHAOyoBaArAGwkgA0IADgOYwCMdAxkzCABYAufetAD0wiADcA7gEcATgCsApgC9Z0gGYBPAM4A6dgBsA9gFcI62UYB2fXVcV9htELhKYA0gH0AwgEEAsgAKMKCSALb0MAAMdHwG7DAA2gC6AL50ENqaVgnQfLImiqlAA&rn=1&i=1656969737&sn=0&useIP=false&r=1656969737776

Requested by

Host: static.clevertap.com
URL: http://static.clevertap.com/js/a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:6e00:8:ac1e:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

48095b013927a20059e7567c413f5cb148766df064ef4f3591daa2353469da6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 21:22:17 GMT
Via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
Vary: Accept-Encoding, User-Agent
X-Amz-Cf-Pop: FRA56-P7
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Cache: Miss from cloudfront
Content-Type: text/javascript;charset=utf-8
Cache-Control: no-cache, no-store, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
X-Amz-Cf-Id: 90z1aHja405CWWViR8TQnmnU3BPK-0oCWgMQQ-9YYIApaKzI8tRvfA==
Expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6B96
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=dvwqrjezrqfys.cloudfront.net&sn=ChromeSyncframe&so=0&topUrl=dvwqrjezrqfys.cloudfront.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=7zVGEXxPeDlrREdwNytWd1lJQ0lYR1pJcUxDOVI0QWdmNkt5VzQvVnBudzA0cTBOQy9DNmg2SVBPaTRGcG5KV2hRSTFkeHpPZ3dNMzEvQmkvY3dPVHoyUW0rcGVhelU3NVlpdmdlbUtIR3EwbUt4M1A4WEE5aVpvTXFDOH...

455 B
651 B

133ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=7zVGEXxPeDlrREdwNytWd1lJQ0lYR1pJcUxDOVI0QWdmNkt5VzQvVnBudzA0cTBOQy9DNmg2SVBPaTRGcG5KV2hRSTFkeHpPZ3dNMzEvQmkvY3dPVHoyUW0rcGVhelU3NVlpdmdlbUtIR3EwbUt4M1A4WEE5aVpvTXFDOHRWa0dJdjI1Zk5XZC9SRmJNeURjcTNFd1ZCb25HemJObzc3em45L3laTXYvbjY5QnlPNG4rR1ZoSFBsV0wvVjFtZEtQV29rN3FwQjVhMFBrU0tyNTcwMUpRS04xZFFHTUY5bVNwYkNmVEVpdTNzSk9nK1h5VVlaczljRnFzWThZUmFlcE5FWFM1bkQ0MnRRMmFDcXhPbmpwTmVZSlZqNmttRVBhamt3d3RncTRaRUtGc20ycz18&cppv=2

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

638a3da2e50face77b80021b3e18815a1bc3c6ce91e9552e334c87d64878210d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:17 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4677
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:16 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=7zVGEXxPeDlrREdwNytWd1lJQ0lYR1pJcUxDOVI0QWdmNkt5VzQvVnBudzA0cTBOQy9DNmg2SVBPaTRGcG5KV2hRSTFkeHpPZ3dNMzEvQmkvY3dPVHoyUW0rcGVhelU3NVlpdmdlbUtIR3EwbUt4M1A4WEE5aVpvTXFDOHRWa0dJdjI1Zk5XZC9SRmJNeURjcTNFd1ZCb25HemJObzc3em45L3laTXYvbjY5QnlPNG4rR1ZoSFBsV0wvVjFtZEtQV29rN3FwQjVhMFBrU0tyNTcwMUpRS04xZFFHTUY5bVNwYkNmVEVpdTNzSk9nK1h5VVlaczljRnFzWThZUmFlcE5FWFM1bkQ0MnRRMmFDcXhPbmpwTmVZSlZqNmttRVBhamt3d3RncTRaRUtGc20ycz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1444
content-length: 567
expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame A525 43 B
525 B 37ms
36ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=656562c3-5a09-4400-a016-9c52f9220daa&no_iframe=1&mt_adid=250816&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4475 c1dc35a master cdg-pixel-x29 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=656562c3-5a09-4400-a016-9c52f9220daa&no_iframe=1&mt_adid=250816&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 21:22:17 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x29 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 04 Jul 2022 21:22:16 GMT

GET
H3 200 1018575448661820 Show response
connect.facebook.net/signals/config/ 474 KB
140 KB 238ms
237ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1018575448661820?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7293cf7f95ffee0ab31127f601b68301e51b52409e6c69f26cc6a46a926be9f9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: qPViKsk8s7wnfgK88P68V/Rkd0pWWTw/43whw4fx6mtPsVFXNemrk62mxjB9VhMyxw0wvQ5/noFMuqEumd3fOg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Jul 2022 21:22:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656969738054
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 35ms
11ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2207664046137135&ev=PageView&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&rl=&if=false&ts=1656969737818&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.2.1656969737817.1206918030&it=1656969737373&coo=false&rqm=GET

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 04 Jul 2022 21:22:17 GMT

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame FD48 5 KB
2 KB 118ms
28ms Document
text/html 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=2579328&ADFdivider=%7C&ord=729135611793&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a761e26b7df32e4e92dc9d974d35b8a86656d5e7fa7124c2c265a6fcbc121e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://dvwqrjezrqfys.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Jul 2022 21:22:17 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
334 B 526ms
27ms Image
image/gif 37.157.6.252
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=8824525853337226152&stamp=7OK0qC55GAwDvP-67D9Y4w2

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Jul 2022 21:22:18 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H2 200 container.7276ca310b54b8595f86ce61d477522cee15c555.css
fast.appcues.com/generic/main/4.38.0/ 15 KB
2 KB 22ms
22ms Stylesheet
text/css 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.38.0/container.7276ca310b54b8595f86ce61d477522cee15c555.css
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.38.0/appcues.main.7276ca310b54b8595f86ce61d477522cee15c555.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4c676ed415cb16654c1309c8c2ee790db12f4a5ae5efb675a595ddd31a6a9e3

Request headers

Referer: http://dvwqrjezrqfys.cloudfront.net/
Origin: http://dvwqrjezrqfys.cloudfront.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:17 GMT
content-encoding: gzip
age: 371189
via: 1.1 varnish
x-cache: HIT
content-length: 2029
x-amz-id-2: PGX8TFLz4+zWqyuHq5z/dEEdLO9FIvttxw+fz6GLQhB9Wpa920vJCtlCA0C4zLA+IodsQWRSZnQ=
x-served-by: cache-mxp6938-MXP
timing-allow-origin: *
last-modified: Thu, 30 Jun 2022 13:28:09 GMT
server: AmazonS3
x-timer: S1656969738.944914,VS0,VE0
etag: "c8a48e77946e446dc42162494c5a4ed7"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
x-amz-request-id: VP4K1H4PQH0Z17PC
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
content-type: text/css; charset=utf-8;
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 4934

GET
H2 200 plf
c1.adform.net/imatch/ Frame FD48 0
261 B 28ms
27ms Image
text/plain 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame FD48
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=8824525853337226152&Expiration=1658179337
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=8824525853337226152&Expiration=1658179337

43 B
423 B

46ms
46ms

Image
image/gif

54.154.103.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=8824525853337226152&Expiration=1658179337
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Server: 54.154.103.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-103-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Jul 2022 21:22:18 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=8824525853337226152&Expiration=1658179337
date: Mon, 04 Jul 2022 21:22:18 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame FD48 0
522 B 67ms
17ms Image
text/plain 104.89.29.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=8824525853337226152

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.89.29.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-29-143.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 21:22:18 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 03 Jul 2022 21:22:18 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame FD48 0
214 B 108ms
8ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=8824525853337226152
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame FD48
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=8824525853337226152&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=8824525853337226152&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=17cc41e8fe23419db...
https://c1.adform.net/serving/cookie/match?party=9&uid=a8aadfde8b19f7945ef41106c49426e2c367d7a0412a947deeabf6ef2f185491

35 B
467 B

28ms
27ms

Image
image/gif

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=a8aadfde8b19f7945ef41106c49426e2c367d7a0412a947deeabf6ef2f185491

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Protocol

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=a8aadfde8b19f7945ef41106c49426e2c367d7a0412a947deeabf6ef2f185491
date: Mon, 04 Jul 2022 21:22:18 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame FD48 43 B
163 B 120ms
24ms Image
image/gif 185.86.139.106
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=8824525853337226152&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:17 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame FD48
Redirect Chain

https://ups.analytics.yahoo.com/ups/55944/sync?uid=8824525853337226152&_origin=1
https://ups.analytics.yahoo.com/ups/55944/sync?uid=8824525853337226152&_origin=1&verify=true

0
121 B

10ms
10ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=8824525853337226152&_origin=1&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=8824525853337226152&_origin=1&verify=true
date: Mon, 04 Jul 2022 21:22:18 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame FD48 43 B
711 B 136ms
39ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=8824525853337226152
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 21:22:18 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1656969738287003-428
Expires: Mon, 04 Jul 2022 21:22:18 GMT

GET
H2

204

v1
match.sharethrough.com/sync/ Frame FD48
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=8824525853337226152
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=8824525853337226152
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=23766f42-0082-4438-b02e-9db4de8857b5&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=

0
35 B

65ms
7ms

Image
text/plain

35.158.225.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=23766f42-0082-4438-b02e-9db4de8857b5&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Server: 35.158.225.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-225-163.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT

Redirect headers

Location: //match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=23766f42-0082-4438-b02e-9db4de8857b5&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Date: Mon, 04 Jul 2022 21:22:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FD48
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8824525853337226152&expiration=1658179337
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8824525853337226152&expiration=1658179337&C=1

43 B
946 B

46ms
36ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=8824525853337226152&expiration=1658179337&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 725aea611e8a9067-FRA
pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkxBT235gmQhoWY1BoIy%2BZLEL7lyDw2r9ZaQvVOFtUsE6RDZ6CREdIRRb6uKqGoT5JCThOv9yPC9EqLdJ0Dl29u%2BJu9Sr7%2FjKfKcuic8QbRuL%2BlaYxgjJdzLveCTUqnT8Ina2o33RFtghw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiKtI1d0COGcjWJL9e60Kn9BqFfDxnEQSSlwxaS8tdj04OrSRcIzak8I1wZmkxUk5%2Bxtw2U0TBsA20cxkuXRZeBv74YhISU%2BXU3MmLZhhTrlaczS7A8qllWouAjXScpzfbBhm7aStF5ybA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=8824525853337226152&expiration=1658179337&C=1
cache-control: no-cache
cf-ray: 725aea5fd878bbbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

16266044
se.semasio.net/sync/1/ Frame FD48
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=8824525853337226152&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=8824525853337226152&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=8824525853337226152&gdpr=&gdpr_consent=&sInitiator=external

0
415 B

1142ms
1049ms

Image
text/plain

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/16266044?sExtCookieId=8824525853337226152&gdpr=&gdpr_consent=&sInitiator=external
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: HTTP/1.1
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:20 GMT
uip-status: Ok
frontend-id: 08
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:19 GMT
frontend-id: 4
location: https://se.semasio.net/sync/1/16266044?sExtCookieId=8824525853337226152&gdpr=&gdpr_consent=&sInitiator=external
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame FD48 0
344 B 41ms
9ms Image
text/plain 3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=8824525853337226152&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 21:22:18 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame FD48
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8824525853337226152
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=8824525853337226152&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
332 B

83ms
13ms

Image
image/gif

2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt: Abk73BB/sIT/8bcOAA
x-accel-expires: @1657041945
date: Mon, 04 Jul 2022 21:22:18 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: xlJGqTKl5Zs
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 964593
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Mon, 04 Jul 2022 21:22:18 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame FD48 0
98 B 37ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=8824525853337226152
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=8824525853337226152/gdpr=/ Frame FD48
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=8824525853337226152/gdpr=/gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=8824525853337226152/gdpr=/gdpr_consent=

49 B
279 B

27ms
27ms

Image
image/gif

18.203.96.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=8824525853337226152/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Server: 18.203.96.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-202.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
expires: 0
cache-control: no-cache
x-server: 10.45.24.155
content-type: image/gif
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=8824525853337226152/gdpr=/gdpr_consent=
cache-control: no-cache
x-server: 10.45.6.198
content-length: 0
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame FD48 62 B
227 B 244ms
169ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=8824525853337226152
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame FD48 43 B
275 B 53ms
16ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8824525853337226152
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
via: 1.1 google
server: OXGW/7f1e280
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame FD48
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

144ms
47ms

Image
image/gif

52.218.91.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: HTTP/1.1
Server: 52.218.91.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 21:22:19 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: WBBHZKK6MMMH2DM0
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: c2aYUjkPSflWy4jR6fx0qwaCmhhBp+BikIA9JLEBXvYl6/a/Z8QZ9eseTnUd5s54SDZVubNzhMU=

Redirect headers

X-Error-Reason: Missing UserId
Date: Mon, 04 Jul 2022 21:22:18 GMT
Server: akka-http/10.2.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame FD48
Redirect Chain

https://pixel.onaudience.com/?mapped=8824525853337226152&partner=68
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0cd79b888fe55605/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
265 B

100ms
31ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame FD48
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=8824525853337226152
https://tags.adsafety.net/v1/cm?cm_uid=CM12022070421091cb33a957922a9a6d&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=bf3944d01da2ef4123bfc60eab2d1f09
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12022070421091cb33a957922a9a6d&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=bf3944d01da2ef4123bfc60eab2d1f09&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMjA3MDQyMTA5MWNiMzNhOTU3OTIyYTlhNmQ
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEEroINNVp15uqm7bxuRU8ok&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12022070421091cb33a957922a9a6d
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=8824525853337226152

43 B
2 KB

14ms
14ms

Image
image/gif

139.162.172.91
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=8824525853337226152
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: HTTP/1.1
Server: 139.162.172.91 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1489-91.members.linode.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 21:22:18 GMT
Last-Modified: Mon, 04 Jul 2022 21:22:18 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
server: nginx
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=8824525853337226152
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame FD48 0
338 B 101ms
30ms Image
text/plain 108.128.241.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=8824525853337226152
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.241.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-241-23.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
cache-control: private, no-cache, no-store
x-request-time: D=41 t=1656969738
x-served-by: beacon-n015-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame FD48
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=ODgyNDUyNTg1MzMzNzIyNjE1Mg
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELZlx5_fzQ-AH3G9YhkWjTk&google_cver=1&google_ula=1641347,0

35 B
467 B

28ms
28ms

Image
image/gif

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELZlx5_fzQ-AH3G9YhkWjTk&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Protocol

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELZlx5_fzQ-AH3G9YhkWjTk&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame FD48
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=6479559261711099152&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=8824525853337226152

43 B
1006 B

13ms
13ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=8824525853337226152

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Protocol

HTTP/1.1

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 21:22:18 GMT
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b13becb1-204f-487a-bc0e-c3f8a60d506d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=8824525853337226152
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 plf
c1.adform.net/imatch/ Frame FD48 0
261 B 31ms
28ms Image
text/plain 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame FD48 42 B
447 B 597ms
156ms Image
image/gif 104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8824525853337226152
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame FD48 43 B
444 B 60ms
6ms Image
image/gif 52.222.214.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-97.fra56.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 01:15:09 GMT
Via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.20.0
Age: 72429
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-P3
Content-Length: 43
X-Amz-Cf-Id: SppE_bJ5Qk-70ViZ8TFzNitKt3LqunU9qm8t3znSKkXodjI2cAKOnA==

GET
H/1.1

200

p
a.audrte.com/ Frame FD48
Redirect Chain

https://a.audrte.com/a?adform_uid=8824525853337226152
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=&google_gid=CAESEB4BJ4oRV466_OX05FJu-A8&google_cver=1
https://a.audrte.com/p

68 B
617 B

98ms
98ms

Image
image/png

3.224.245.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: HTTP/1.1
Server: 3.224.245.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-245-7.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 21:22:19 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Mon, 04 Jul 2022 21:22:19 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame FD48
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=8824525853337226152&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=8824525853337226152&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=62156898293777233190154425285124627686&noredirect=1

35 B
467 B

28ms
28ms

Image
image/gif

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=62156898293777233190154425285124627686&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Protocol

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-2-v036-049f0654a.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Ascms+vGTYs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=62156898293777233190154425285124627686&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame FD48
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=8824525853337226152
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219973204202004636147

35 B
476 B

28ms
27ms

Image
image/gif

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219973204202004636147

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Protocol

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
server: AAWebServer
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219973204202004636147
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame FD48
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7116630835187611791

35 B
467 B

85ms
27ms

Image
image/gif

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7116630835187611791

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Protocol

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7116630835187611791
Date: Mon, 04 Jul 2022 21:22:18 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame FD48 62 B
427 B 164ms
163ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=8824525853337226152
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
content-type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame FD48
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=656562c3-5a09-4400-a016-9c52f9220daa

35 B
476 B

28ms
27ms

Image
image/gif

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=656562c3-5a09-4400-a016-9c52f9220daa

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Protocol

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Mon, 04 Jul 2022 21:22:18 GMT
Server: MT3 4475 c1dc35a master zrh-pixel-x9 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=656562c3-5a09-4400-a016-9c52f9220daa
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Mon, 04 Jul 2022 21:22:17 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame FD48
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=4itdNy001O8twm5

35 B
467 B

29ms
28ms

Image
image/gif

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=4itdNy001O8twm5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Protocol

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 21:22:17 GMT
Server: PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0e0b7d4089fc3e73e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=4itdNy001O8twm5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FD48 70 B
264 B 30ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame FD48 0
72 B 545ms
134ms Image
text/plain 216.46.185.183
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=8824525853337226152
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 216.46.185.183 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame FD48 43 B
1 KB 28ms
7ms Image
image/gif 141.95.98.69
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=8824525853337226152

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.69 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216534.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame FD48
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=2699333156
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=jhmIDN3Y24LNS3HiGwM76.

35 B
467 B

29ms
29ms

Image
image/gif

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=jhmIDN3Y24LNS3HiGwM76.

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Protocol

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:17 GMT
via: 1.1 google
last-modified: Mon, 04 Jul 2022 21:22:18 GMT
server: Weborama Collect Frontend
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=jhmIDN3Y24LNS3HiGwM76.
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame FD48 23 B
172 B 128ms
35ms Image
image/gif 104.89.28.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=8824525853337226152
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-165.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 04 Jul 2022 21:22:18 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame FD48
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=8824525853337226152
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=8824525853337226152&cs=1

35 B
376 B

42ms
42ms

Image
image/gif

95.216.101.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=8824525853337226152&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Server: 95.216.101.186 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.186.101.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=8824525853337226152&cs=1
date: Mon, 04 Jul 2022 21:22:18 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame FD48 0
239 B 31ms
6ms Image
text/plain 2600:9000:223f:200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=8824525853337226152
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: McmMM1FA4YF-ywsouu7RiqztcpYtnt2RNgJFxmsrNy0rfTjozLnT0w==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame FD48
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=8824525853337226152&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=8824525853337226152&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=3822843f-37cc-4f6a-b291-28075953b5a0

35 B
467 B

29ms
29ms

Image
image/gif

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=3822843f-37cc-4f6a-b291-28075953b5a0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Protocol

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=3822843f-37cc-4f6a-b291-28075953b5a0
date: Mon, 04 Jul 2022 21:22:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 8824525853337226152
match.contentexchange.me/adform/ Frame FD48 0
49 B 139ms
42ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/8824525853337226152?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame FD48 37 B
140 B 44ms
7ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=8824525853337226152&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1 204
No Content put
e1.emxdgt.com/ Frame FD48 0
134 B 44ms
7ms Image
text/html 3.74.89.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=8824525853337226152
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.74.89.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-89-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 21:22:18 GMT
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html

GET
H2 200 plf
c1.adform.net/imatch/ Frame FD48 0
261 B 28ms
27ms Image
text/plain 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=8824525853337226152&agencyId=7390&advertiserId=2117454&src=tp&rnd=611982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=94442&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=V957X19yMEJ0bVpXJTJGd1ZvWmdWbVhaNXRHa0Eya0swbXNzd0xvOWhI...
https://widget.us.criteo.com/event?a=94442&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=V957X19yMEJ0bVpXJTJGd1ZvWmdWbVhaNXRHa0Eya0swbXNzd0xvOWhI...

9 KB
9 KB

401ms
108ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=94442&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=V957X19yMEJ0bVpXJTJGd1ZvWmdWbVhaNXRHa0Eya0swbXNzd0xvOWhIdGslMkJwZUxlUUFQOTZ6c0NLUEl3Mzk5JTJCdXA2a2F3VzlScmpEMkFDMnRGOTBMSUZuQ0gyaHNUNDFhMmFTR25DcUo5U3J3cjlFanVTQ29mRCUyRjJEN3NEaHR0MHdkenJ0RmN6TUNOUW9nVHRnaUJYc3dQeVMzMHZvbXlkQ08yOWZDR3VqdktTV1J2VSUzRA&tld=dvwqrjezrqfys.cloudfront.net&dy=1&fu=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&dtycbr=95388

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2739a9cefa6cf7a418a69d1deefcc86ed33ecc44952c3ddf3a3670cde00aef80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 16325143
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:17 GMT
server: Kestrel
location: https://widget.us.criteo.com/event?a=94442&v=5.11.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=V957X19yMEJ0bVpXJTJGd1ZvWmdWbVhaNXRHa0Eya0swbXNzd0xvOWhIdGslMkJwZUxlUUFQOTZ6c0NLUEl3Mzk5JTJCdXA2a2F3VzlScmpEMkFDMnRGOTBMSUZuQ0gyaHNUNDFhMmFTR25DcUo5U3J3cjlFanVTQ29mRCUyRjJEN3NEaHR0MHdkenJ0RmN6TUNOUW9nVHRnaUJYc3dQeVMzMHZvbXlkQ08yOWZDR3VqdktTV1J2VSUzRA&tld=dvwqrjezrqfys.cloudfront.net&dy=1&fu=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&dtycbr=95388
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4208488
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 logo_bitso_plus.ed8727ce.svg
devassets.bitso.com/static/media/ 393 KB
394 KB 510ms
509ms Image
image/svg+xml 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://devassets.bitso.com/static/media/logo_bitso_plus.ed8727ce.svg
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e223d3e0737bab4c085d3a58401815056dc0308fab7d036aa3e96e493ca967ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Mon, 04 Jul 2022 20:04:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
etag: "ed8727ce255b8c4b87f8d1931f34783f"
x-cache: Miss from cloudfront
x-amz-version-id: HNbk7bGXtWJrUCAlCPT_3qMZrEI.JHmn
cache-control: public,max-age=31536000,s-maxage=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/svg+xml
content-length: 402839
x-amz-cf-id: 6zJ3SVKGlbzc_BkOphsXC5bS6qOt6hmVKgNOEXMpra6IJPak5X8HyQ==

GET
H2 200 woman_cellphone.d007ec34.png
devassets.bitso.com/static/media/ 748 KB
749 KB 488ms
487ms Image
image/png 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://devassets.bitso.com/static/media/woman_cellphone.d007ec34.png
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24e0fea70856310ff622f0b2f9391387f46f3261c65b5c05a1af50c46d57df8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Mon, 04 Jul 2022 20:04:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
etag: "d007ec34c598a782cc5d21570a91b8d4"
x-cache: Miss from cloudfront
x-amz-version-id: LCr9OL7vC4tj7_zPSrlNqW.QT68VOCSZ
cache-control: public,max-age=31536000,s-maxage=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 765567
x-amz-cf-id: 2LlAIoile3i3yEvoCFqm_xO1vtj1nfDbseaUC7M9QNik-aJ3QJ9Gog==

GET
H2 200 emoji2.1c4faa4e.png
devassets.bitso.com/static/media/ 92 KB
93 KB 10ms
9ms Image
image/png 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://devassets.bitso.com/static/media/emoji2.1c4faa4e.png
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d5237afdf8f65695732d356b94ad71851129610d1b7c1de5d5ead937261db18

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 25 May 2022 07:25:59 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Tue, 24 May 2022 22:18:28 GMT
server: AmazonS3
age: 3506180
etag: "1c4faa4e90bb324c067e9236ed871134"
x-cache: Hit from cloudfront
x-amz-version-id: Fr1Ofp8VCXlkD2P8bfBcvWvLvC7Ykp35
cache-control: public,max-age=31536000,s-maxage=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-type: image/png
content-length: 94535
x-amz-cf-id: HjM3BSVw4UYJCG89V9tyYbmqlTp4t8l0txR8iBQ91KQ06Nyr9P_q0g==

GET
H2 200 avatar.d3bc0d26.png
devassets.bitso.com/static/media/ 28 KB
29 KB 8ms
8ms Image
image/png 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://devassets.bitso.com/static/media/avatar.d3bc0d26.png
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7b0aa33c81cf666906972db71bcb8b3a48ef2c3b5082d1f0b2ba0070f1a22b78

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 12:56:13 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 19:15:17 GMT
server: AmazonS3
age: 1412765
etag: "d3bc0d262b2ff24083759b8ede21b260"
x-cache: Hit from cloudfront
x-amz-version-id: E5ClKIULXGBNZEAzCudYtt_.6Kget4FQ
cache-control: public,max-age=31536000,s-maxage=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-type: image/png
content-length: 29072
x-amz-cf-id: tvJrAp0ek368uPEf4yx45LuiOYDLplSyl4UMvCur3LM8bdUnn89Zag==

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98b4d51bd77706086a0303aa31288a4d2f416a82a74472973b22da50401d2fa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 emoji1.d3cc48f3.png
devassets.bitso.com/static/media/ 176 KB
176 KB 11ms
11ms Image
image/png 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://devassets.bitso.com/static/media/emoji1.d3cc48f3.png
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be28d31c6dd363a504848f3adb73531de7c28688398693ac77a369f715b910cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 09:52:25 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 23:56:54 GMT
server: AmazonS3
age: 1942194
etag: "d3cc48f3347e92ba055ea23843358145"
x-cache: Hit from cloudfront
x-amz-version-id: V.O6AJUjgLLafnbmb3p2WbPipDsGOA_L
cache-control: public,max-age=31536000,s-maxage=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-type: image/png
content-length: 180096
x-amz-cf-id: bDZBv2zwkeSua99sP9aVlmYWPDh3CuRUuRfX684h6sC_stsL9o_qQw==

GET
H/1.1 200
OK logo_dark.svg
dvwqrjezrqfys.cloudfront.net/logos/ 12 KB
12 KB 237ms
236ms Image
text/html 2600:9000:2490:3400:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dvwqrjezrqfys.cloudfront.net/logos/logo_dark.svg
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: HTTP/1.1
Server: 2600:9000:2490:3400:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 21:22:19 GMT
Via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
Last-Modified: Mon, 04 Jul 2022 20:04:26 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P6
ETag: "a36309ccf4fd5b9c4470873e011c6037"
X-Cache: Error from cloudfront
x-amz-version-id: LKtt6gBpdY5HOOi6NGSKlLuY8JRLc_M3
Cache-Control: public,max-age=1,s-maxage=31536000
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 12515
X-Amz-Cf-Id: 1nR7Wgq8gKojcy9FdINW_qbZ1gRGZ42kZU6Ox9jCqj2Ao9-dcHJkGw==

GET
H2 200 status.json Show response
bitso.statuspage.io/api/v2/ 227 B
682 B 314ms
161ms XHR
application/json 52.215.192.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bitso.statuspage.io/api/v2/status.json

Requested by

Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/js/35.520465e5.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.215.192.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-192-132.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b6e937b73b68f116caa0b35f19464b6892d5f1d3c11fbefcd91fe7c90c8675a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=259200
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: http://dvwqrjezrqfys.cloudfront.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=259200
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 273
x-statuspage-skip-logging: true
x-cache: HIT
date: Mon, 04 Jul 2022 21:22:18 GMT
x-statuspage-version: 495985d5c0beed935b8974df703040405edfbff5
content-length: 227
x-xss-protection: 1; mode=block
x-request-id: 6cefab7d-6550-4980-aed0-3a6a17937807
x-runtime: 0.069136
referrer-policy: strict-origin-when-cross-origin
etag: W/"b6e937b73b68f116caa0b35f19464b68"
x-download-options: noopen
vary: Accept,Accept-Encoding,Fastly-SSL
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14233d960cc1bbd697c213ccc3b10ece146f11f3e3ef0263ff446338d6d481eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 app.a16b8f00.png
devassets.bitso.com/static/media/ 27 KB
28 KB 11ms
10ms Image
image/png 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://devassets.bitso.com/static/media/app.a16b8f00.png
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 122b7602a669aa512594d2b76200822af7b481ae51b5ed5cf82587939bc89f65

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 09:52:25 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Fri, 10 Jun 2022 23:56:53 GMT
server: AmazonS3
age: 1942194
etag: "a16b8f00974ba006330f4523ef03d520"
x-cache: Hit from cloudfront
x-amz-version-id: VvLwZz6NzETijyF6uOvv4cnwxsJm2cJs
cache-control: public,max-age=31536000,s-maxage=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-type: image/png
content-length: 27767
x-amz-cf-id: plJ87cn0yXvpQRVQdyUj8fVzxxw16wq8M8tGWp7ktp_Zsljce-l_ww==

GET
H2 200 alpha.85594308.png
devassets.bitso.com/static/media/ 229 KB
230 KB 8ms
8ms Image
image/png 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://devassets.bitso.com/static/media/alpha.85594308.png
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 671974cff43fc34496246c0c322b60e5e405ffb763519b7092cc082f3fa0ac03

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 03:04:09 GMT
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Tue, 07 Jun 2022 00:00:55 GMT
server: AmazonS3
age: 2398690
etag: "85594308bd9f2a109896f639c82af32c"
x-cache: Hit from cloudfront
x-amz-version-id: nVZnccptMNwvjKpFCtRfZkdqZe_rFfkC
cache-control: public,max-age=31536000,s-maxage=31536000
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-type: image/png
content-length: 234330
x-amz-cf-id: 57lP_WxvipiHdge9r6nrNeosd3TZnp6JgMYqdeg8LmJV4pvi3nd9TQ==

GET
H2 200 bitsoglyphs.0932650d.ttf
devassets.bitso.com/static/media/ 45 KB
46 KB 478ms
476ms Font
binary/octet-stream 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://devassets.bitso.com/static/media/bitsoglyphs.0932650d.ttf
Requested by: Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/css/main.632acc9a.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f2472ffc8c386f1ed0db4ad8c27749cdedf2c6976dda6ab224f908ee48610b2

Request headers

Referer: https://devassets.bitso.com/static/css/main.632acc9a.chunk.css
Origin: http://dvwqrjezrqfys.cloudfront.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 46456
last-modified: Mon, 04 Jul 2022 20:04:09 GMT
server: AmazonS3
etag: "0932650ddc53240bf62d6e82280f215d"
access-control-max-age: 300
access-control-allow-methods: GET
x-amz-version-id: 5xr4qgBtqW5NuzHvTvw8NUwXi7wuUjoC
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=31536000
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: zFe7pR0R3pyq04_LJnOkjIT3WsWQkmHOQCGwGRtU8SYyvBJhKKDBsg==

GET
H2 200 bitso-regular-webfont.580e3b06.woff2
devassets.bitso.com/static/media/ 48 KB
49 KB 454ms
453ms Font
binary/octet-stream 2600:9000:2490:3000:18:47f6:9500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://devassets.bitso.com/static/media/bitso-regular-webfont.580e3b06.woff2
Requested by: Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/css/main.632acc9a.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:3000:18:47f6:9500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a78981eee3d342deb74f0c0ed64ee6d22164c2070507a51e692ff8b43a56730

Request headers

Referer: https://devassets.bitso.com/static/css/main.632acc9a.chunk.css
Origin: http://dvwqrjezrqfys.cloudfront.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 49260
last-modified: Mon, 04 Jul 2022 20:04:09 GMT
server: AmazonS3
etag: "580e3b06379db33fa72e7335f543b944"
access-control-max-age: 300
access-control-allow-methods: GET
x-amz-version-id: hVIGHj5ss45u4RC3tKa5gZP9QBtnfvJd
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=31536000
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: rMRJ1mTL9yMkG6h1nD74TrL6CHfIJqGqXBuhZfeoeheWsiBYHJC-Iw==

GET
H/1.1 200
OK a Show response
us1.wzrkt.com/ 238 B
801 B 156ms
156ms Script
text/javascript 2600:9000:2491:6e00:8:ac1e:8ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://us1.wzrkt.com/a?t=96&type=push&d=N4IgLgngDgpiBcIYDcYDswgDROWAcgIYC2ciACgE4D2xUYMAJgARjXMCCAxlzPcwGFq1ANYBLGAGdsuMABFCYQglACANhIwIQAIzFgdhNCIC0Ad0Jq1MMOZg6QAXxxjG2gCoBRAMruTAFgAlQJMAdQAOAHYTAC0AVgA2GJkoAHMEAEYcRkkINC4EMEoAVxgcUJjAgGkAfQEOAFlyFRAzOgQABhwwNQL4AG0AXUdHIAA%3D&rn=2&i=1656969737&sn=0&gc=d0aeff07324143c09e68b2c0428af5ae&arp=N4IgVg%2BgdiBcIC0DuBeFIA0ICW06IHUAHbAUyQGMBJTEAEwgBcBnOABizoAt2sA3OAEYskVvGAACAL61sdfABYASkoC0BABwB2VQgCsANgS1STMRxAAnM0IOGAnAftaAzFqlAA%3D%3D&useIP=false&r=1656969738405

Requested by

Host: static.clevertap.com
URL: http://static.clevertap.com/js/a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:6e00:8:ac1e:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b4843389ae32bf6fc33851990dfea9c95913e3dbfa1a075656661f1edf710177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 21:22:18 GMT
Via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
Vary: Accept-Encoding, User-Agent
X-Amz-Cf-Pop: FRA56-P7
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000;includeSubDomains;preload
X-Cache: Miss from cloudfront
Content-Type: text/javascript;charset=utf-8
Cache-Control: no-cache, no-store, no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
X-Amz-Cf-Id: gh7M4weAaZamfeL27Wc2ujdCdxMovUZLa0wXL7q8oERYf6aNYS1gpw==
Expires: 0

GET
H3 200 227520485531197 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 293ms
293ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/227520485531197?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d399c61592aec215081c3852584d1196701871531be33bc19333d866be5f59d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: W/pOcJhVV9D5DxKAhkxEBmp0MsxWPTGZpsaeEXvqqFsgDROsy3jB6lDT6z7iWTyJwpL+A78lpWNfUgCi1K7bVw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Jul 2022 21:22:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656969738717
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1018575448661820&ev=PageView&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&rl=&if=false&ts=1656969738425&sw=1600&sh=1200&v=2.9.64&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1656969737817.1206918030&it=1656969737373&coo=false&rqm=GET

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 04 Jul 2022 21:22:18 GMT

GET
H3 200 716834929017352 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 352ms
351ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/716834929017352?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2199e1b66966d50a2113e0acd9fb5aadd69af5b20f5abdb086d50a8b2653a77e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: jqcAF69/SqfGFUQzi0Knylwfi7AyK94RuiCoRgYyLHMui2Ak5GBnsoVZXDOq4Vr7DmHWeFvTVhP712VUWz+Kyg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Jul 2022 21:22:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656969739081
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=227520485531197&ev=PageView&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&rl=&if=false&ts=1656969738732&sw=1600&sh=1200&v=2.9.64&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1656969737817.1206918030&it=1656969737373&coo=false&rqm=GET

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 04 Jul 2022 21:22:18 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1448272/log/3/ 0
256 B 124ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1448272/log/3/unip?en=pre_d_eng_tb&tos=1599&scd=100&ssd=1&est=1656969737412&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1656969739011&vi=1656969737410&ri=bcd2e914957e0ac73fe605430dd72e4b&ref=null&cv=20220630-24-RELEASE&item-url=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F
Requested by: Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/js/35.520465e5.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: http://dvwqrjezrqfys.cloudfront.net
pragma: no-cache
date: Mon, 04 Jul 2022 21:22:19 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 715174912450420 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 157ms
157ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/715174912450420?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1590e6dc15b5a6b2f70876689ebb8c1a896a49506505af61a6a27733c8430adb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: VNvOCxK6eKLcoxf0+/3F6OzItMn67P7hwneN0x1JSGS7/TEDw1O4MpOqYCdWGaMITsEQcEz0On3G6XITuGBung==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Jul 2022 21:22:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656969739251
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=716834929017352&ev=PageView&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&rl=&if=false&ts=1656969739096&sw=1600&sh=1200&v=2.9.64&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1656969737817.1206918030&it=1656969737373&coo=false&rqm=GET

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 04 Jul 2022 21:22:19 GMT

GET
H3 200 186614296776384 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 228ms
227ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/186614296776384?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bd80c0ec2e5b6082a5fb0331b748916af93e9d582a7b0a6defba031df21beca

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: dfZEz39RiEVttrgySFM3Ii3YLOY6kBzp4zBrA7cJbqAQ+kVOod7wPdZeH3Sq3MLWZ/gF8sKfbc5xTd4ubAcbLQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Jul 2022 21:22:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656969739501
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=715174912450420&ev=PageView&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&rl=&if=false&ts=1656969739277&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.2.1656969737817.1206918030&it=1656969737373&coo=false&rqm=GET

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 04 Jul 2022 21:22:19 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=186614296776384&ev=PageView&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&rl=&if=false&ts=1656969739529&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.2.1656969737817.1206918030&it=1656969737373&coo=false&rqm=GET

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 04 Jul 2022 21:22:19 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2207664046137135&ev=Microdata&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&rl=&if=false&ts=1656969739530&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso%22%2C%22meta%3Adescription%22%3A%22Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20anytime%20and%20from%20anywhere.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Bitso%20%E2%80%93%20The%20simplest%20way%20to%20use%20and%20buy%20Bitcoin%20and%20other%20cryptocurrencies.%22%2C%22og%3Adescription%22%3A%22Bitso%20%E2%80%93%20The%20simplest%20way%20to%20use%20and%20buy%20Bitcoin%20and%20other%20cryptocurrencies.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fdevassets.bitso.com%2Fsocial%2Fshare-facebook.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.64&r=stable&ec=1&o=30&fbp=fb.2.1656969737817.1206918030&it=1656969737373&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 04 Jul 2022 21:22:19 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1018575448661820&ev=Microdata&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&rl=&if=false&ts=1656969739531&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso%22%2C%22meta%3Adescription%22%3A%22Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20anytime%20and%20from%20anywhere.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Bitso%20%E2%80%93%20The%20simplest%20way%20to%20use%20and%20buy%20Bitcoin%20and%20other%20cryptocurrencies.%22%2C%22og%3Adescription%22%3A%22Bitso%20%E2%80%93%20The%20simplest%20way%20to%20use%20and%20buy%20Bitcoin%20and%20other%20cryptocurrencies.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fdevassets.bitso.com%2Fsocial%2Fshare-facebook.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.64&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.2.1656969737817.1206918030&it=1656969737373&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 04 Jul 2022 21:22:19 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=227520485531197&ev=Microdata&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&rl=&if=false&ts=1656969739532&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso%22%2C%22meta%3Adescription%22%3A%22Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20anytime%20and%20from%20anywhere.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Bitso%20%E2%80%93%20The%20simplest%20way%20to%20use%20and%20buy%20Bitcoin%20and%20other%20cryptocurrencies.%22%2C%22og%3Adescription%22%3A%22Bitso%20%E2%80%93%20The%20simplest%20way%20to%20use%20and%20buy%20Bitcoin%20and%20other%20cryptocurrencies.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fdevassets.bitso.com%2Fsocial%2Fshare-facebook.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.64&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.2.1656969737817.1206918030&it=1656969737373&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 04 Jul 2022 21:22:19 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=716834929017352&ev=Microdata&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&rl=&if=false&ts=1656969739602&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso%22%2C%22meta%3Adescription%22%3A%22Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20anytime%20and%20from%20anywhere.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Bitso%20%E2%80%93%20The%20simplest%20way%20to%20use%20and%20buy%20Bitcoin%20and%20other%20cryptocurrencies.%22%2C%22og%3Adescription%22%3A%22Bitso%20%E2%80%93%20The%20simplest%20way%20to%20use%20and%20buy%20Bitcoin%20and%20other%20cryptocurrencies.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fdevassets.bitso.com%2Fsocial%2Fshare-facebook.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.64&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.2.1656969737817.1206918030&it=1656969737373&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 04 Jul 2022 21:22:19 GMT

GET
H2 200 s.js Show response
cdn.sift.com/ 61 KB
20 KB 60ms
8ms Script
application/javascript 34.96.67.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sift.com/s.js
Requested by: Host: dvwqrjezrqfys.cloudfront.net
URL: http://dvwqrjezrqfys.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.67.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.67.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:42:10 GMT
content-encoding: gzip
age: 49209
x-guploader-uploadid: ADPycdtp4kRiAErB54C2WIP-MoM1Kx36LbQiyluSnGKISTm3PIzV4D007GNg48jmCi8fOA8WPASICqn1qpgM1R_sDSQ6yXhmT4ov
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20452
last-modified: Thu, 09 Apr 2020 21:59:13 GMT
server: UploadServer
etag: "07cb8203158abb26b3c18318350e7b36"
vary: Accept-Encoding
x-goog-hash: crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng==
x-goog-generation: 1586469553682331
cache-control: public, max-age=86400
x-goog-stored-content-length: 20452
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 05 Jul 2022 07:42:10 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 8BFF
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6479559261711099152

43 B
370 B

16ms
15ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6479559261711099152

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:19 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2013915
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 21:22:19 GMT
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6b01c1e8-2a71-4604-b48c-7459d2d84c1a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6479559261711099152
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 8BFF
Redirect Chain

https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6479559261711099152

43 B
370 B

16ms
15ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6479559261711099152

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:19 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2015057
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 21:22:19 GMT
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ec54869c-790d-4bcd-9afc-8c1d97040d0f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6479559261711099152
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 8BFF 43 B
220 B 13ms
9ms Image
image/gif 35.158.225.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-rl_IS__jnn07gURqtBtlCEOqJ5csIIHzh_FmXA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.225.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-225-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 21:22:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 8BFF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-d2wQyP_jnn07gURqtBtlCEOqJ5fVnyH6A9edcQ&google_cm&google_hm=ay1kMndReVBfam5uMDdnVVJxdEJ0bENFT3FKNWZWbnlIN...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-d2wQyP_jnn07gURqtBtlCEOqJ5fVnyH6A9edcQ&google_gid=CAESEO_h3gsFP_-Vied0pu3CBpg&google_cver=1&google_ula=913071,0

43 B
370 B

82ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-d2wQyP_jnn07gURqtBtlCEOqJ5fVnyH6A9edcQ&google_gid=CAESEO_h3gsFP_-Vied0pu3CBpg&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:18 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 745973
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-d2wQyP_jnn07gURqtBtlCEOqJ5fVnyH6A9edcQ&google_gid=CAESEO_h3gsFP_-Vied0pu3CBpg&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 8BFF 49 B
235 B 86ms
13ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-maDMpP_jnn07gURqtBtlCEOqJ5cpFg1txRUjFw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:19 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H2 200 rum
r.casalemedia.com/ Frame 8BFF 43 B
943 B 81ms
28ms Image
image/gif 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-SwPWSv_jnn07gURqtBtlCEOqJ5ecoYfI_-lcZQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 725aea694e0dbbb3-FRA
pragma: no-cache
date: Mon, 04 Jul 2022 21:22:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lxPiNFkhoobMrU704FUf3OuW52RlPGjUWfeq%2FjdIAoR2XfJhH2%2FfEB1ls%2FXxu5NWSPg2HmvqDWOuloGe8twWPUyMFgjwme5B3G5Eq%2BHePo5Nbcy2P%2Baz8h1BQPvf7N18w%2FI"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

GET
H2 200 match
ad.360yield.com/ Frame 8BFF 43 B
509 B 43ms
39ms Image
image/gif 54.154.103.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-UCKqbf_jnn07gURqtBtlCEOqJ5eg2ZlRR1-siQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.103.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-103-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Jul 2022 21:22:19 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

451

397596.gif
idsync.rlcdn.com/ Frame 8BFF
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=N5pR941zUMsakUiZQOUA2Kd4CbHKqHKp

0
9 B

50ms
21ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=N5pR941zUMsakUiZQOUA2Kd4CbHKqHKp
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=N5pR941zUMsakUiZQOUA2Kd4CbHKqHKp
date: Mon, 04 Jul 2022 21:22:19 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2448
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 cksync.php
contextual.media.net/ Frame 8BFF 45 B
785 B 143ms
54ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-67tAOf_jnn07gURqtBtlCEOqJ5dKq30XaQqBmg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Mon, 04 Jul 2022 21:22:19 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 04 Jul 2022 21:22:19 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 8BFF 40 B
40 B 62ms
9ms Image
text/html 3.66.148.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-kGnsUP_jnn07gURqtBtlCEOqJ5eIN9PCsgItRw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.148.198 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-148-198.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 8BFF 0
476 B 395ms
87ms Image
text/plain 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-XDTzjf_jnn07gURqtBtlCEOqJ5eZPJAjyalePA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 21:22:20 GMT
Cache-Control: no-cache
X-TraceId: 16f09d1794c26fc0e05dcb1b6366388a
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 8BFF 42 B
350 B 158ms
155ms Image
image/gif 104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k--rh6rf_jnn07gURqtBtlCEOqJ5dVUk4p9fOPYQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 8BFF 0
239 B 69ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-sapoNP_jnn07gURqtBtlCEOqJ5fN7oDTp1xpcw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 8BFF 0
34 B 10ms
7ms Image
text/plain 35.158.225.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-uIT5RP_jnn07gURqtBtlCEOqJ5euF5Pmnx8C3g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.225.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-225-163.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame 8BFF 0
241 B 15ms
11ms Image
text/plain 2600:9000:223f:200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-gzmwif_jnn07gURqtBtlCEOqJ5fcYMcIAUktnQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: zCdnPiHmMnhwbnDXDjkp-gleVMjWLJ9B2MZZ2t20ZIIiEZLgDSeHzQ==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 8BFF 43 B
163 B 29ms
24ms Image
image/gif 185.86.139.106
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-sXRjqP_jnn07gURqtBtlCEOqJ5evsHaxY2F8bQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:18 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 8BFF 0
98 B 76ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k--HXzsv_jnn07gURqtBtlCEOqJ5cItv8lBMdW-w
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12645

GET
H2 200 um
criteo-sync.teads.tv/ Frame 8BFF 23 B
172 B 108ms
33ms Image
image/gif 104.89.28.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-An_x6v_jnn07gURqtBtlCEOqJ5ess4yHCkiKDg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-165.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:19 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 04 Jul 2022 21:22:19 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 8BFF 37 B
139 B 12ms
10ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-F3KEL__jnn07gURqtBtlCEOqJ5d3w25hxOEOKw&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 8BFF 0
194 B 162ms
13ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 8BFF 0
322 B 16ms
14ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-lixxoP_jnn07gURqtBtlCEOqJ5cyuibGbbNbuw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 8BFF 0
522 B 17ms
16ms Image
text/plain 104.89.29.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-0vQAe__jnn07gURqtBtlCEOqJ5ek7q-Ypg5S4w

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.89.29.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-29-143.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 21:22:19 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 03 Jul 2022 21:22:19 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 8BFF 43 B
220 B 112ms
27ms Image
image/gif 52.49.242.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-jso42__jnn07gURqtBtlCEOqJ5fqv1D2id76Qg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.242.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-242-166.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Jul 2022 21:22:19 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 8BFF
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ULVj4f_jnn07gURqtBtlCEOqJ5ey45wmeP1Y7g
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ULVj4f_jnn07gURqtBtlCEOqJ5ey45wmeP1Y7g&_li_chk=true&previous_uuid=f25e27bd47a64794ba63dc3aa3ebd75c
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ULVj4f_jnn07gURqtBtlCEOqJ5ey45wmeP1Y7g

43 B
419 B

338ms
94ms

Image
image/gif

2600:1f18:444a:4602:5071:4299:50e2:8b7b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ULVj4f_jnn07gURqtBtlCEOqJ5ey45wmeP1Y7g

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:5071:4299:50e2:8b7b Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 21:22:20 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ULVj4f_jnn07gURqtBtlCEOqJ5ey45wmeP1Y7g
Date: Mon, 04 Jul 2022 21:22:19 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 8BFF 43 B
220 B 8ms
7ms Image
image/gif 35.158.225.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=117&user_id=k-rl_IS__jnn07gURqtBtlCEOqJ5csIIHzh_FmXA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.225.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-225-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 04 Jul 2022 21:22:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 579033.gif
hexagon-analytics.com/images/ 43 B
272 B 120ms
96ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/579033.gif?bk=%REACT_APP_SIFT_BEACON_KEY%&tm=162&r=689300370&v=105&cs=UTF-8&h=dvwqrjezrqfys.cloudfront.net&l=en-US&S=c23cefa6e44f975bbcccd59501da06f9&uu=bc6ed517ec42ca202bec4c5844a0b3a&t=Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso&u=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:19 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 433897.gif
hexagon-analytics.com/images/ 43 B
104 B 96ms
96ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/433897.gif?bk=%REACT_APP_SIFT_BEACON_KEY%&tm=194&r=341192482&v=105&cs=UTF-8&h=dvwqrjezrqfys.cloudfront.net&l=en-US&S=c23cefa6e44f975bbcccd59501da06f9&uu=8f43533ba5cfcd718e78c369f96fdae&t=Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso&u=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:19 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=715174912450420&ev=Microdata&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&rl=&if=false&ts=1656969739942&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso%22%2C%22meta%3Adescription%22%3A%22Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20anytime%20and%20from%20anywhere.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Bitso%20%E2%80%93%20The%20simplest%20way%20to%20use%20and%20buy%20Bitcoin%20and%20other%20cryptocurrencies.%22%2C%22og%3Adescription%22%3A%22Bitso%20%E2%80%93%20The%20simplest%20way%20to%20use%20and%20buy%20Bitcoin%20and%20other%20cryptocurrencies.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fdevassets.bitso.com%2Fsocial%2Fshare-facebook.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.64&r=stable&ec=1&o=30&fbp=fb.2.1656969737817.1206918030&it=1656969737373&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 04 Jul 2022 21:22:19 GMT

GET
H2 200 618099.gif
hexagon-analytics.com/images/ 43 B
104 B 98ms
97ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/618099.gif?bk=%REACT_APP_SIFT_BEACON_KEY%&tm=208&r=113282583&v=105&cs=UTF-8&h=dvwqrjezrqfys.cloudfront.net&l=en-US&S=c23cefa6e44f975bbcccd59501da06f9&uu=ede1348445a4614113aebd70b208a64&t=Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso&u=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=0&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:19 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=auQffjc1swQvoxNFNZ09hUoEYo8JkCnh
dpm.demdex.net/ Frame 8BFF
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=auQffjc1swQvoxNFNZ09hUoEYo8JkCnh

42 B
942 B

111ms
111ms

Image
image/gif

52.30.153.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=auQffjc1swQvoxNFNZ09hUoEYo8JkCnh

Protocol

HTTP/1.1

Server

52.30.153.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-153-205.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v036-09fe25c21.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: uDDQ3uPGSSQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=auQffjc1swQvoxNFNZ09hUoEYo8JkCnh
date: Mon, 04 Jul 2022 21:22:19 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2780
content-length: 198
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 8BFF 0
522 B 16ms
15ms Image
text/plain 104.89.29.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-0vQAe__jnn07gURqtBtlCEOqJ5ek7q-Ypg5S4w

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.89.29.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-29-143.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 21:22:19 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 03 Jul 2022 21:22:19 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 8BFF 43 B
219 B 30ms
30ms Image
image/gif 52.49.242.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=%3Ccriteo%20user%20id%3E&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.242.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-242-166.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Jul 2022 21:22:19 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 8BFF 0
17 B 13ms
13ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:19 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame 8BFF 43 B
1 KB 13ms
13ms Image
image/gif 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-kuR2l__jnn07gURqtBtlCEOqJ5c1BlKnQWPjXw&seg=1005440

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Jul 2022 21:22:19 GMT
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 48c46926-3676-4d7d-aca4-00b098abfe14
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=186614296776384&ev=Microdata&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&rl=&if=false&ts=1656969740035&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso%22%2C%22meta%3Adescription%22%3A%22Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20anytime%20and%20from%20anywhere.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Bitso%20%E2%80%93%20The%20simplest%20way%20to%20use%20and%20buy%20Bitcoin%20and%20other%20cryptocurrencies.%22%2C%22og%3Adescription%22%3A%22Bitso%20%E2%80%93%20The%20simplest%20way%20to%20use%20and%20buy%20Bitcoin%20and%20other%20cryptocurrencies.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fdevassets.bitso.com%2Fsocial%2Fshare-facebook.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.64&r=stable&ec=1&o=30&fbp=fb.2.1656969737817.1206918030&it=1656969737373&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 21:22:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 04 Jul 2022 21:22:20 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 40ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3SEYSRMJJL&gtm=2oe6t0&_p=238155691&_z=ccd.v9B&cid=33744332.1656969736&ul=en-us&sr=1600x1200&_s=2&sid=1656969736&sct=1&seg=0&dl=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F&dt=Buy%20and%20sell%20bitcoin%20and%20other%20cryptocurrencies%20in%20a%20few%20minutes%20%7C%20Bitso&en=scroll&ep.custom_timestamp=1656969736535&epn.percent_scrolled=90&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3SEYSRMJJL&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Jul 2022 21:22:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://dvwqrjezrqfys.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1448272/log/3/ 0
255 B 14ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1448272/log/3/unip?en=pre_d_eng_tb&tos=4600&scd=100&ssd=1&est=1656969737412&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1656969742011&vi=1656969737410&ri=bcd2e914957e0ac73fe605430dd72e4b&ref=null&cv=20220630-24-RELEASE&item-url=http%3A%2F%2Fdvwqrjezrqfys.cloudfront.net%2F
Requested by: Host: devassets.bitso.com
URL: https://devassets.bitso.com/static/js/35.520465e5.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dvwqrjezrqfys.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: http://dvwqrjezrqfys.cloudfront.net
pragma: no-cache
date: Mon, 04 Jul 2022 21:22:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

119 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 04:59:21	Name: _li_ss Value: MgkI_____wcQ1xI
.dvwqrjezrqfys.cloudfront.net/	1970-01-20 06:25:45	Name: _gcl_au Value: 1.1.1860427892.1656969736
.dvwqrjezrqfys.cloudfront.net/	1970-01-20 04:17:36	Name: _gid Value: GA1.3.1509299429.1656969736
.dvwqrjezrqfys.cloudfront.net/	1970-01-20 04:16:09	Name: _gat_gtag_UA_46463905_2 Value: 1
.dvwqrjezrqfys.cloudfront.net/	1970-01-20 04:16:09	Name: _gat_UA-46463905-1 Value: 1
.dvwqrjezrqfys.cloudfront.net/	1970-01-20 21:47:21	Name: _ga_3SEYSRMJJL Value: GS1.1.1656969736.1.0.1656969736.60
.dvwqrjezrqfys.cloudfront.net/	1970-01-20 06:25:45	Name: _rdt_uuid Value: 1656969737387.defabcf6-7ac1-4687-af20-8948a1280332
.dvwqrjezrqfys.cloudfront.net/	1970-01-20 21:47:21	Name: _ga Value: GA1.3.33744332.1656969736
.mathtag.com/	1970-01-20 13:42:04	Name: uuid Value: 656562c3-5a09-4400-a016-9c52f9220daa
.dvwqrjezrqfys.cloudfront.net/	1970-01-20 13:01:45	Name: ajs_anonymous_id Value: %2279beabad-259f-4972-95cf-d8311c656ed2%22
.twitter.com/	1970-01-20 21:47:21	Name: personalization_id Value: "v1_OrkNVWe4IYqSWT5AeIhTdw=="
.tiktok.com/	1970-01-20 13:37:45	Name: _ttp Value: 2BUnsW4KkBKkDqGGpHprUHaXi4A
.mathtag.com/	1970-01-20 04:59:21	Name: mt_misc Value: mt_bt:1
.dvwqrjezrqfys.cloudfront.net/	1969-12-31 23:59:59	Name: cebs Value: 1
.dvwqrjezrqfys.cloudfront.net/	1970-01-20 13:01:45	Name: _ce.s Value: v~d52788cc40f4078e93092dc0b5a068f28e4a6933~vpv~0
.t.co/	1970-01-20 21:47:21	Name: muc_ads Value: 378cfa5f-f74f-4e21-8d3d-029861e6c3e3
.linkedin.com/	1970-01-20 04:59:21	Name: UserMatchHistory Value: AQJOOSALnQXHpwAAAYHLF7U1-hSYPsTwAep3iPNk6sLHZl18UpItW94MmUqof-XY9r5CGLop5Mh8IA
.linkedin.com/	1970-01-20 04:59:21	Name: AnalyticsSyncHistory Value: AQLu6t4E-MHG3gAAAYHLF7U1WLO7GCWIt7TMCMHe5zmdm7fIudAIWrLBK2pq5uG_CjYsuaR23nRXTeRTSxfvyA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:48:03	Name: bcookie Value: "v=2&70b3c509-eaee-41d7-8083-fb95576098e0"
.linkedin.com/	1970-01-20 04:17:36	Name: lidc Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2529:u=1:x=1:i=1656969737:t=1657056137:v=2:sig=AQG24u14MqtnwmYQbw5dgPD5pJkmpRvr"
.criteo.com/	1970-01-20 13:37:45	Name: uid Value: 4d155b43-c036-42de-8842-fb597c8595e9
.adform.net/	1970-01-20 05:00:48	Name: C Value: 1
.dvwqrjezrqfys.cloudfront.net/	1969-12-31 23:59:59	Name: amplitude_idundefineddvwqrjezrqfys.cloudfront.net Value: eyJvcHRPdXQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGwsImxhc3RFdmVudFRpbWUiOm51bGwsImV2ZW50SWQiOjAsImlkZW50aWZ5SWQiOjAsInNlcXVlbmNlTnVtYmVyIjowfQ==
.dvwqrjezrqfys.cloudfront.net/	1970-01-23 19:52:09	Name: amplitude_id_8cd4fd0e9dd5bd537fde74edeccf2c84dvwqrjezrqfys.cloudfront.net Value: eyJkZXZpY2VJZCI6ImZjOWVlM2U2LTQ3NmQtNDNlZC1iMzliLWZjODYwNDI0NmE1ZlIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY1Njk2OTczNzc5NywibGFzdEV2ZW50VGltZSI6MTY1Njk2OTczNzc5OCwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjF9
.dvwqrjezrqfys.cloudfront.net/	1970-01-20 06:25:45	Name: _fbp Value: fb.2.1656969737817.1206918030
.adform.net/	1970-01-20 05:42:33	Name: uid Value: 8824525853337226152
.adform.net/	1970-01-20 04:17:36	Name: CM Value: 1\|1
.facebook.com/	1970-01-20 06:25:45	Name: fr Value: 0f7TMLLxdoDWtD9RS..Biw1oJ...1.0.Biw1oJ.
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:48:03	Name: bscookie Value: "v=1&2022070421221726d5536e-fe30-4bf5-8221-6f4cd874794cAQHClPUcBQsTx6lqSjqK7uwNrL5d_RBN"
.linkedin.com/	1970-01-20 21:40:52	Name: li_gc Value: MTswOzE2NTY5Njk3Mzc7MjswMjHAxewBeePrmiJu1l3Wc3VLxL2ZnmGUbmUenQUN972FJg==
.adform.net/	1970-01-20 04:36:19	Name: CM14 Value: 1657056137_1656969737_1_Hu7u4e4e4R7u7u4REREeERERERHhEQ
.dvwqrjezrqfys.cloudfront.net/	1970-01-23 19:52:09	Name: WZRK_G Value: d0aeff07324143c09e68b2c0428af5ae
.dvwqrjezrqfys.cloudfront.net/	1970-01-20 13:45:33	Name: cto_bundle Value: V957X19yMEJ0bVpXJTJGd1ZvWmdWbVhaNXRHa0Eya0swbXNzd0xvOWhIdGslMkJwZUxlUUFQOTZ6c0NLUEl3Mzk5JTJCdXA2a2F3VzlScmpEMkFDMnRGOTBMSUZuQ0gyaHNUNDFhMmFTR25DcUo5U3J3cjlFanVTQ29mRCUyRjJEN3NEaHR0MHdkenJ0RmN6TUNOUW9nVHRnaUJYc3dQeVMzMHZvbXlkQ08yOWZDR3VqdktTV1J2VSUzRA
.adscale.de/	1970-01-20 12:58:25	Name: uu Value: 17cc41e8fe23419db93b1aa045dbb343
.adscale.de/	1970-01-20 12:58:25	Name: cct Value: 1656969738218
.casalemedia.com/	1970-01-20 13:01:45	Name: CMID Value: YsNaCoeNHUNBPcPHtGIh-AAA
.casalemedia.com/	1970-01-20 06:25:45	Name: CMPS Value: 5260
.casalemedia.com/	1970-01-20 06:25:45	Name: CMPRO Value: 5260
.yieldlab.net/	1970-01-20 13:01:45	Name: id Value: 76761f6f-e932-4e01-a6eb-cc1ba98a45ce
.bidswitch.net/	1970-01-20 13:01:45	Name: tuuid Value: 23766f42-0082-4438-b02e-9db4de8857b5
.bidswitch.net/	1970-01-20 13:01:45	Name: c Value: 1656969738
.bidswitch.net/	1970-01-20 13:01:45	Name: tuuid_lu Value: 1656969738
.yahoo.com/	1970-01-20 13:02:07	Name: A3 Value: d=AQABBApaw2ICEAT_jBNvr5Y4gxcA4E76KbwFEgEBAQGrxGLNYgAAAAAA_eMAAA&S=AQAAAruyjLlFOQmbxAb5fIQ43PQ
.eyeota.net/	1970-01-20 04:16:10	Name: SERVERID Value: 21419~DM
.360yield.com/	1970-01-20 06:25:45	Name: tuuid Value: 0c77a27a-8343-4dad-abe6-fff5eefb7066
.360yield.com/	1970-01-20 06:25:45	Name: tuuid_lu Value: 1656969738
ads.stickyadstv.com/	1970-01-20 05:42:33	Name: uid-bp-617 Value: 8824525853337226152
ads.stickyadstv.com/	1970-01-20 04:59:21	Name: UID Value: 253814c06f3ee1e89eb180a0253d34c3
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: a2ed64117fc64fa1a4b7cad5924e
.seadform.net/	1970-01-20 05:42:33	Name: uid Value: 8824525853337226152
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.ih.adscale.de/	1970-01-20 12:58:25	Name: tu Value: 4#3912660693#42~8824525853337226152~460269~0~0
.exelator.com/	1970-01-20 07:08:57	Name: EE Value: "22cdc4eeca6fb71ad1b8c4dd517ead5e"
.semasio.net/	1970-01-20 13:01:45	Name: SEUNCY Value: 481A18BE101BFE46
cm.adsafety.net/	1970-01-20 13:01:45	Name: UID Value: CM12022070421091cb33a957922a9a6d
.adsafety.net/	1970-01-20 13:01:45	Name: cm_uid Value: CM12022070421091cb33a957922a9a6d
.onaudience.com/	1970-01-20 13:01:45	Name: cookie Value: 0cd79b888fe55605
.onaudience.com/	1970-01-20 04:17:36	Name: done_redirects104 Value: 1
.exelator.com/	1970-01-20 07:08:57	Name: ud Value: "eJxrXxzq6XKLQcHIKDkl2SQ1NTnRLC3J3DAxxTDJItkkJcXU0Dw1McU0dXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAeEl%252BUWb6IhfXxUUpaQyLSopPBR942gMAEhgsCA%253D%253D"
tags.adsafety.net/	1970-01-20 13:01:45	Name: UID Value: bf3944d01da2ef4123bfc60eab2d1f09
tags.adsafety.net/	1970-01-20 13:01:45	Name: DID Value: bf3944d01da2ef4123bfc60eab2d1f09
tags.adsafety.net/	1970-01-20 13:01:45	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 13:01:45	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 04:59:21	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 13:01:45	Name: ct_uid Value: bf3944d01da2ef4123bfc60eab2d1f09
.adsafety.net/	1970-01-20 13:01:45	Name: ct_did Value: bf3944d01da2ef4123bfc60eab2d1f09
.adsafety.net/	1970-01-20 13:01:45	Name: ct_idt Value: 100
.doubleclick.net/	1970-01-20 13:37:45	Name: IDE Value: AHWqTUkpF03J7IUPwUdIsWNcUd5LiWRfQIt2bHrGXVjfzV6fBUFspmM9gBV6xDFWTQU
cm.adsafety.net/	1970-01-20 13:01:45	Name: permanent Value: 1
.onaudience.com/	1970-01-20 04:17:36	Name: done_redirects147 Value: 1
.adnxs.com/	1970-01-20 06:25:45	Name: uuid2 Value: 6479559261711099152
.dvwqrjezrqfys.cloudfront.net/	1970-01-20 04:16:10	Name: WZRK_S_TEST-4RR-W87-Z56Z Value: %7B%22p%22%3A1%2C%22s%22%3A1656969738%2C%22t%22%3A1656969738%7D
ads.smartstream.tv/	1970-01-20 13:01:45	Name: DID Value: bf3944d01da2ef4123bfc60eab2d1f09
ads.smartstream.tv/	1970-01-20 13:01:45	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 13:01:45	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 04:59:21	Name: cm_uid Value: CM12022070421091cb33a957922a9a6d
.krxd.net/	1970-01-20 08:35:21	Name: _kuid_ Value: O8BEyh-N
.adfarm1.adition.com/	1970-01-20 06:25:45	Name: UserID1 Value: 7116630835187611791
cm.adsafety.net/	1970-01-20 13:01:45	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaNXg2NFdKdERkN1kwZEkwNXFBaTdVVGhVZzg0TnY3cHBzcTRtMHNUV1VGTzFYQ3dZT1hnR1hSQ3VQY0NwYVVmYmx2VlowMEFHeXg4S0lXcisyZGVReGpnRlFTS1pkVHpFVk9zTjZmTHdDMTJFMk42NEdsaUgxcW10YTJzaGsvb3E5UnNhQWhvWjNEZGIybVV6WGtnRCtJSUxIZVA5UEVsaXVwUWxsM3JTcDFmUWdQekNrMjg1ME9WaldyL2VnQ3RmSk5UQjhRT1lqN1JoSkJlNUhpSzlnOUFBMHBtNEhFMndheXBUZmJ3SmVwY1RlL2VXOFprekFKZmdGU1ZjelhLRFdNd05EaU1BcWFUZlFlM0NnMG5IeDJzV0tDTUQ5WXRYc2JYS0JCa2swZXErZjVaWFFldkc0VytrZTlvUzBzNXNqNTBBQmRyR1Q2R0ZmalpzZ2VUQzNlZHlYeXdpM1g0bHB0L0pldExIWGJNK2Y0M2xWNnVYai83VmRxT2hMWHFtcUhMaUsydmJ3eEMrblRtMlpKdVlXWTM3TTBNRmNIQ3VyMUlFQmw0M1JBRHZmSEt5bmg3b2tTdDAxK2cyUkszUnpES1JBVkRPYUtwQjhJeSsvU3BPdmpERDcvelJlSWtzUXZDalM2Z0ZQdzhGb1JxTGxDblZPeXkvczRlQVNhMlhILzd3SmFyL0NaZzV3NlFSSHBxYnFvYktvMG0zVXJFaFdLQy9WVHd2WnBwT3ViKzNNL2VTN1NtdEN5QzRVRGpTVjNpN2tjdkRYU2ZIazdJRXVUeFZqc2JXTlFNbndwaG5QRXkvTDFmQXBzN2pwQ3VmYnRIWEcvaXpiM21zMmYrb2ZHK1RSVnlLRSs0SE9mbDgzUTRDcTdOU3h4T0M1WWhxeHdGSEZvQUp0cjljSTJIUm5hQU9kdjJqc1N1MXBaTVRQRUk5UVJlbE8rOUFVaHcvNXkwamE2V1ZraE9pSWdSc2lzUHRwN05JcGFDVmhCSmlWS1A4YTFGMUROZzJHR2hUMnpPdlRtcUFLVW8zY1czQ3JWcGZpRER4WURlSlJoa3hBWVVvRWRMK0QzbEI2YkRNWFdWWFp6TzFpb2RWK3JCZXc9PQ%3D%3D
.w55c.net/	1970-01-20 13:46:24	Name: wfivefivec Value: 4itdNy001O8twm5
.w55c.net/	1970-01-20 04:59:21	Name: matchadform Value: 5
.id5-sync.com/	1970-01-20 04:16:10	Name: cf Value:
.id5-sync.com/	1970-01-20 04:16:10	Name: cip Value:
.id5-sync.com/	1970-01-20 04:16:10	Name: cnac Value:
.id5-sync.com/	1970-01-20 04:16:10	Name: car Value:
.id5-sync.com/	1970-01-20 04:16:10	Name: gdpr Value:
.id5-sync.com/	1970-01-20 04:16:10	Name: callback Value:
.agkn.com/	1970-01-20 13:01:45	Name: ab Value: 0001%3Ae6FIJ5kcA8tIAp%2BR2OGIBsqR7pNoxiha
.weborama.fr/	1970-01-20 13:42:04	Name: AFFICHE_W Value: Fab@DACzYp8V71
.tapad.com/	1970-01-20 05:42:33	Name: TapAd_TS Value: 1656969738782
.tapad.com/	1970-01-20 05:42:33	Name: TapAd_DID Value: 3822843f-37cc-4f6a-b291-28075953b5a0
.tapad.com/	1970-01-20 05:42:33	Name: TapAd_3WAY_SYNCS Value:
.1dmp.io/	1970-01-20 13:01:45	Name: uid Value: 626110d0-fbdf-11ec-ad67-f832e4719dd9
.audrte.com/	1970-01-20 04:37:45	Name: arcki2_adform Value: 8824525853337226152!20210804!1656969738931
.audrte.com/	1970-01-20 04:26:14	Name: arcki2_TTT Value: 1656969738932!h970alvsSMrRl-f4zAjozV-Uw!H4sIAAAAAAAAAB2WOY5FNw5FF6NYgCRSEhk66KBh2IHhDWji/pfg835SKFTpcbwDy3hN7jr5tudZYq/sra68Xc7tclvUnXzqld1L9vpu1q6RXcrJpv2VkOldJB0bsUfTvA6PRKLlJftkV5EVbam0RqTrvWnLs76R1VfLvmbJ4rrvOc/um2kO02pB/Pc0y5mk07Xyih7Pp7fVVrr77jF05eJfum2el27PTetsoTZljmQi6s1nLlFelnd79n5btiXubzwvPDq36Toh+ekinZeVzSis2t5OS73smsbxpc73M6wRadzshRZll1aGy63LE+3X6rdmXveswyOvXo1hvjMv84yoqZWib9eZWyecvObZ7in5dp6tY52BJInHXBlBGcEjD88+1suXDXQdxciS2vGIUkaeb/Oo15dX3aSjlsG64hxLa6vXXiSXetndc9LNqWTvk8YZ51pp2bnbuuVXgILSc942Rm6ldas6a5GRwvd8jSS6qJkiWDC74GWvd64y5a3UXj/mp+XzBo/2IxKDzFS8jQG8HZ3CzVel+2+JWfU+uts776lnuBatPJpm7c0yKdcM0F1Q0PrJlZXGbbvKqwmcPJN78vD5LbjwqGjJO8apuhuPW5Lx1nSXPFoh3RIAYHbzPPVoLWdc9aSLXcvq+R2LrBOMb5uegxpeeUfWNjAue62ruaobbDmSfUbND1i2xwjBUpp0pqTKvvlBXCgRpWZmIa1O6/dKel4L5OJfS5R0JGbQJa9S193kNPM0tt7VQDbxeXQg59pdmWjZ+tboL16CUdGcSFMoTMsePCLmq8PevoAwbtpP3ylrE7/VrMA079N3HrfW4X50Pk/gfdzOsG29YJhRsrUKOVuRNaxNhCF163qqUYQII7gmlEPi0uKO3UCa7BSntzVUcn+wjT30L13JEG5rN3C3e7qm+tgxc5JJd85awFKmmjVvwDtqOmPDxSng7YDM2xCMCc1fXH1qEkUtMdhrruBV4sN4Id1QYkK7UqdUOkiiMnrAlnPaL9KlhQ2afTR7vkJqgPHqLACovMEwaQjB8JXbVAO7TGjvVD/+Spe82iWJffDtg+5QPo8xZj0jtdnDF8sSXT/QsRZZnvv45jho/HhqnU03tET4CiIgGHYLsx1l2G5NZEoafjoI3rAFJVR4lt37ymEgdR810weDwUJBDs/4GAp7s19oKKWC4LFvG6wlRoXRfF+QATmbdAvQMaAZaHgM4LsQv9NaQCn7tIARrAVv1ohyl+rH5DQZJKzHNs6XTr7/B8JZUD5HzhQKJIepfQg9Q30wjhKuEpbb6L3LU9gMnuZ7rKky4nK/YR7GKoDKr1OJ6ewz8W1/CvxtF0AnH2gWmomIjLpEfMpJ5fUJcDSHz/kx+FsQ2TcuI7u2IQu2oGCoccljAEpBNPk/hEeS2rCz560lqe3YnREg45sFUtN2spfY/Pnye8fv2Js3UBafX8rnZz7mpY/eqbwq3EmltW3sCWk7+B0C8/lhywNRBcc4adGkRwZe0mHLQukWKAHyNfeQ7fzSC3436jjFPnjTByhAWmDGQISmeAukSohUADcekK80KMPMMk6xs0m5u9dR7WiqLwbkPfB68SgQuf0Ix59PEGjs1VPoufdLN/YkSYcS61P889kG8usnLN1D+T8UFLRA58HvBs0+rOicVWfESdJfPQE9UAAoJXXg6/JRAm2au3gpuLleG5W1krKSzli1wsB9n7ADCwvWQpvDUdIZn9K1H4MxUnn7mbJBgrA7XPbiE3oec6IGUKI4p4TZp/ioB/B9d07WVhtyiEcwokOfrTamz4I+U4SS30VQ8/kZUCBNu+PrKMvr4BKhOKkavtGa5d7bt+DKo8JY13uFo2A2vzfZAXUgAtDyUrgk8pro9J5Y6kQLjnSElZ1GpXBTHlEqvOPlZ5kb7/Aanv7/919//PPn//5ljlI+ygyvae5zH3jHJsZ3SsF9iz5ywYN1RTC/xr3ktRWWg5Cx9QrS4PfJn/K9XS5HTk8YbCmI8CfE3676r4ZHS24NdNetJbFcWEh8WRWbKP2TGmErZxMHXsYb6Z011uVU6v7dJo/qrB+OpkA6UOSFW6TvfCi3E7+joSIE8f428taYJiYT6DZ1iQkaucS+Y4EL0wYvUakDYSb+99I5BT6eh7Z8atq4LYxV0ieWgAgoHp8A2nFEFgri2RgOkUp8krkx4OP4qSXziU9G5Hc/w0E8OTs4jfHjiXAMZMQS0ns5WzmqzmeCDqY/60RXq9zy8ez2JNcPgbmATT7PVVqoH3ov4QO90dETZxRmy5wwbrprl2G2by0sqB2Av8ZLo7wa9yFVdXNRjF+kmMwWqF4Mpk7s1IVVY6ILgf7UlhFsKMA6DC/io3kSxxEnCuzai+/xEuY4q+eKQdxYu4y7E4MFQ2gwNoBNgHQWHA+Iv1v6AXpABVwg9avk+R1l3Ck4wH0NjbxbA85e5UJtaGso1+Z3SklFUi3gyVleOQqYbrPU1tGNZ2axTk0gMWM6JzfgzTEZH3j+A7ZZ1SmnDAAA
.demdex.net/	1970-01-20 08:35:21	Name: demdex Value: 62156898293777233190154425285124627686
.audrte.com/	1970-01-20 04:37:45	Name: arcki2_ddp Value: CAESEB4BJ4oRV466_OX05FJu-A8!20210804!1656969739058
.pubmatic.com/	1970-01-20 04:59:21	Name: KRTBCOOKIE_391 Value: 22924-8824525853337226152&KRTB&23263-8824525853337226152
.pubmatic.com/	1970-01-20 04:59:21	Name: PugT Value: 1656969738
.audrte.com/	1970-01-20 04:37:45	Name: arcki2 Value: h970alvsSMrRl-f4zAjozV-Uw!20210804!1656969739162
.dpm.demdex.net/	1970-01-20 08:35:21	Name: dpm Value: 62156898293777233190154425285124627686
.analytics.yahoo.com/	1970-01-20 13:01:45	Name: IDSYNC Value: "1760~25tx:18zh~25tx"
.360yield.com/	1970-01-20 06:25:45	Name: um Value: !42,9l1MKhKO7dm4Sk3fOHA8fayM83SQWKRY6I18M.ixXhz8,1658179337!38,yKGaqE7MoQ83aAg1msl43EV5uGIrgQIFVpNAgM.ZY-pZhzlTjmPedcBeTM8TdktiHXPtGZVN,1664745739
.360yield.com/	1970-01-20 06:25:45	Name: umeh Value: !42,0,1719177738,-1!38,0,1719177739,-1
exchange.mediavine.com/	1970-01-20 04:36:19	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2262e7a5f0-fbdf-11ec-a339-67d9bda41cd6%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 04:36:19	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2262e7a5f0-fbdf-11ec-a339-67d9bda41cd6%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 04:36:19	Name: criteo Value: %7B%22id%22%3A%22k-kGnsUP_jnn07gURqtBtlCEOqJ5eIN9PCsgItRw%22%2C%22version%22%3A%22criteo%22%7D
.casalemedia.com/	1970-01-20 06:25:45	Name: CMTS Value: 3184
.media.net/	1970-01-20 13:01:45	Name: visitor-id Value: 2999713398890115000V10
.media.net/	1970-01-20 04:59:21	Name: data-c-ts Value: 1656969739
.media.net/	1970-01-20 04:59:21	Name: data-c Value: k-67tAOf_jnn07gURqtBtlCEOqJ5dKq30XaQqBmg~~3
.pubmatic.com/	1970-01-20 04:59:21	Name: KRTBCOOKIE_97 Value: 3385-uid:k--rh6rf_jnn07gURqtBtlCEOqJ5dVUk4p9fOPYQ&KRTB&23144-uid:k--rh6rf_jnn07gURqtBtlCEOqJ5dVUk4p9fOPYQ&KRTB&23286-uid:k--rh6rf_jnn07gURqtBtlCEOqJ5dVUk4p9fOPYQ&KRTB&23287-uid:k--rh6rf_jnn07gURqtBtlCEOqJ5dVUk4p9fOPYQ
.adnxs.com/	1970-01-20 06:25:45	Name: anj Value: dTM7k!M4/QCxrEQF']wIg2C%weR4u_!s3I4#MUTtns5:!00MXRD>@aYG4Q)kG5Dc(HMi=nFTNlB`EE)hVksE2+.XJK(]TyvHObeY?/5Pi@fQEOL%]1$DBVtWRoKi=XuOO!Xn9yvCA<#G@cfNe5fm!U9Rkfl9RrTq9z.*v
.outbrain.com/	1970-01-20 06:25:45	Name: obuid Value: 54ce26c9-1524-43b2-bb03-c594ddb43992
.outbrain.com/	1970-01-20 04:36:19	Name: criteo Value: k-XDTzjf_jnn07gURqtBtlCEOqJ5eZPJAjyalePA
.liadm.com/	1970-01-20 21:47:21	Name: lidid Value: f25e27bd-47a6-4794-ba63-dc3aa3ebd75c
dvwqrjezrqfys.cloudfront.net/	1970-01-20 04:16:10	Name: _dd_s Value: rum=0&expire=1656970637337&logs=1&id=384a64d3-042b-4f18-a60b-8f5369a7baae&created=1656969737336

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://devassets.bitso.com/static/js/main.e0de7eb9.chunk.js Message: WebSocket connection to 'ws://dvwqrjezrqfys.cloudfront.net/ws' failed: Error during WebSocket handshake: Unexpected response code: 200
other	warning	URL: http://dynamic.criteo.com/js/ld/ld.js?a=94442(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=8824525853337226152 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://devassets.bitso.com/static/js/main.e0de7eb9.chunk.js Message: WebSocket connection to 'ws://dvwqrjezrqfys.cloudfront.net/ws' failed: Error during WebSocket handshake: Unexpected response code: 200
network	error	URL: https://idsync.rlcdn.com/397596.gif?partner_uid=N5pR941zUMsakUiZQOUA2Kd4CbHKqHKp Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://devassets.bitso.com/static/js/main.e0de7eb9.chunk.js Message: WebSocket connection to 'ws://dvwqrjezrqfys.cloudfront.net/ws' failed: Error during WebSocket handshake: Unexpected response code: 200
network	error	URL: https://devassets.bitso.com/static/js/main.e0de7eb9.chunk.js Message: WebSocket connection to 'ws://dvwqrjezrqfys.cloudfront.net/ws' failed: Error during WebSocket handshake: Unexpected response code: 200
network	error	URL: https://devassets.bitso.com/static/js/main.e0de7eb9.chunk.js Message: WebSocket connection to 'ws://dvwqrjezrqfys.cloudfront.net/ws' failed: Error during WebSocket handshake: Unexpected response code: 200
network	error	URL: https://devassets.bitso.com/static/js/main.e0de7eb9.chunk.js Message: WebSocket connection to 'ws://dvwqrjezrqfys.cloudfront.net/ws' failed: Error during WebSocket handshake: Unexpected response code: 200

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
ads.yahoo.com
alb.reddit.com
analytics.tiktok.com
analytics.twitter.com
api.adrtx.net
api.segment.io
beacon.krxd.net
bitso.statuspage.io
c1.adform.net
cdn.amplitude.com
cdn.matomo.cloud
cdn.segment.com
cdn.sift.com
cdn.taboola.com
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
devassets.bitso.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dvwqrjezrqfys.cloudfront.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
exchange.mediavine.com
fast.appcues.com
fonts.googleapis.com
global.ib-ibi.com
googleads.g.doubleclick.net
gum.criteo.com
hexagon-analytics.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
match.sharethrough.com
md-ll.apptimize.com
mug.criteo.com
pdw-adf.userreport.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
redirect.frontend.weborama.fr
region1.analytics.google.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
script.crazyegg.com
se.semasio.net
secure.adnxs.com
simage2.pubmatic.com
snap.licdn.com
sslwidget.criteo.com
static.ads-twitter.com
static.clevertap.com
static.hotjar.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1dmp.io
sync.crwdcntrl.net
sync.outbrain.com
sync.teads.tv
t.co
tags.adsafety.net
tags.bluekai.com
tags.cgcmd.globo.com
token.rubiconproject.com
trc-events.taboola.com
trc.taboola.com
uiepkt6livx9uscgsxxisxblarp1fy-lib.idwall.services
uipglob.semasio.net
ups.analytics.yahoo.com
us1.wzrkt.com
visitor.omnitagjs.com
wchat.freshchat.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
x.bidswitch.net
104.111.215.191
104.18.18.126
104.18.19.126
104.244.42.195
104.244.42.69
104.36.113.107
104.89.28.165
104.89.29.143
108.128.241.23
13.107.43.14
13.226.171.150
13.248.245.213
130.211.33.132
139.162.172.91
141.226.228.48
141.94.170.64
141.95.98.69
142.250.185.98
15.197.193.217
151.101.193.140
151.101.65.44
172.217.23.98
178.250.0.163
178.250.2.140
178.250.2.146
178.250.2.151
18.156.0.31
18.203.96.202
18.66.248.48
18.66.97.53
185.167.164.49
185.255.84.152
185.33.221.90
185.33.221.91
185.86.139.106
199.232.136.157
2.18.233.201
2.18.234.233
2.18.235.93
2001:4860:4802:34::36
216.46.185.183
2600:1f18:444a:4602:5071:4299:50e2:8b7b
2600:9000:223f:200:1b:5138:8a40:93a1
2600:9000:223f:fc00:c:7d55:b3c0:93a1
2600:9000:2490:3000:18:47f6:9500:93a1
2600:9000:2490:3400:18:47f6:9500:93a1
2600:9000:2491:5e00:1f:95f6:9b00:93a1
2600:9000:2491:6e00:8:ac1e:8ec0:93a1
2606:4700::6813:9308
2606:4700::6813:b777
2620:1ec:22::14
2a00:1288:80:807::2
2a00:1450:4001:802::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::2004
2a00:1450:4001:828::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c1b::9a
2a02:2638::1c
2a02:26f0:480:3::210:ee87
2a02:6ea0:c700::10
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::396
2a04:4e42::300
2a04:4e42::622
3.121.27.153
3.124.55.177
3.224.245.7
3.66.148.198
3.74.89.102
34.102.232.42
34.251.193.248
34.254.143.3
34.96.67.224
35.158.225.163
35.158.225.181
35.190.24.218
35.227.248.159
35.244.159.8
35.244.174.68
37.157.4.24
37.157.6.236
37.157.6.252
46.19.11.36
51.77.65.169
52.10.147.33
52.215.192.132
52.218.91.123
52.222.206.214
52.222.214.97
52.30.153.205
52.49.242.166
52.57.77.229
54.154.103.240
54.156.217.194
54.205.192.169
54.76.93.140
69.173.144.138
69.173.144.165
70.42.32.31
74.119.119.150
77.243.60.138
85.114.159.118
91.210.226.73
95.101.77.203
95.216.101.186
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
0a02cb2d7190c4675ee2cb667418b06615b563bc0b541fa4964518f48e98dfd2
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0bd68a44bde3bc97553d0345869239790b25dafd1e6e31529527f980e9ffc84a
0d399c61592aec215081c3852584d1196701871531be33bc19333d866be5f59d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
122b7602a669aa512594d2b76200822af7b481ae51b5ed5cf82587939bc89f65
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13cd74548a61c1450f7e0df8a067651a3f1d97ea960544e0d083754e08736230
14233d960cc1bbd697c213ccc3b10ece146f11f3e3ef0263ff446338d6d481eb
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1590e6dc15b5a6b2f70876689ebb8c1a896a49506505af61a6a27733c8430adb
1b1817b720e445653645fa08626788e1ee267e41d8240c7f99b1ec480412364e
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
2199e1b66966d50a2113e0acd9fb5aadd69af5b20f5abdb086d50a8b2653a77e
22b83895c849be59e6dd61220a87731301d55e438014db2b355d26dc545198e6
24e0fea70856310ff622f0b2f9391387f46f3261c65b5c05a1af50c46d57df8c
2739a9cefa6cf7a418a69d1deefcc86ed33ecc44952c3ddf3a3670cde00aef80
29c55bcdec23f1376efb2d2ae768bb893a7cda01e5f174a4ff1fc1ed060c9413
2a22d380c64bb8b4600b0912c017768086e7e7d6b0d23c1956bc4405bfba62eb
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2df3b032ddd4c85559fc5141ab09307f02f748333f95c2c5df3929d8fc60c822
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3166ab72d400c6236915abf1f44c5a1f2203f223864b3ce55ba26349d4bb00d1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3bd80c0ec2e5b6082a5fb0331b748916af93e9d582a7b0a6defba031df21beca
42f05e82f35f77d75b0e1fe97d9084997683540782eb653ba74cbe9444d7eb87
48095b013927a20059e7567c413f5cb148766df064ef4f3591daa2353469da6b
48cd63023a6c82a30b0f633707cfd17ff89c65a2fd82860d28ffd098688e4531
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d6c6bd331b4ae72409753f2c30fb20b22105ac2539d35a0ee08e1ce53d92a5b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ce164d81d37d31f11a22b96115427013788698707b90275401913be8f58254
59a9925f18e1a165069c92666f9297ade9b7e908bcb0dc8ccad3e19c83751d47
5d5c068a045c07e3e416bfd7fb4a47bcfd298a4811f227089a37dac5562f6bbd
5e0a29d72a6a2e572e93429dea4479d1672e5cdb1fdbfcc853299cb13c9f1f69
5e424e2753ee9ff953867ccff859fd907c24a6978a535f40eab7b9d91bc98046
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
5ea00fcdbb1f0b48f11a12a672d1992f786e5e55f4a3c983fa56dcde2671492a
638a3da2e50face77b80021b3e18815a1bc3c6ce91e9552e334c87d64878210d
671974cff43fc34496246c0c322b60e5e405ffb763519b7092cc082f3fa0ac03
68799045dc896067202a14cc175aa7f11c260b814744e1af87211372b20908a3
6a28fa88da3fc0245440ac2d55cac638928235332433fa683608ee15d8fa8149
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b752dcc0e1a7704e2512964abc8c22e43f5ca960cf246545d228dbb42f51348
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca48df6d8db3e41cb4ab81fd3d2dfe447e8ef2950e0a21ea29b759b93116d2c
6cc89ce7939361c4938a6c029a15ceed9e5f393b065164626370ae93f4aedf22
7086097badd696d4700754f863e94acf5b50a162b6f7c1715599030b60d9ef01
708bddd932753f031a7a067f655352c69302994f527a7a9493af85d6abae03bb
7293cf7f95ffee0ab31127f601b68301e51b52409e6c69f26cc6a46a926be9f9
732aa8a749ff45224203d4fce0ac17a28e12555149dcd792cdc3fcdb01f9ee15
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
7b0aa33c81cf666906972db71bcb8b3a48ef2c3b5082d1f0b2ba0070f1a22b78
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a78981eee3d342deb74f0c0ed64ee6d22164c2070507a51e692ff8b43a56730
8d5237afdf8f65695732d356b94ad71851129610d1b7c1de5d5ead937261db18
8d5cc7228f71d9c4c035c44002a5b631c96b5f3739f30a7cb9784bdda471578a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53ff1ed1e86e6e55ce41ddd909d8802b08b66ca24171ecae21c65b3da77c75
8f2472ffc8c386f1ed0db4ad8c27749cdedf2c6976dda6ab224f908ee48610b2
98b4d51bd77706086a0303aa31288a4d2f416a82a74472973b22da50401d2fa3
9a5d6c7035b0110255eae06bd0c360c0649a38bbb62013a439528e4f540d6a94
9a69dcd566deb9aa452447b8c0ab461f1a8194d91e96f44e9ea8cecba1549054
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4313dd615eaf56667b0743b9218b8af9f38e8897339d7aeff488a9b0e8cb387
a625bf40efc6cb275ae38b66e3b66512493be068852f74d2975c6bfacdaf27b8
a761e26b7df32e4e92dc9d974d35b8a86656d5e7fa7124c2c265a6fcbc121e24
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad36df86f597b3e99cba8bd189a7c621e2d3ec06d35d6ce36dfaeef91879e9f8
b021716c13a30574135730289aa7b17583f214dc38e190d09be7fd91480d135f
b068a1bf231b42c941bb2fd705c6ec74cd82cdd93b51fa65fdba1686d078eaf7
b07907a9874e59df58448f4daba3df53b43c6339ec6f610b458aa660f50630ab
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4843389ae32bf6fc33851990dfea9c95913e3dbfa1a075656661f1edf710177
b6e937b73b68f116caa0b35f19464b6892d5f1d3c11fbefcd91fe7c90c8675a9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc7f157591d878ccb905b1c78123902f7c92f59b69ca19473f368664cc8a6ffd
be28d31c6dd363a504848f3adb73531de7c28688398693ac77a369f715b910cf
c2327fde75b38f16195ee96e5a3b6f34369626534c819aa9064e2941e314484a
c4b5fbd0f6fe592c10a5d2ee7ace74c60b325d73c3c59be3a3b8f42eabc6fe21
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d4c676ed415cb16654c1309c8c2ee790db12f4a5ae5efb675a595ddd31a6a9e3
d5caaa252cbd5c9edb4320c2afe15034455aada66c587fdf1dc1275b0b7d3573
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e223d3e0737bab4c085d3a58401815056dc0308fab7d036aa3e96e493ca967ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f92c8bd54fde116543b873056fb6e75866160e39ce9c8265302cb0ad822e80
ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926
ee42b2cbe8e866c44b3468769c62662fa71167b9c9b2137c523fb8c1e495b3d1
ee94251fea8b03da5d0dc6f8489a529c1a2d2a031d874b0ec61866784e3c73c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f778e6f9cde4c934213dbca3989ddb76595c9a6c8d045a5b16f326ae5a1016f0
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

dvwqrjezrqfys.cloudfront.net Open in urlscan Pro 2600:9000:2490:3400:18:47f6:9500:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

202 Requests

77 %HTTPS

26 %IPv6

89 Domains

114 Subdomains

94 IPs

11 Countries

12748 kBTransfer

16114 kBSize

119 Cookies

9 Outgoing links

Redirected requests

202 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dvwqrjezrqfys.cloudfront.net Open in urlscan Pro
2600:9000:2490:3400:18:47f6:9500:93a1 Public Scan

Screenshot
Live screenshot

Full Image

202
Requests

77 %
HTTPS

26 %
IPv6

89
Domains

114
Subdomains

94
IPs

11
Countries

12748 kB
Transfer

16114 kB
Size

119
Cookies

202 HTTP transactions
2 data transactions