urlscan.io logo urlscan.io
SecurityTrails logo

w1.areturnersmagic.com Open in urlscan Pro
2606:4700:3033::6815:327b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://areturnersmagic.com/
Effective URL: https://w1.areturnersmagic.com/
Submission: On April 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 89 IPs in 12 countries across 95 domains to perform 478 HTTP transactions. The main IP is 2606:4700:3033::6815:327b, located in United States and belongs to CLOUDFLARENET, US. The main domain is w1.areturnersmagic.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 29th 2023. Valid for: a year.
This is the only time w1.areturnersmagic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 29 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
19 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.32.99.31 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
20 34.236.207.21 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1178:1:4... 35415 (WEBZILLA)
1 192.243.61.227 39572 (ADVANCEDH...)
5 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a02:2638:3::12 44788 (ASN-CRITE...)
11 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
10 14 142.250.186.34 15169 (GOOGLE)
2 23 185.80.39.216 27381 (CASALE-MEDIA)
8 9 37.252.171.52 29990 (ASN-APPNEX)
18 2a02:2638:d::2 44788 (ASN-CRITE...)
2 178.250.1.6 44788 (ASN-CRITE...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:2638:d::11 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
7 213.227.153.221 60781 (LEASEWEB-...)
4 8 185.184.8.90 204995 (RTB-HOUSE...)
42 52.211.255.71 16509 (AMAZON-02)
3 10 147.75.84.158 54825 (PACKET)
4 185.255.84.150 200271 (IGUANE-)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 8.2.109.168 46636 (NATCOWEB)
2 172.217.18.2 15169 (GOOGLE)
2 18.66.147.43 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 185.89.211.12 29990 (ASN-APPNEX)
3 3.212.153.58 14618 (AMAZON-AES)
6 37.157.6.247 198622 (ADFORM)
1 151.101.193.108 54113 (FASTLY)
19 37.157.6.236 198622 (ADFORM)
3 18.66.147.73 16509 (AMAZON-02)
4 7 80.77.87.162 46636 (NATCOWEB)
3 34.149.40.38 396982 (GOOGLE-CL...)
3 54.229.131.240 16509 (AMAZON-02)
3 51.89.9.254 16276 (OVH)
3 8 185.86.138.154 201081 (SMARTADSE...)
6 6 23.56.202.187 16625 (AKAMAI-AS)
12 23.37.42.132 16625 (AKAMAI-AS)
7 2.19.228.187 16625 (AKAMAI-AS)
3 2600:9000:223... 16509 (AMAZON-02)
6 77.245.57.72 36057 (WEBAIR-IN...)
3 52.202.232.227 14618 (AMAZON-AES)
6 6 209.191.163.152 32475 (SINGLEHOP...)
3 209.191.163.210 32475 (SINGLEHOP...)
9 9 213.19.147.45 26120 (RHYTHMONE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
5 5 193.0.160.131 54312 (ROCKETFUEL)
3 69.166.1.12 27630 (AS-XFERNET)
11 11 3.75.62.37 16509 (AMAZON-02)
3 3 54.156.191.143 14618 (AMAZON-AES)
4 18.194.204.152 16509 (AMAZON-02)
3 3 23.35.228.23 16625 (AKAMAI-AS)
1 3 185.64.190.78 62713 (AS-PUBMATIC)
9 35.71.131.137 16509 (AMAZON-02)
3 7 52.46.151.131 16509 (AMAZON-02)
5 5 37.252.171.85 29990 (ASN-APPNEX)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 4 34.195.128.39 14618 (AMAZON-AES)
2 2 54.228.67.66 16509 (AMAZON-02)
1 1 35.214.153.92 15169 (GOOGLE)
1 2 52.215.114.201 16509 (AMAZON-02)
2 2 18.198.72.223 16509 (AMAZON-02)
6 6 185.29.132.245 30419 (MEDIAMATH...)
3 50 34.247.205.196 16509 (AMAZON-02)
8 8 35.157.13.156 16509 (AMAZON-02)
2 2 3.122.13.213 16509 (AMAZON-02)
9 9 70.42.32.127 13789 (INTERNAP-...)
5 5 35.244.159.8 15169 (GOOGLE)
3 5 2a05:d018:d29... 16509 (AMAZON-02)
3 3 54.147.162.32 14618 (AMAZON-AES)
3 3 2603:c020:400... 31898 (ORACLE-BM...)
3 169.197.150.8 398989 (DEEPINTENT)
6 6 70.42.32.63 13789 (INTERNAP-...)
3 3 104.111.217.14 16625 (AKAMAI-AS)
5 5 54.155.103.238 16509 (AMAZON-02)
4 4 198.148.27.140 19189 (PULSEPOINT)
2 2 3.122.49.75 16509 (AMAZON-02)
3 98.98.134.241 21859 (ZEN-ECN)
4 185.86.138.151 201081 (SMARTADSE...)
2 2 162.19.80.91 16276 (OVH)
5 7 151.101.66.49 54113 (FASTLY)
1 185.255.84.153 200271 (IGUANE-)
1 35.244.174.68 15169 (GOOGLE)
4 4 124.146.215.43 2514 (INFOSPHER...)
8 69.173.144.139 26667 (RUBICONPR...)
4 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.182 1299 (TWELVE99 ...)
5 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.7.11 44788 (ASN-CRITE...)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 54.72.3.113 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 52.5.106.217 14618 (AMAZON-AES)
3 4 37.157.2.234 198622 (ADFORM)
1 35.204.74.118 396982 (GOOGLE-CL...)
1 8.43.72.97 26667 (RUBICONPR...)
2 2 34.111.151.213 396982 (GOOGLE-CL...)
1 162.19.138.117 16276 (OVH)
1 2600:9000:211... 16509 (AMAZON-02)
2 2 35.210.53.219 15169 (GOOGLE)
1 82.145.213.8 39832 (NO-OPERA)
1 6 69.173.144.138 26667 (RUBICONPR...)
1 34.198.183.31 14618 (AMAZON-AES)
2 198.47.127.20 ()
1 1 85.114.159.93 ()
1 2606:4700:10:... ()
478 89
29    2606:4700:3033::6815:327b (United States)

ASN13335 (CLOUDFLARENET, US)
areturnersmagic.com
w1.areturnersmagic.com
1    2606:4700:3031::ac43:a32c (United States)

ASN13335 (CLOUDFLARENET, US)
w1.areturnersmagic.com
19    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    13.32.99.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-31.fra60.r.cloudfront.net
cdn.purpleads.io
2    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
20    34.236.207.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-207-21.compute-1.amazonaws.com
api.purpleads.io
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1178:1:4b::1a (Netherlands)

ASN35415 (WEBZILLA, NL)
vengeful-egg.com
1    192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
warlockstallioniso.com
5    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
partner.googleadservices.com
adservice.google.de
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
5    2606:4700:20::681a:333 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.prplads.com
2    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
11    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
14    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
23    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
9    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
18    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
6    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
7    213.227.153.221 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce14.ams-01.nl.leaseweb.net
b1h-euc1.zemanta.com
8    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
42    52.211.255.71 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
ads.servenobid.com
events.servenobids.com
10    147.75.84.158 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
4    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
4    8.2.109.168 (United States)

ASN46636 (NATCOWEB, US)
prebid.admanmedia.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
googleads4.g.doubleclick.net
2    18.66.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-43.fra60.r.cloudfront.net
tagan.adlightning.com
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
7    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ams3-ib.adnxs-simple.com
3    3.212.153.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-153-58.compute-1.amazonaws.com
1x1.a-mo.net
6    37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs-simple.com
19    37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
3    18.66.147.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-73.fra60.r.cloudfront.net
public.servenobid.com
7    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
3    34.149.40.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
3    54.229.131.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-131-240.eu-west-1.compute.amazonaws.com
g2.gumgum.com
3    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
8    185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
6    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
12    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
7    2.19.228.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-228-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    2600:9000:223f:4200:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
6    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
3    52.202.232.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-232-227.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
6    209.191.163.152 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
3    209.191.163.210 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
9    213.19.147.45 (Castricum, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
5    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
11    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    54.156.191.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-191-143.compute-1.amazonaws.com
ssp.disqus.com
4    18.194.204.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-204-152.eu-central-1.compute.amazonaws.com
match.sharethrough.com
3    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
hbx.media.net
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
9    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
7    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
5    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
4    34.195.128.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-128-39.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    54.228.67.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-67-66.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
2    52.215.114.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    18.198.72.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-72-223.eu-central-1.compute.amazonaws.com
pm.w55c.net
6    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
50    34.247.205.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
8    35.157.13.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-13-156.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.122.13.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-13-213.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
9    70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
5    2a05:d018:d29:3605:321a:b7de:60de:298b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    54.147.162.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-162-32.compute-1.amazonaws.com
sync.ipredictive.com
3    2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
6    70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
3    104.111.217.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com
stags.bluekai.com
5    54.155.103.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-103-238.eu-west-1.compute.amazonaws.com
ad.360yield.com
4    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    3.122.49.75 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-49-75.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
3    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
4    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    162.19.80.91 (France)

ASN16276 (OVH, FR)
PTR: ns3011793.ip-162-19-80.eu
gu.dyntrk.com
7    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    124.146.215.43 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
8    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.182 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
5    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    54.72.3.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-3-113.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    52.5.106.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-106-217.compute-1.amazonaws.com
a.audrte.com
4    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
1    2600:9000:211e:7400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
6    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    34.198.183.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-183-31.compute-1.amazonaws.com
rtb.adentifi.com
2    198.47.127.20 (None, )

ASN- ()
simage4.pubmatic.com
image4.pubmatic.com
1    85.114.159.93 (None, )

ASN- ()
dsp.adfarm1.adition.com
1    2606:4700:10::ac43:db6 (None, )

ASN- ()
mwzeom.zeotap.com
Apex Domain
Subdomains		 Transfer
53 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2328
usersync.gumgum.com — Cisco Umbrella Rank: 2448
17 KB
44 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 3698
public.servenobid.com — Cisco Umbrella Rank: 6602
31 KB
33 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1452
eus.rubiconproject.com — Cisco Umbrella Rank: 798
token.rubiconproject.com — Cisco Umbrella Rank: 795
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1475
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
71 KB
30 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
360 KB
30 areturnersmagic.com
areturnersmagic.com
w1.areturnersmagic.com
490 KB
29 adform.net
track.adform.net — Cisco Umbrella Rank: 3229
s1.adform.net — Cisco Umbrella Rank: 7269
dmp.adform.net — Cisco Umbrella Rank: 3752
c1.adform.net — Cisco Umbrella Rank: 908
163 KB
23 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679
dsum.casalemedia.com — Cisco Umbrella Rank: 2284
19 KB
23 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394
79 KB
22 purpleads.io
cdn.purpleads.io — Cisco Umbrella Rank: 67646
api.purpleads.io — Cisco Umbrella Rank: 24580
41 KB
21 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 725
image6.pubmatic.com — Cisco Umbrella Rank: 1037
simage2.pubmatic.com — Cisco Umbrella Rank: 976
image2.pubmatic.com — Cisco Umbrella Rank: 1377
simage4.pubmatic.com
image4.pubmatic.com
59 KB
20 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
csm.eu.criteo.net — Cisco Umbrella Rank: 6433
85 KB
16 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
5 KB
15 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2474
mp.4dex.io — Cisco Umbrella Rank: 2960
u.4dex.io — Cisco Umbrella Rank: 5135
99 KB
14 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1379
assets.a-mo.net — Cisco Umbrella Rank: 5363
1x1.a-mo.net — Cisco Umbrella Rank: 3973
19 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
secure.adnxs.com — Cisco Umbrella Rank: 604
14 KB
13 zemanta.com
b1h-euc1.zemanta.com — Cisco Umbrella Rank: 25084
b1sync.zemanta.com — Cisco Umbrella Rank: 813
5 KB
12 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1052
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774
6 KB
11 admanmedia.com
prebid.admanmedia.com — Cisco Umbrella Rank: 58001
cs.admanmedia.com — Cisco Umbrella Rank: 1531
4 KB
9 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 987
4 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
2 KB
9 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1417
ap.lijit.com — Cisco Umbrella Rank: 883
5 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
3 KB
8 adnxs-simple.com
ams3-ib.adnxs-simple.com — Cisco Umbrella Rank: 27937
cdn.adnxs-simple.com — Cisco Umbrella Rank: 17464
38 KB
8 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6636
creativecdn.com — Cisco Umbrella Rank: 682
2 KB
7 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1020
2 KB
7 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
aax-eu.amazon-adsystem.com Failed
5 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 875
4 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
3 KB
6 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1939
960 B
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
2 MB
5 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 812
1 KB
5 openx.net
us-u.openx.net — Cisco Umbrella Rank: 707
1 KB
5 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1325
4 KB
5 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4211
visitor.omnitagjs.com — Cisco Umbrella Rank: 1151
1 KB
5 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 6413
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 8248
dis.criteo.com — Cisco Umbrella Rank: 941
102 KB
5 prplads.com
cdn.prplads.com — Cisco Umbrella Rank: 48049
466 KB
5 gstatic.com
fonts.gstatic.com
94 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3102
3 KB
4 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1266
3 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 866
2 KB
4 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1009
3 KB
4 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 777
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24171
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30620
897 B
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 985
561 B
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 842
2 KB
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1528
76 B
3 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 2037
1012 B
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1318
1 KB
3 media.net
hbx.media.net — Cisco Umbrella Rank: 2144
1 KB
3 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2228
691 B
3 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1456
1 KB
3 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 5275
985 B
3 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5458
1 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
146 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
region1.google-analytics.com — Cisco Umbrella Rank: 1718
20 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 6677
749 B
2 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2579
573 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 6958
562 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 3200
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 5985
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3496
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1332
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 277
2 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 825
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955
929 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
868 B
2 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2985
41 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
10 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 5261
696 B
2 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3572
71 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
2 KB
1 zeotap.com
mwzeom.zeotap.com
381 B
1 adition.com
dsp.adfarm1.adition.com
524 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1948
35 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 3365
413 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1005
241 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 612
1 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
610 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1149
266 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1063
587 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 1007
98 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1427
289 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 9478
1 servenobids.com
events.servenobids.com — Cisco Umbrella Rank: 21706
272 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1132
471 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
72 KB
1 warlockstallioniso.com
warlockstallioniso.com — Cisco Umbrella Rank: 571130
1 vengeful-egg.com
vengeful-egg.com — Cisco Umbrella Rank: 436588
450 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 997
33 KB
0 dotomi.com Failed
pubmatic-match.dotomi.com Failed
0 onaudience.com Failed
pixel.onaudience.com Failed
0 semasio.net Failed
uipglob.semasio.net Failed
0 trafficroots.com Failed
demand.trafficroots.com Failed
478 95
Domain Requested by
50 usersync.gumgum.com 3 redirects g2.gumgum.com
41 ads.servenobid.com cdn.prplads.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
ads.pubmatic.com
26 w1.areturnersmagic.com 1 redirects w1.areturnersmagic.com
20 api.purpleads.io cdn.purpleads.io
19 s1.adform.net track.adform.net
s1.adform.net
w1.areturnersmagic.com
ams3-ib.adnxs-simple.com
19 pagead2.googlesyndication.com w1.areturnersmagic.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
18 static.criteo.net ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
14 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
g2.gumgum.com
12 eus.rubiconproject.com public.servenobid.com
eus.rubiconproject.com
g2.gumgum.com
12 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
11 ups.analytics.yahoo.com 11 redirects
11 tpc.googlesyndication.com googleads.g.doubleclick.net
w1.areturnersmagic.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
10 prebid.a-mo.net 3 redirects cdn.prplads.com
9 sync.outbrain.com 9 redirects
9 match.adsrvr.org ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
ads.pubmatic.com
public.servenobid.com
9 ssum-sec.casalemedia.com public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
9 ib.adnxs.com 8 redirects googleads.g.doubleclick.net
8 token.rubiconproject.com eus.rubiconproject.com
8 x.bidswitch.net 8 redirects
8 ssbsync.smartadserver.com 3 redirects public.servenobid.com
g2.gumgum.com
ssum-sec.casalemedia.com
8 script.4dex.io cdn.prplads.com
script.4dex.io
7 sync-tm.everesttech.net 5 redirects ssbsync.smartadserver.com
g2.gumgum.com
7 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
eus.rubiconproject.com
7 sync.1rx.io 7 redirects
7 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
7 cs.admanmedia.com 4 redirects cdn.prplads.com
7 ams3-ib.adnxs-simple.com tagan.adlightning.com
ams3-ib.adnxs-simple.com
cdn.adnxs-simple.com
7 b1h-euc1.zemanta.com cdn.prplads.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
w1.areturnersmagic.com
6 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
6 b1sync.zemanta.com 6 redirects
6 sync.mathtag.com 6 redirects
6 ce.lijit.com 6 redirects
6 sync.adkernel.com public.servenobid.com
g2.gumgum.com
6 secure-assets.rubiconproject.com 6 redirects
6 track.adform.net ams3-ib.adnxs-simple.com
s1.adform.net
6 s0.2mdn.net w1.areturnersmagic.com
s0.2mdn.net
googleads.g.doubleclick.net
s1.adform.net
5 image2.pubmatic.com ads.pubmatic.com
5 ad.360yield.com 5 redirects
5 pr-bh.ybp.yahoo.com 3 redirects ssum-sec.casalemedia.com
5 us-u.openx.net 5 redirects
5 secure.adnxs.com 5 redirects
5 p.rfihub.com 5 redirects
5 cdn.prplads.com cdn.purpleads.io
5 fonts.gstatic.com fonts.googleapis.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 simage2.pubmatic.com ads.pubmatic.com
4 creativecdn.com 4 redirects
4 tg.socdm.com 4 redirects
4 rtb-csync.smartadserver.com ssbsync.smartadserver.com
4 bh.contextweb.com 4 redirects
4 sync.srv.stackadapt.com 4 redirects ads.pubmatic.com
4 match.sharethrough.com public.servenobid.com
ssbsync.smartadserver.com
4 prebid.admanmedia.com cdn.prplads.com
4 mp.4dex.io cdn.prplads.com
4 hb-api.omnitagjs.com cdn.prplads.com
4 prebid-eu.creativecdn.com cdn.prplads.com
4 areturnersmagic.com 4 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 pixel-sync.sitescout.com g2.gumgum.com
ssum-sec.casalemedia.com
3 stags.bluekai.com 3 redirects
3 match.deepintent.com g2.gumgum.com
3 sync.technoratimedia.com 3 redirects
3 sync.ipredictive.com 3 redirects
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 hbx.media.net 3 redirects
3 ssp.disqus.com 3 redirects
3 sync.go.sonobi.com public.servenobid.com
3 ap.lijit.com public.servenobid.com
3 cs-server-s2s.yellowblue.io public.servenobid.com
3 cs-rtb.minutemedia-prebid.com public.servenobid.com
3 onetag-sys.com public.servenobid.com
3 g2.gumgum.com public.servenobid.com
3 u.4dex.io cdn.prplads.com
3 public.servenobid.com cdn.prplads.com
3 1x1.a-mo.net w1.areturnersmagic.com
3 www.googletagservices.com googleads.g.doubleclick.net
w1.areturnersmagic.com
2 pool.admedo.com 2 redirects
2 dmp.brand-display.com 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 pm.w55c.net 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 match.prod.bidr.io 2 redirects ads.pubmatic.com
2 sync.targeting.unrulymedia.com 2 redirects
2 ad.turn.com 2 redirects
2 tagan.adlightning.com cdn.prplads.com
2 googleads4.g.doubleclick.net w1.areturnersmagic.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 cdnjs.cloudflare.com ads.eu.criteo.com
2 cat.nl3.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com w1.areturnersmagic.com
www.google-analytics.com
2 cdn.onesignal.com w1.areturnersmagic.com
cdn.onesignal.com
2 cdn.purpleads.io w1.areturnersmagic.com
2 fonts.googleapis.com w1.areturnersmagic.com
cdn.purpleads.io
1 image4.pubmatic.com
1 mwzeom.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 rtb.adentifi.com eus.rubiconproject.com
1 t.adx.opera.com g2.gumgum.com
1 s.ad.smaato.net ssbsync.smartadserver.com
1 id5-sync.com ssbsync.smartadserver.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 id.rlcdn.com ssbsync.smartadserver.com
1 visitor.omnitagjs.com ssbsync.smartadserver.com
1 csync.loopme.me 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 events.servenobids.com w1.areturnersmagic.com
1 cdn.adnxs-simple.com ams3-ib.adnxs-simple.com
1 assets.a-mo.net tagan.adlightning.com
1 www.google.com tpc.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com www.google-analytics.com
1 warlockstallioniso.com w1.areturnersmagic.com
1 vengeful-egg.com w1.areturnersmagic.com
1 code.jquery.com w1.areturnersmagic.com
0 pubmatic-match.dotomi.com Failed
0 pixel.onaudience.com Failed
0 uipglob.semasio.net Failed
0 aax-eu.amazon-adsystem.com Failed ads.pubmatic.com
0 demand.trafficroots.com Failed ssbsync.smartadserver.com
478 136

This site contains links to these domains. Also see Links.

Domain
areturnersmagic.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-29 -
2024-01-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.purpleads.io
Amazon RSA 2048 M02		 2023-02-24 -
2023-11-29		 9 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
vengeful-egg.com
R3		 2023-03-19 -
2023-06-17		 3 months crt.sh
warlockstallioniso.com
R3		 2023-03-08 -
2023-06-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
prplads.com
GTS CA 1P5		 2023-04-19 -
2023-07-18		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-04 -
2023-06-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-14 -
2023-06-09		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-26 -
2023-06-29		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M02		 2023-02-09 -
2023-06-27		 5 months crt.sh
*.a-mo.net
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-04-21 -
2023-05-23		 a year crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-07-07		 4 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018		 2023-02-27 -
2024-03-29		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
u.4dex.io
GTS CA 1D4		 2023-03-05 -
2023-06-03		 3 months crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-14 -
2023-10-05		 8 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-06-29		 4 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon RSA 2048 M01		 2023-03-24 -
2024-04-21		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M02		 2023-02-27 -
2023-09-20		 7 months crt.sh
adentifi.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-03		 6 months crt.sh

This page contains 106 frames:

Primary Page: https://w1.areturnersmagic.com/
Frame ID: 7CD45BE34B360EDAD8724C35986E8A76
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: BAF97ADC4F2F04BF5762AA808DC53DA5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3327298579154787&output=html&adk=1812271804&adf=3025194257&lmt=1682004453&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fw1.areturnersmagic.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682043792802&bpp=3&bdt=255&idt=230&shv=r20230418&mjsv=m202304170102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7035776275707&frm=20&pv=2&ga_vid=245917242.1682043793&ga_sid=1682043793&ga_hid=1337188456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31073968%2C31074024%2C44789761&oid=2&pvsid=432858823415047&tmod=2010400593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=250
Frame ID: 7481DD727D0AA53163EDFA4AF171847C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Frame ID: 665D93CC3EB56A3EB74B9FB0BFE0CBAF
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Frame ID: 825AF95DE3A537F6C77AA012195B29AB
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9BF217DE4F3B26A5DBC62556F39C1BEE
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKHwIu8diAAxlKp42V9zidhuXeOKiDw&u=%7CtIkYEaG2Wq462YMYvKn4NaSl97nJqQKnX%2BazIAhF1Nw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzTE2NRR225S641ULTy2Ib6EgMp2k7UlfBdwdmMcHgDwzbfC3T_CDG9GS1TR0BuJMcVrhPCn0DnXTi_3MIxCYulMRHoFd7tHO-78eqCU12eUENhUpi_652h1HhpExY1RmryPEE9keR756Ws3bGThFAGysq6bNDmg74zCCkQJ24zjNBgfHEdF5Gvs0lKuNvAZVD6NxgcmQnIKmvZyDd4nJwpEgO1zCJg0xdpqD7ws-DdzPJklofTJu600ShVkqA3Rq6KdcqLhKErplb60gAR8VIfGJU59u1i_HwZEmggHY5GeXMtsAE6xoTkhROOwqju0UOBVSRgPwOeuhazb-ClirZ9JuQm3R5-g1_ImUlXRMykFDDyihMlU7QOezMQLvqhC2us7wYCKeuQlZH2QaqFB2aT7VdOfiMvcYSFlvGL0ZQRhkVTGgB_AiF1EGq1TBT9sPvYKLsrXykfx0EkFjOYY4wGn0CJPjiPD_Of7A-LVx8LhWRYUCYYrM_mkeAn83ENmEk_UUYlpPMaxlyS78qj5GFLxVm17svSeGTw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8SUbkfNBZPzQBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0LKedLbIauWa555qn9uIACtliRG3n04NOLrXAlbMEMqAtQWE2QxOLgkM86DZCC2SNvWa3yHKuQIspXneJhlbx9wFpMAP7UNXyqv-3DwzhJslLSroNg4Ak02Dsq3kLmoZ1liKs-ayFPZWrI5bVuah-x1pZ6eI38xA5umzHfl8eKHvCJoxPZc6o0JLCoJW376Ol_e8EpzaIc0dEZbfUxBl-VxP-RLsOjsfnFjeOzZPQNtujReIkz48gLUTuyIItZnD1cHv9pfTRAVnyTxo1jbJIDRMcFvtuFhEBAPLYWeTG0w16OVEYALj9FL7pvp2BIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jX1fhTBVMivYn9rvwQNcikKr9TQ%26client%3Dca-pub-3327298579154787%26adurl%3D
Frame ID: 9C75F02604B3EC6D5AC769A2D50E11E4
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKH0Iu8diAAxlKuTllHD5cOwiWpRbvg&u=%7CtIkYEaG2Wq60sl9QSEAvQs8bverFEI8a%2BEjHxbJZOgg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZRf8mSY4s2yWA5MNWkuH4PeE7RdvetCqi7EDrRBFmb6r5P8n-YIKZnOHr1GxItlzLHs9zOcRNoX4rJApB7EIjDjv-T7glT0CmWaIaNTUxudn5KnJbCNLC17R6PtMVpr0T3f0Ggs6hmYbhvcVS4By9jIp5HWV_yWA2fIPr84RPRBQris7OP-EKzjgc4mtpUxhsJ5hKFDVXH_PoHFgL0U6f0ZV2GeRqUEUqsXEcpwVK9QgUsrR-2VRsqZtzrlM2iCE09NzB4F_r7GbwS8uH3UWdxGQXIdomXeoknSBX_JgbWSuKikadZcKb90_F4TK82lq7nv9OhTnfkjKkioXacTf5mK1fNlQ0lijk-rZZYP7vX8ueoQ20Y_bEPX59rVPEPbif9M4ZySXtnZxNw-wsVzeTBgKvVsI4y4h6khFDAg59YDHOw0v0dql0S1t8ZRtIgrzKdY1VUbs8UyskHn_7RUDjqp_M1Tx52SWDkbPM1MeweTmtztVA1gybWwZd8Z7qSg6PLGXxc0wl-Bh3L83H1Sqc9hy1lNZOM1eWw5MauvxEj3Mga7jVgBDOYGLpVvKDK_b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv9clkfNBZP3QBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0EoHRX-nJraqGUiw7fyfYdKQmoZoSTmO7PyC3Rvof5js3JP8RBscvzNZzeQWGwdlSrIA4vlkwFTEPXN7OzMRkKF2bLKFwVssjAC80b48tozfOgjdelSItTxHbMbF3cRuWZtwAyNqqNj14Q6J__yBsx1K400SNQO7BOXtLLTgLvVUew0eNdKhA61DKtv-FU6cYtDS0eCrFmfWYnR2MRaCXx0kxPLM7Cfuljl1c8WsOcskP-pTKtS65Wj8bb2NrDFSrqmW6qFS-VSHYCGEfqUEs1VDJWwY5yixzhgrb6ChlQD6x7MdLuiDTMLPttIIH4AGq5-pzdqi4vUnoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Vql2FLY0mV8F3ffHjS-ydVyuvrA%26client%3Dca-pub-3327298579154787%26adurl%3D
Frame ID: 3DB1191D6A39DD9AB25BC5CD860FFC42
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXZKM1mCLezmwdkBf3C_aqWT15JrghZa8WsXaLxuY0MKxIbsOTZcEnlJp15toqXUAKnvSIIJ-TJCpLp_qPx0XBzUcc8wi2mquq-XFYHF9hCQZtR9xQB6vZ23x7WUqidnMeasKc717oIOIkKTR33H2vEZEsU7jKAmLUR7GS7QTpul_cUeN4
Frame ID: 1D2E6AA700F22E1508839FD556AEB238
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 65A0EA2867CE059B92A723155CEE5C3C
Requests: 18 HTTP requests in this frame

Frame: https://cdn.prplads.com/prebid-2023-03-22.js
Frame ID: 5D70B086493EC614D0403331A9837F9B
Requests: 11 HTTP requests in this frame

Frame: https://cdn.prplads.com/prebid-2023-03-22.js
Frame ID: EC78E019615E0D2BAB395770D9B72859
Requests: 11 HTTP requests in this frame

Frame: https://cdn.prplads.com/prebid-2023-03-22.js
Frame ID: EF4E1736F9D233207D8B4D2F733FE604
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 50D9BF2107C022FB4855170D2A19F2A0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
Frame ID: 9B721B832149D13EA2A782AC0FF9B8A6
Requests: 4 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nobid/blacklist_script.js
Frame ID: 44D1790315147AD68880FEE5742BF269
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 091E4626BC094AE6E11A20C75D6B072B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B35CE6756060B7CA9FD3DDB3D29C8D40
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato&display=swap
Frame ID: C3C10A80E7B306B4548680A705F1AF4B
Requests: 12 HTTP requests in this frame

Frame: https://ams3-ib.adnxs-simple.com/if?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QLoB2zoAwAAAwDWAAUBCJLnh6IGEOj11rz8w_T3GRj_EQF4ASo2CZDZOL-8ONA_EULYE0Wnk8s_GQAAAAApXBRAIRESACkRJNgxAAAAgOtR8D8wkM2-CjiCYED2CEhbUIaCypUBWLGTkAFgAGiijqkBeKX3BYABAYoBA1VTRJIBAQb0CAOYAcACoAEyqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ01DTDJ4Y1FyUW892AIA4ALY1VvqAh9odHRwczovL3cxLmFyZXR1cm5lcnNtYWdpYy5jb20v8gIsCgdFTkNfQ1BNEiFoWGdJTTVLdEphdmtMaF80LU1FNnMxSnhDY3BIaURhdjDyAr0CCgxFTkNfUlRCX0RBVEESrAIwelIxMk9PYVFaZjdYV1UyUkhkZVVHLS03V2dHaFdYbVMyRmRjRnZ4UWI5VUxOVTBLNzhSX3F5MC1wVS1JOENUdEI4YUdBYnU5eGFsWFBpa1FSeUx2Y21xQ1ZYa1ZLcjJPMFg5LVk1Smx1SGVTbzV1UXNKaEFhZXBSVHV4cWJrclRmU1FfXzYwcGpWekwydFNWRFo4V09zVVphOUtqQkM2TjF1clNJbXRRVEVlTEg3cWthXzVwRHlBODV5NVJLM2hKZy1zSjNmNmlFSnh6aUt6dGlQemd0MDk5QUw2WXp3Q0RVNkpqc1NSVDZFcDNoQlpzQmRHalhLdVhkYUVyVlh4akpZQ1BhYmlZanNXeFVCZTY3cDVzLU1rMzB6VUhEdEV1VmpDS0FnVFk5MDHyAgYKBEFESUTyAgsKCUNPT0tJRV9JRIADAYgDAJADAJgDFKADAaoDJxoVMTg2ODk0MzQwNDMxNjM0MzAxNl8xKgQ0MTcyOgg0OTcyNjkxMsADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8xODUuMjEzLjE1NS4xODSoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEhoLKlQH6BBIJAAAAwMwMSUARAAAAQDMzIUCIBQGYBQCgBYCc99qnjuqXbqoFEEhGSFZPSkczVU1ITzM3TFTABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX6ixj6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AGv_MB2gYWChAAAAAAAAAAAAAAAABhXnQQABgA4AYB8gYCCACABwGIBwCgBwHIB6X3BdIHDQkBIgEBASYM2gcGCAUJYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=a7c0630be50111dc076df95e7313444de197aeaf
Frame ID: 8136D0302211050FA8EC7AAB7102CF1B
Requests: 14 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2063239/12660059/12660059.js?ADFassetID=12660059&bv=258
Frame ID: 10813A5E782696CAB476F1CA5EA5CC34
Requests: 18 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: CDBF98FD5166C57B109AA8B3B0626059
Requests: 13 HTTP requests in this frame

Frame: https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Frame ID: 231D2F87085ABDD497B66D6F506991F7
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: BC4054FF9066FCDA41754EB67999E4C3
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/usync.html?gdpr=1&gdpr_consent=
Frame ID: 27B9C6861D3B3778E0EA3D60C6D00BB8
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 832DC483982C01AB9C9808354D5B5D1B
Requests: 13 HTTP requests in this frame

Frame: https://u.4dex.io/usync.html?gdpr=1&gdpr_consent=
Frame ID: 004C412A6B844F18AB7FC46061AFB4A7
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 56FCBC478F029CC2D6B5A5AE3AF895E3
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Frame ID: 3BB852D1F0CC5A65D191EF5F627588AF
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 1632FFDFA0DB9E2EB16A83625268A15A
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 31C194D84718D4D8240676D57C3EB652
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: EA4C4FCAD04D67A8F7A93B568EA712A6
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 333150AAA8BE3B12BF5D2C682BE15DAB
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: AE95381C536BFB2ACDC6A17349AD4D8B
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: B50063F3F491AEAC5AB30E9CD158D864
Requests: 10 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: B483E8D61E1C8A9C55F664C7469087D3
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 8AFDF426C0C751368574733044DE73EB
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: D3522543301FB89698057A49BA45070D
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: CE12C24C4D1EE94EFFEEC38346DDBD2D
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: EAB7DB6870927FDBC424BDBC87B20CA0
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 9E02C9BA678540DF19CC31C0BCA573A7
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: F3FA1D2073DAEB58DCE5758CE31C3A37
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: FA1B27955415FB70E53C197EB639E6BB
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 91C866FA1D35FCB452201887D3DBC003
Requests: 12 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 7439BB2AE2C4C155787D21C9BD329755
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 417CC8BE8426084B550135ADF2AC95AD
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 9E159AEB42FE01271B1C72CDE99747C3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=d9e16441-f397-4a00-b666-d38e19f9614b&gdpr=0&gdpr_consent=
Frame ID: B200A0AD73F6BA769AAF3D8A93AC7058
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 58172DD7392BEE8C3B722BC831B1EFB9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZEHzlgAAAROepgBL&gdpr=0&gdpr_consent=&_test=ZEHzlgAAAROepgBL
Frame ID: AD1348B4909738DA603248970358E85F
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9mMTQ0NWNlOC01OTI2LTQ5YTctODM4NC1jNGU4NzA0YzI0MGI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: EFC7157B0CE5D5361CFBD77CF09952C4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: EAE66AE8ED8D02C3F2DB4ED5C88DB78D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 622796E9EDCA79EAD7C79D3EDE9E5864
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZEHzlsCo8X4AAKp-4ZEAAAAA
Frame ID: 6B8EC773B10A46862F4012F3642534F9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=fc0d78bf-6a7c-4a19-8456-c7d214dd6ae1
Frame ID: A24C1984FDC9495591FC6F6E6F281ACF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 8E6C7FB279DE5340709810A8F1DF6DF4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=NQcgFqs44zjLRAHyLbxv&pi=gumgum&tc=1
Frame ID: C313AEF6351DB678D907A797FAFCF673
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 1C319585EB7320AF351611C4FF86470F
Requests: 13 HTTP requests in this frame

Frame: https://u.4dex.io/usync.html?gdpr=1&gdpr_consent=
Frame ID: 2C18D63FB59F31DA2FB1539804C887D8
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Frame ID: 18D0BC3FDFF54C99CA89B6B8B7B4C616
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 86AE3A02650D61828BA4CC53AF0FD6A1
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=806a6441-f396-4e00-9c23-98884f7ad3b2&gdpr=0&gdpr_consent=
Frame ID: D533697CCF47BB792C8967ACF668469A
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 712A0F35F92934F633D13D09A46EAC25
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZEHzlgAEUvdIggBa
Frame ID: FD57A703E692673187DF2B6E1FDB23EC
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81Y2MxOWNmNy05NWZjLTQ5ODUtOTllYi01NzdjM2M3NDBkZjc=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: DC7557E483C7E568B5736B6D7A210E81
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 3B5C893589B7204DB9853CDC7D44E926
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: C2B7B6D69D79C3293119B4E79EFC4C4C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZEHzl8Co8XsAAG6fMSsAAAAA
Frame ID: 168343FA3755E8E49A2CA50CFFC2D9B5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=e1e255bb-195a-4589-8b22-10d1e9311f7a
Frame ID: 9F6BFE6B5884139962827946080ED1E7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: CC2BFC484BA4ED46501241A5CE882FA1
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 30AD7497ACCBEF46580352A325238C50
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=NQcgFqs44zjLRAHyLbxv&pi=gumgum
Frame ID: 36267CF9B14D29060CA951F28CE982EB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: B6790D1F1357480994170E2EC85AC802
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d9e16441-f397-4a00-b666-d38e19f9614b&gdpr=0&gdpr_consent=
Frame ID: 17E6B3A4FD000D84662B9535DF311A39
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5266934095289477906
Frame ID: 1E1A360231F9E2C1600056C4975A94F3
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: F43B2FDEDD3C1D7A4D1EEE453C178A04
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727352024827
Frame ID: 10C38FE66627E4888B7B37528A7C9166
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hUoKT9VNB0ieRlpJ0E8TToAbD0ueGFhGgk-2vyox
Frame ID: 7966905F99102120A1E954FDB79B6942
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=39769EB3-17F5-4488-9DA9-64C705BB25C7
Frame ID: 3D7D49AC6039FB46BCFD0DC59CDAB7A2
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 3AB1381422A0F447764C515667ED1DC1
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 022CC8E6C9E0A3B038C34D1817B5645E
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 65E8F27A128F0CDFC2188FF8226E5540
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: E1A2E803092588986F9D7EF583138286
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: DF215BEB9571FAFD7CC412DD7E6B6E2B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 76110008C829F5D3840E876605986C35
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 6A8F30A1B768D3BB87BAF49F0A1BA4B5
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 37042F3E5936A61E4B22685E2C11DF57
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 9F6C6AB8985AF06DB12CC8640B39BAB5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=d9e16441-f397-4a00-b666-d38e19f9614b&gdpr=0&gdpr_consent=
Frame ID: 619DD5C5EBD539E724805AB61A335534
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 270905C4CA7ED573E2D8B279F117C1F5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZEHzlgAAAROepgBL&gdpr=0&gdpr_consent=
Frame ID: 6D59695763399DC993B16C3733251C3C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81Y2MxOWNmNy05NWZjLTQ5ODUtOTllYi01NzdjM2M3NDBkZjc=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: F43CCEC36FCBEC8E5C59884668DA7589
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 36DEDA93153206604D8E45F98A7937B0
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 419C1020C9B6442FB1CC9BA133EAA031
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZEHzl8Co8XcAAIxMaSwAAAAA
Frame ID: 1145F3BC1DDC12DDFD695A72F3DD7114
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=e1e255bb-195a-4589-8b22-10d1e9311f7a
Frame ID: 4D3BDE6F4D60B86DC5F4C2F615D36138
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 6D4DCAEBC07E474C75D66458FFB21C8A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=NQcgFqs44zjLRAHyLbxv&pi=gumgum
Frame ID: 51ED123B31FD39D13E17A01A954713D2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 5D64966C547ADEFB5EDB00C0DB3193C8
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=39769EB3-17F5-4488-9DA9-64C705BB25C7&gdpr=0&gdpr_consent=
Frame ID: 85B82C9CF3FB3D9F53080CD54830EDB5
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=39769EB3-17F5-4488-9DA9-64C705BB25C7&redir=true&gdpr=0&gdpr_consent=
Frame ID: BC3BF873BB51DFF3A31D419CBB5173ED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8050298250324130712&gdpr=0&gdpr_consent=
Frame ID: E6EB6DA599F10CBFB071999FE2279C96
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7224323115738921100&gdpr=0&gdpr_consent=
Frame ID: 4C4A08D5FDD171A5728BE536B180DD40
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: 1CBD325476A9C8CC31BFACA569B55345
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: BC6447E7271CB5087751AE16609D6576
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=39769EB3-17F5-4488-9DA9-64C705BB25C7
Frame ID: 9BFBA1D57F4062D8A3DFA4027F709907
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Read A Returners Magic Should Be Special Manga - [English Version]

Page URL History Show full URLs

  1. http://areturnersmagic.com/ HTTP 301
    https://areturnersmagic.com/ HTTP 301
    http://w1.areturnersmagic.com/ HTTP 301
    https://w1.areturnersmagic.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

478
Requests

77 %
HTTPS

27 %
IPv6

95
Domains

136
Subdomains

89
IPs

12
Countries

4916 kB
Transfer

9625 kB
Size

121
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://areturnersmagic.com/ HTTP 301
    https://areturnersmagic.com/ HTTP 301
    http://w1.areturnersmagic.com/ HTTP 301
    https://w1.areturnersmagic.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://areturnersmagic.com/wp-content/uploads/2022/08/image-1.jpg HTTP 301
  • https://w1.areturnersmagic.com/wp-content/uploads/2022/08/image-1.jpg
Request Chain 32
  • https://areturnersmagic.com/wp-content/uploads/2022/08/Nouveau-projet.jpg HTTP 301
  • https://w1.areturnersmagic.com/wp-content/uploads/2022/08/Nouveau-projet.jpg
Request Chain 74
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMXdt5VT2a9bgBXNaisL8I&google_cver=1
Request Chain 75
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEHzkhMcP3YRf1lKMzVnVgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMXdt5VT2a9bgBXNaisL8I&google_cver=1
Request Chain 76
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEG00p-nKXZZdbrNTRhc9MR8&google_cver=1
Request Chain 77
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA1MDI5ODI1MDMyNDEzMDcxMg%3D%3D
Request Chain 241
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 246
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=8050298250324130712
Request Chain 247
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Gg_PBRZHWFoMXVVeRg6IaUXq
Request Chain 249
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1682043798231 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1326383954 HTTP 302
  • https://sync.1rx.io/usersync/turn/8220005729464306150?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-75d26934-3ab2-4de3-99fe-6acff3930063-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-75d26934-3ab2-4de3-99fe-6acff3930063-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-75d26934-3ab2-4de3-99fe-6acff3930063-003
Request Chain 250
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5141210824615635945
Request Chain 252
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=ad22211f-4d5d-409f-b9ce-cde2f910b27e&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 253
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
Request Chain 254
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-46cf9b49-311b-3ac6-a4bd-3551c1aeedf9
Request Chain 255
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
Request Chain 257
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 259
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=8050298250324130712
Request Chain 260
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Gg_PBRZHWFoMXVVeRg6IaUXq
Request Chain 264
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1682043798231 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5125017084 HTTP 302
  • https://sync.1rx.io/usersync/turn/8147948135426378214?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-75d26934-3ab2-4de3-99fe-6acff3930063-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-75d26934-3ab2-4de3-99fe-6acff3930063-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-75d26934-3ab2-4de3-99fe-6acff3930063-003
Request Chain 265
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5108559727352024827
Request Chain 267
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=6d97e152-fa54-4135-ae29-15cdec4c8a7a&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 269
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
Request Chain 270
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-46cf9b49-311b-3ac6-a4bd-3551c1aeedf9
Request Chain 271
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
Request Chain 272
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 278
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 281
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 282
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKMkE5kfFAnDUkHiFiQJjEM&google_cver=1
Request Chain 283
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8050298250324130712
Request Chain 285
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FchxLFIcWfpANv6Kax1VXLnVm7g
Request Chain 286
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAJyU7Ig-cAACBhh8JlWA&expiration=1683253398
Request Chain 287
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5a37ae79-79de-4c28-ae67-cf65837b5ac6&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKMkE5kfFAnDUkHiFiQJjEM&google_cver=1
Request Chain 291
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 292
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8050298250324130712
Request Chain 293
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZEHzkhMcP3YRf1lKMzVnVgAA%263379?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZEHzkhMcP3YRf1lKMzVnVgAA%263379
Request Chain 294
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Fx34wybq1PPGqG5
Request Chain 295
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=806a6441-f396-4e00-9c23-98884f7ad3b2
Request Chain 296
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8050298250324130712
Request Chain 300
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=8050298250324130712
Request Chain 301
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_f1445ce8-5926-49a7-8384-c4e8704c240b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_f1445ce8-5926-49a7-8384-c4e8704c240b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d7f22cd6-9814-41d6-9ec2-3d0cd10c51d2&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=&gdpr_consent=&us_privacy=
Request Chain 302
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28ChmkBvZq_hQCCaZZIlrkm3N2-y3EFlE4Si9SaXtDXZSsUiG1_zdFPs3HI98ADltH%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28ChmkBvZq_hQCCaZZIlrkm3N2-y3EFlE4Si9SaXtDXZSsUiG1_zdFPs3HI98ADltH%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&obuid=ENC(ChmkBvZq_hQCCaZZIlrkm3N2-y3EFlE4Si9SaXtDXZSsUiG1_zdFPs3HI98ADltH) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DTDSROIna5PfB6OpPFFm_-k5aPO-2kn86g76X6FB2Da4OG2tHn4fRMe7DBYb-QKbi%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform
Request Chain 303
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=e2b92dbc-78b0-4d07-b7f0-70bae5c3c462
Request Chain 304
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-15c8712c-521c-59fa-4036-fe8a6b1d555c$ip$185.213.155.184
Request Chain 305
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3jxmcfdE2pfrEun_axt8CowMBw997m0RyvFl~A
Request Chain 306
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=1ed1eed5-623b-42b9-9f5c-2c94b9f915ec
Request Chain 307
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 309
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_f1445ce8-5926-49a7-8384-c4e8704c240b&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=kUmZ31Wc7t3oHpHZhQLB&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT222VNVNDGMKXMM3XIM3PJBYEQWTIKFGEEJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT222VNVNDGMKXMM3XIM3PJBYEQWTIKFGEEJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=kUmZ31Wc7t3oHpHZhQLB&us_privacy=1---
Request Chain 310
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=6db3963f-2762-462b-9e82-b5275b1b6926
Request Chain 311
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=OxtghIpmzn0n&ev=1&pid=558355
Request Chain 312
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1825744723428527998
Request Chain 314
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=8050298250324130712
Request Chain 315
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=58885f39-e114-4f78-ae07-39f2995a2990&ssp=gumgum2&expires=30&user_group=5&bsw_param=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=&gdpr_consent=&us_privacy=
Request Chain 316
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28TDSROIna5PfB6OpPFFm_-k5aPO-2kn86g76X6FB2Da4OG2tHn4fRMe7DBYb-QKbi%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28TDSROIna5PfB6OpPFFm_-k5aPO-2kn86g76X6FB2Da4OG2tHn4fRMe7DBYb-QKbi%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&obuid=ENC(TDSROIna5PfB6OpPFFm_-k5aPO-2kn86g76X6FB2Da4OG2tHn4fRMe7DBYb-QKbi) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DTDSROIna5PfB6OpPFFm_-k5aPO-2kn86g76X6FB2Da4OG2tHn4fRMe7DBYb-QKbi%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform
Request Chain 317
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=e2b92dbc-78b0-4d07-b7f0-70bae5c3c462
Request Chain 318
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-15c8712c-521c-59fa-4036-fe8a6b1d555c$ip$185.213.155.184
Request Chain 319
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3jxmcfdE2pfrEun_axt8CowMBw997m0RyvFl~A
Request Chain 320
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=5425a9c2-7753-4571-ad6a-8f6fec240734
Request Chain 321
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 323
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=F5161mGf8nZuxdWTJdxn&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2RRVGE3DC3KHMY4G4WTVPBSFOVCKMR4G4JTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2RRVGE3DC3KHMY4G4WTVPBSFOVCKMR4G4JTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=F5161mGf8nZuxdWTJdxn&us_privacy=1---
Request Chain 324
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=6db3963f-2762-462b-9e82-b5275b1b6926
Request Chain 325
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=zHvRyfj5tqkw&ev=1&pid=558355
Request Chain 326
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1825744723428527998
Request Chain 330
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=806a6441-f396-4e00-9c23-98884f7ad3b2&gdpr=0&gdpr_consent=
Request Chain 332
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=03010003_6441f3966f264&knw= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03010003_6441f3966f264&gdpr=0&gdpr_consent=
Request Chain 334
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZEHzlgAAAO_epwBL
Request Chain 338
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=d9e16441-f397-4a00-b666-d38e19f9614b&gdpr=0&gdpr_consent=
Request Chain 340
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZEHzlgAAAROepgBL HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZEHzlgAAAROepgBL&gdpr=0&gdpr_consent=&_test=ZEHzlgAAAROepgBL
Request Chain 344
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZEHzlsCo8X4AAKp-4ZEAAAAA
Request Chain 345
  • https://cs.admanmedia.com/sync/gumgum?puid=e_f1445ce8-5926-49a7-8384-c4e8704c240b&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=fc0d78bf-6a7c-4a19-8456-c7d214dd6ae1
Request Chain 347
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=NQcgFqs44zjLRAHyLbxv&pi=gumgum&tc=1
Request Chain 353
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=806a6441-f396-4e00-9c23-98884f7ad3b2&gdpr=0&gdpr_consent=
Request Chain 355
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZEHzlgAEUvdIggBa
Request Chain 359
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZEHzl8Co8XsAAG6fMSsAAAAA
Request Chain 360
  • https://cs.admanmedia.com/sync/gumgum?puid=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=e1e255bb-195a-4589-8b22-10d1e9311f7a
Request Chain 363
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 365
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=NQcgFqs44zjLRAHyLbxv&pi=gumgum
Request Chain 366
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 367
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d9e16441-f397-4a00-b666-d38e19f9614b&gdpr=0&gdpr_consent=
Request Chain 368
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5266934095289477906
Request Chain 370
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727352024827
Request Chain 371
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hUoKT9VNB0ieRlpJ0E8TToAbD0ueGFhGgk-2vyox
Request Chain 373
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OXaesxf1RIidqWTHBbslxw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 375
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=554784862 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=39769EB3-17F5-4488-9DA9-64C705BB25C7
Request Chain 376
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=39769EB3-17F5-4488-9DA9-64C705BB25C7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWxsaHB6b2NnQ0hSQzJnU2JoaXpJVEJ3UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3010125798383854513&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 377
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzk3NjlFQjMtMTdGNS00NDg4LTlEQTktNjRDNzA1QkIyNUM3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 378
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIvwVGojOFeZx-LfIS4CK_8&google_cver=1
Request Chain 380
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3010125798383854513
Request Chain 384
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Gg_PBRZHWFoMXVVeRg6IaUXq
Request Chain 388
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3080608435
Request Chain 391
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-46cf9b49-311b-3ac6-a4bd-3551c1aeedf9
Request Chain 392
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 397
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=8050298250324130712
Request Chain 398
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5108559727352024827
Request Chain 399
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=589bd4d7-552c-424a-a3c5-2d4b589e9e10&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 400
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
Request Chain 401
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
Request Chain 403
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 406
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKMkE5kfFAnDUkHiFiQJjEM&google_cver=1
Request Chain 410
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=8a07cabf-2de7-218f-a37fed27
Request Chain 413
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559727352024827
Request Chain 416
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=5mGhPtknD6Xs&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 418
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=e1e255bb-195a-4589-8b22-10d1e9311f7a&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Request Chain 420
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=8050298250324130712
Request Chain 421
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=57906be5-d218-45b1-b093-3d719f64187b&user_group=1&ssp=gumgum2&bsw_param=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=&gdpr_consent=&us_privacy=
Request Chain 422
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28TDSROIna5PfB6OpPFFm_-k5aPO-2kn86g76X6FB2Da4OG2tHn4fRMe7DBYb-QKbi%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28TDSROIna5PfB6OpPFFm_-k5aPO-2kn86g76X6FB2Da4OG2tHn4fRMe7DBYb-QKbi%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&obuid=ENC(TDSROIna5PfB6OpPFFm_-k5aPO-2kn86g76X6FB2Da4OG2tHn4fRMe7DBYb-QKbi) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://t.adx.opera.com/pub/sync?pubid=pub8006743166848&initiator=$initiator
Request Chain 423
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=e2b92dbc-78b0-4d07-b7f0-70bae5c3c462
Request Chain 424
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-15c8712c-521c-59fa-4036-fe8a6b1d555c$ip$185.213.155.184
Request Chain 425
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3jxmcfdE2pfrEun_axt8CowMBw997m0RyvFl~A
Request Chain 426
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=5425a9c2-7753-4571-ad6a-8f6fec240734
Request Chain 427
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 429
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=F5161mGf8nZuxdWTJdxn&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2RRVGE3DC3KHMY4G4WTVPBSFOVCKMR4G4JTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2RRVGE3DC3KHMY4G4WTVPBSFOVCKMR4G4JTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=F5161mGf8nZuxdWTJdxn&us_privacy=1---
Request Chain 430
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=6db3963f-2762-462b-9e82-b5275b1b6926
Request Chain 431
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=suQwETcCeCuQ&ev=1&pid=558355
Request Chain 432
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1825744723428527998
Request Chain 437
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=d9e16441-f397-4a00-b666-d38e19f9614b&gdpr=0&gdpr_consent=
Request Chain 439
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZEHzlgAAAROepgBL&gdpr=0&gdpr_consent=
Request Chain 443
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZEHzl8Co8XcAAIxMaSwAAAAA
Request Chain 444
  • https://cs.admanmedia.com/sync/gumgum?puid=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=e1e255bb-195a-4589-8b22-10d1e9311f7a
Request Chain 446
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=NQcgFqs44zjLRAHyLbxv&pi=gumgum
Request Chain 449
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=p-GVSJ41Semc2g1ZwOschA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=p-GVSJ41Semc2g1ZwOschA
Request Chain 451
  • https://tg.socdm.com/rtb/sync?proto=rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=ZEHzl8Co8X4AAKp-4Z0AAAAA
Request Chain 452
  • https://ib.adnxs.com/getuid?https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=$UID HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=8050298250324130712
Request Chain 453
  • https://dmp.brand-display.com/cm/api/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=9085ec00-1457-7c30-efe12612
Request Chain 455
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 465
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8050298250324130712&gdpr=0&gdpr_consent=
Request Chain 466
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7224323115738921100&gdpr=0&gdpr_consent=
Request Chain 468
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBSnlVN0lnLWNBQUNCaGg4SmxXQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 473
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=39769EB3-17F5-4488-9DA9-64C705BB25C7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0E9TVSZE2uUVOpwiXEdWqAQ2CtOezQc-~A&gdpr=0
Request Chain 475
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=6300ba32-ec83-4942-a2cb-7117272f5131&expires=1&user_group=5&ssp=pubmatic&bsw_param=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=0&gdpr_consent=&gdpr_pd=

478 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
w1.areturnersmagic.com/
Redirect Chain
  • http://areturnersmagic.com/
  • https://areturnersmagic.com/
  • http://w1.areturnersmagic.com/
  • https://w1.areturnersmagic.com/
183 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6c2504210b13ce09150097b821b620266fce1efb578a2146b1ee6e8859958e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bb229e6ba5430f0-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 02:23:12 GMT
last-modified
Thu, 20 Apr 2023 15:27:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZlEEY%2Bt2xT8Eql19MNPnOGpg3ystUjyT8njKgiBB67G68ivpuvlD0mzoiTrxWSl1i3D6VBTWmcuCyjMMaKLekC4JONwro0Nr%2Fk5zZIQOeHta4LE%2B569kS3d2b%2F7xRC79CottZwqPLU9IJGqzYYS6ymwHEJM"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

CF-RAY
7bb229e69cb13832-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 21 Apr 2023 02:23:12 GMT
Expires
Fri, 21 Apr 2023 03:23:12 GMT
Location
https://w1.areturnersmagic.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RwIkTMtTty20BMrsdG8Np%2FK5vphJpkj3f9o0x0cO5Bgkv0zKeNxWNIgNVPb66b3irAol%2BmxdpfOsrbXjLjPiDeOdgXbSt9bSqKwAn0xSUz4XphjxwCe4%2FHwBrN0NTD1QR0J9UO8YWVxFEqp6l94WiZMNs2z"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3327298579154787
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59f7b8d3ba894219a49703e461f8fadff367c2f34e371a500bb1fb990f0e11d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w1.areturnersmagic.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47637
x-xss-protection
0
server
cafe
etag
9856537273069025152
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 21 Apr 2023 02:23:12 GMT
jquery-1.11.3.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-176d5"
vary
Accept-Encoding
x-hw
1682043792.dop261.am5.t,1682043792.cds120.am5.hn,1682043792.cds010.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33261
style.min.css
w1.areturnersmagic.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24494
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 07 Oct 2021 04:56:40 GMT
server
cloudflare
etag
W/"615e7e08-13abe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8otA7o4owRejUvYCme2Wy7aaonG38JW3Uipri1ALyGixHIv90mU5SCFPh0zblvQ9TKJZiSM2tNWKKEEiugonT7vtuxvcFR5s6LnQjUvUykce8WkVvUhD8vAHmo3c5osg9%2BmHguDVaHO1QYiEw4LWFpMxyRy"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7bb229e79b5530f0-FRA
expires
Fri, 21 Apr 2023 07:35:18 GMT
frontend.css
w1.areturnersmagic.com/wp-content/plugins/wp-dark-mode//assets/css/ 		29 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/wp-dark-mode//assets/css/frontend.css
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6146e850afd9ba2175c55d58300dd7412223a95c7987cdbad5eee5060a6b3adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24494
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 07 Oct 2021 04:57:10 GMT
server
cloudflare
etag
W/"615e7e26-7495"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2Fb252Nptn5V5lJN2cRXovxq5eCxj3i7SmMmWT%2B3hyyVA0DZ8ZNJX1Xdn5SPKON1RARmoEaRzsQPNYQXS8uurB8K9CQElLsI6mq1oHHiDeUvM5zyyThfP9jSJbfawxbWdXyIBBQzefd4DPfq65IFT5eytUuJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7bb229e79b5630f0-FRA
expires
Fri, 21 Apr 2023 07:35:18 GMT
bootstrap.css
w1.areturnersmagic.com/wp-content/themes/Ifenzi/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/css/bootstrap.css
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85651f9563a36aec7d188d222ec08b7fe8c90f982bd29fe69451f0494656f0ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24494
cf-polished
origSize=124948
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 06 Oct 2021 07:52:34 GMT
server
cloudflare
etag
W/"615d55c2-1e814"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hNUJo8Es7wWUNOnZNLRLsAxj2Pjj0VTsXLI1RopxD24Vg8C2tqqli00NiaQb%2F3yG2bgihLyhvvTZPQBV5UtYgINTsKujMbk3WLh1T76SylGBhdrXCe1C9X6XVeBXjQwYu7Y0R8LlzBKwdCPMYx43mqPKIET"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7bb229e79b5730f0-FRA
expires
Fri, 21 Apr 2023 07:35:18 GMT
style.css
w1.areturnersmagic.com/wp-content/themes/Ifenzi/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/style.css
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b177393bb52a27d045184e12b1bde8a164ebf8d12319003fe72cc36a2325f5fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24494
cf-polished
origSize=24746
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 06 Oct 2021 07:52:34 GMT
server
cloudflare
etag
W/"615d55c2-60aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kc31FLy2ky%2Fymaxb7orn49NQNukmv2RZ4U0dpWbxzSfDn6zLGFPy8gvdIPIVjJC%2BV6bRciTa1n1ocSDwc1QDHId0ye6uIz1pDrqovtWxcd8eq7tmpeUCVE7m7v449O3lQaXA2MiUTHDhyJavO%2Fti7p96XT8Q"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7bb229e79b5830f0-FRA
expires
Fri, 21 Apr 2023 07:35:18 GMT
font-awesome.min.css
w1.areturnersmagic.com/wp-content/themes/Ifenzi/font-awesome/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24494
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 07:52:34 GMT
server
cloudflare
etag
W/"615d55c2-5cbb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Kxz5i1rrbDuxcnZdD%2F1%2BRiFyUzAlIMtrLdCr0kkUq7VvtCR%2FbfAz1R5%2Bbuw1liP%2BHwQKVJAvSV428sVTCnSbktC2ZyjZToWHQJ7VdFLrowxp42mbenvB6ltJXa%2BB6okV1d2vjb8Zv%2FUuQMBWxZPmWk%2FxxPL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7bb229e79b5930f0-FRA
expires
Fri, 21 Apr 2023 07:35:18 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
97de67c1aaa24d3b3d4b5db344494bc0706612d2366526ffd646b6274ceff213
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Apr 2023 02:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 00:47:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Apr 2023 02:23:12 GMT
easy-social-share-buttons.min.css
w1.areturnersmagic.com/wp-content/plugins/easy-social-share-buttons3/assets/css/ 		113 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/easy-social-share-buttons3/assets/css/easy-social-share-buttons.min.css
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf0850e3e549015b2804a27c8deb6e6a19186e7d711d920457d1f6f640520621
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24494
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 17 Jun 2022 12:39:24 GMT
server
cloudflare
etag
W/"62ac75fc-1c233"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8ADyLqZPnFDc8FXCBFfi58P1BpB8H0%2BevFHhwUhf4QSbpYa1Jb4HfjszaZ54s9mw79VUhql%2Bp%2Bju72nAI7ide33RFteCAqbC2C5AVdHU13Bm5Zqya6rCsiRwVxggRWb9ogZMcnLbAOIVSMK2TAZzreSTAUW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7bb229e79b5a30f0-FRA
expires
Fri, 21 Apr 2023 07:35:18 GMT
jquery.min.js
w1.areturnersmagic.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24494
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 07 Oct 2021 04:56:40 GMT
server
cloudflare
etag
W/"615e7e08-15db1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uR3tp%2FzhoJi%2BvhfGCRKyxevSjru1CN66oa%2BHSUUuCwyyzm01X%2B5qPORK3emFBK0K46%2FcV62ickWaTUvGxGNpOyig%2BEXLj7fmBcCM7xuxXiSKxiEIPQ2uPPurvkuW2GjdXwivY6KOCZMhD2W9qxnXcyvhtrDt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7bb229e79b5b30f0-FRA
expires
Fri, 21 Apr 2023 07:35:18 GMT
dark-mode.js
w1.areturnersmagic.com/wp-content/plugins/wp-dark-mode//assets/js/ 		111 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/wp-dark-mode//assets/js/dark-mode.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8277612008fbd4b33ad1ad2f5d357517be701fee46e184bb283c5f42c5a02cb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11563
cf-polished
origSize=183317
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 07 Oct 2021 04:57:10 GMT
server
cloudflare
etag
W/"615e7e26-2cc15"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JGuyLxkpjCm7QHhlIjFume61OR%2BK6N0XoaRWkf%2F5JZg1vAZZPliXWM0h34BCX05I6kf8vcU45XHiFU9fRhwcOYPR5wDTDFeVgSxIe2SZUiFBatOmRIWWAGF89z75xQn9JHAdgstuDrTo8kbbqMZdoeqGDST"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7bb229e79b5c30f0-FRA
expires
Fri, 21 Apr 2023 11:10:50 GMT
agent.js
cdn.purpleads.io/ 		72 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
959351a0eabbef2a2491332f85b98d5fc0db7c5a8dac61053f7803066185aa86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 05:34:47 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 11:39:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
74906
x-amz-server-side-encryption
AES256
etag
"d6217a2941571dc73d5be02e1e847e5e"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
21595
x-amz-cf-id
3HZv_KRcN0mSAWu1QbJeVuyuXoQyDykV0zR_tt_TaZC2tZDyq2lGjw==
load.js
cdn.purpleads.io/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/load.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-31.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3254a778cd4704cb1fc6bc0be2b737fd0bbbf64eabd5f22124aaad7f09ed9e01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 01:06:02 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Wed, 29 Mar 2023 11:40:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
4631
x-amz-server-side-encryption
AES256
etag
"a478ee1d8649874a3be46b5c8bcef03a"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
11757
x-amz-cf-id
pNji4RJkdTZ1RN81PbDEXkgIWmTgkjRJiBQAp7XGU3_v25hmFV2J3g==
image-1.jpg
w1.areturnersmagic.com/wp-content/uploads/2022/08/
Redirect Chain
  • https://areturnersmagic.com/wp-content/uploads/2022/08/image-1.jpg
  • https://w1.areturnersmagic.com/wp-content/uploads/2022/08/image-1.jpg
32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w1.areturnersmagic.com/wp-content/uploads/2022/08/image-1.jpg
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03550257f08a2c2d490bec7fd42d6758f27803b123b4297e2bf75eb4d75c8af0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
667514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32490
last-modified
Fri, 05 Aug 2022 22:38:34 GMT
server
cloudflare
etag
"62ed9bea-7eea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKDVAoC0aQCxmkEaDo4vXeaWBy63Sl6F%2FU3uJANcSYce3rP2hhNXpgPLsqojQZ%2BM58lX1AotcvuJzap3BjqGj6qDNEN%2Fhcz3Xs7eai26OVHZTsbPiWGCqSxnBQKPyYMw9UIbi1piVjvAu2WcqlWyLC7Um2Lj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7bb229e8e8d29b8c-FRA
expires
Sat, 13 May 2023 08:58:18 GMT

Redirect headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGkwi0hlFFy%2BkYpxDZ5hdFNTpra4wMey9wx9rYSGXn42PCS2hv3Ux9%2FYQgE0FZOyjt8nfjw8ohJHgMpQ6bN%2F4LN%2BASDdGqPbXskCyQrRaHgkmjLY6PsPksDXDVvURD3Tl%2BnhxKyQauXib%2FjLLjyZyv27"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
http://w1.areturnersmagic.com/wp-content/uploads/2022/08/image-1.jpg
cache-control
max-age=14400
cf-ray
7bb229e878839b8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
icons.css
w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 		37 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96eed42e394f5b00f1e02a12d1ce9557aae7cd751e4a9ae2b3e8fc392b1db945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31267
cf-polished
origSize=37491
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 15:14:51 GMT
server
cloudflare
etag
W/"642455eb-9273"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x09RHTWXEKz8nbPt5a7kNWhpj622m%2FDBLg9KXshr0KJGXwV1iwIwgP%2FNmycCIrOemkycLcnZODzxnOmAWczPtuHZukaYUU0eDAmBhKf%2F8TYNqrZGswtD3XyNBPMTwDJ33HJEd%2B9XVUuJ7LYG6CXXen6DwaW4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7bb229e8586a9b8c-FRA
expires
Fri, 21 Apr 2023 05:42:26 GMT
shortcodes.css
w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/includes/css/ 		44 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1690266a4def354da2feda545468781eefe065dab28c28e115ef23160308206b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15661
cf-polished
origSize=45539
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 15:14:51 GMT
server
cloudflare
etag
W/"642455eb-b1e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4W52QC3RV4UQUxTFBmb5CO8doq9mboFpqJruZxyW3bEbk7oSYK5GVTrW1p8XNdg0jkm0RC8wysL0ELOHBKgIF0e%2BUsS1EdfZ2PoMHL%2FO5QaClEUUGhem%2FyqYPfAiig7EZlktJ7F%2FC300RottQeCLXFG0ML4W"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7bb229e868739b8c-FRA
expires
Fri, 21 Apr 2023 10:02:32 GMT
underscore.min.js
w1.areturnersmagic.com/wp-includes/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-includes/js/underscore.min.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15661
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 07 Oct 2021 04:56:40 GMT
server
cloudflare
etag
W/"615e7e08-4a84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8ewYFw%2BIddbm3Zn%2FLInq03dBjsY53L8%2BX5HhMaHtr5y7x4O8eQCmLXlo0SXVwInhO1waigaDbZ2AieUgF%2FBQKOG%2BfUpLU48YbJSX12sToYnSV1D3iBBut1FK3DKeShO%2BHbkGy7xg6t5WERAWjfuPxOEgXkS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7bb229e878779b8c-FRA
expires
Fri, 21 Apr 2023 10:02:32 GMT
wp-util.min.js
w1.areturnersmagic.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-includes/js/wp-util.min.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32613
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 07 Oct 2021 04:56:40 GMT
server
cloudflare
etag
W/"615e7e08-53c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feltVu8mJqZpWKGNpQb1srgPhzTbJRWwtJ1AMm%2BKRR5D%2B%2BVWORNdzkeVni31CmFUc3D%2BwzndV3yI02s3y5xRXjHQ%2FhRX10z86StG9vQkJKzwUmSuk%2BdU62eYhGtRNzYMIOTRZ30ngTmeck%2FDQHgaxFPNN5%2Bc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7bb229e878799b8c-FRA
expires
Fri, 21 Apr 2023 05:19:59 GMT
frontend.min.js
w1.areturnersmagic.com/wp-content/plugins/wp-dark-mode//assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/wp-dark-mode//assets/js/frontend.min.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dd3a1326f714eee263d0cf46a7d3e04da82774573de40c6a2ff9094654e7dbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15661
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 07 Oct 2021 04:57:10 GMT
server
cloudflare
etag
W/"615e7e26-158d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BMyNweOEUexyRvjYEoIJhfbK5pK3BFOfPAoL8wzumMqS%2FVfnb9RjPkEvt6ULDOJjdm9tP19gxhVB0xZpG83eWkyOZljGwcEHVf%2FM05HCTpROQ4fMOvuVdAc82e%2FJqrILtNjgjX5m47C7XD%2BGckW8F4zff5O"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7bb229e8787b9b8c-FRA
expires
Fri, 21 Apr 2023 10:02:32 GMT
bootstrap.js
w1.areturnersmagic.com/wp-content/themes/Ifenzi/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/js/bootstrap.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
835f79262dd6633b91d8bbfeb62f78afa60dbd0a40072b402c1d3ed2a6d4a410
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32613
cf-polished
origSize=36790
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 06 Oct 2021 07:52:34 GMT
server
cloudflare
etag
W/"615d55c2-8fb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsbP5CpMLW3ogCLN3SbPeFlRxjs8pLjmvvEvyQYvoN8REUWnFXhsh7E5f%2Fgm9ktNP7awgatbShPPQ7Mrphwf25HyQ4dd19BWFGkacwvanzaDRPE7AJNPtoQLKTxn1XlJnmdW52XUCG15mXG3k4dKmMc66JB%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7bb229e8787c9b8c-FRA
expires
Fri, 21 Apr 2023 05:19:59 GMT
skip-link-focus-fix.js
w1.areturnersmagic.com/wp-content/themes/Ifenzi/js/ 		588 B
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/js/skip-link-focus-fix.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32613
cf-polished
origSize=751
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 06 Oct 2021 07:52:34 GMT
server
cloudflare
etag
W/"615d55c2-2ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3ocwJwT9SB%2Br%2BL9cjPTFbrGymWZeTt42rcbHY754k9YT%2FqUFxTFF7lqySmv066oFZ0fdK4OB8kBYucwqruy8rfScO2IIw6SYeyQMJ2MfXMQqlHs3lLlfPoLY%2BRtSr0K8yWKf1OQR%2FcB9Ak2DgDRxEN6lkRk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7bb229e8787d9b8c-FRA
expires
Fri, 21 Apr 2023 05:19:59 GMT
lighthouse.js
w1.areturnersmagic.com/wp-content/themes/Ifenzi/js/ 		1010 B
885 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/js/lighthouse.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
110c7932b78e1f27d049f7a3718b9099a8aba3fba09a65e7e22d771661c58022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16545
cf-polished
origSize=1100
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 06 Oct 2021 07:52:34 GMT
server
cloudflare
etag
W/"615d55c2-44c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raZ14F1hAcQMWAaUZHHeARoct2dY100coWinrbtDBspFQdIqk0YQ%2FJtZhhR8cls8SpBbGW0%2FiROeaqcXw7UX18RzSgPnkgDMGnpdYW%2BNQCk3a956EQbRN0XsRoB3HboQLTnMAzAoSbtMglMRPcuthOmhaSxh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7bb229e8787f9b8c-FRA
expires
Fri, 21 Apr 2023 09:47:48 GMT
wp-embed.min.js
w1.areturnersmagic.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-includes/js/wp-embed.min.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32613
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 07:52:28 GMT
server
cloudflare
etag
W/"615d55bc-592"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41wjipjhxhJ6KmXISSLjlh254jS0rvr58LmeVXfLZ9XtnJAicWQqsFXE%2BDaOqJlYoViE5rkfcg9ZrQqVQP4LThLaoFRblAup%2BDJF%2Fl7mKbLKwwQENA9H4palsozyMDtvaDDmV1UFLHcGqQwK3oelt134cEng"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7bb229e878819b8c-FRA
expires
Fri, 21 Apr 2023 05:19:59 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3357
etag
W/"06f50014011c1fcd9e21b6b0481979de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7bb229e8be699a3f-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 24 Apr 2023 02:23:12 GMT
index.js
w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/index.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c661376fd6275029eba6e35e45ab10a8f70b857fb53dcf442781ab3937231b7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15661
cf-polished
origSize=15777
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 15:14:51 GMT
server
cloudflare
etag
W/"642455eb-3da1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPMTECF%2FrN2tlWQ%2FUwbWop0rCvTlNAV4dB12HqLutmaVlnYITqwbih5QPxCYVO%2BcfT8B%2B2IgEO8qpTo1VEtg2jXRyxh3uvBvjZUCqEDlutnxdVdu4cZ%2FKAeiVl2djYMNzNzO%2FwUjavC3O6fEKOD%2FyqYciG%2B6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7bb229e878829b8c-FRA
expires
Fri, 21 Apr 2023 10:02:32 GMT
2566c291e59e185c12a331fef1e235f3.js
w1.areturnersmagic.com/wp-content/easysocialsharebuttons-assets/compiled/ 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/easysocialsharebuttons-assets/compiled/2566c291e59e185c12a331fef1e235f3.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db345883b20676c2cba35420a4a0aa209de295947784747e70aa602838652364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15661
cf-polished
origSize=51944
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 02 Jul 2022 03:16:16 GMT
server
cloudflare
etag
W/"62bfb880-cae8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DdM3NwrlDobUj%2B41Ad5DIDt6VsTb%2BAnOSsrrgmL%2FTlJLvAeK18LRak1QR19eCJkuJxzDqozcNCzuBHnjQgndxO%2Fev7D2%2BZP7X6Ycq9RK5X6QKkK64CbXpy1dZFSOjDCkDifql8JpC%2BoMobTzlLknxDjFcTR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7bb229e878849b8c-FRA
expires
Fri, 21 Apr 2023 10:02:32 GMT
lazyload.min.js
w1.areturnersmagic.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32613
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 06 Oct 2021 07:52:28 GMT
server
cloudflare
etag
W/"615d55bc-1ed2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJm7UCnOPVEKytq2KJJ0rLHjvBE430c10eCUAbpRmOiS%2Bi5zvPYGrYUQA0EFRFbdQEsQrwicEGl1NKPpiq5NPXvlBjpuL%2BmVwIdfWbSidkgI1xm7liotQvxNSDsH6KEaUtiwM1%2BNvu3O5x5sjJ34TsrAnA%2BF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7bb229e878859b8c-FRA
expires
Fri, 21 Apr 2023 05:19:59 GMT
f
api.purpleads.io/x/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/f?pid=e4270268c8ee4b41b0b05e68a351dabe&ts=1682043792714
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
date
Fri, 21 Apr 2023 02:23:12 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Apr 2023 00:35:44 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6448
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 21 Apr 2023 02:35:44 GMT
f
api.purpleads.io/x/v2/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/f?pid=e4270268c8ee4b41b0b05e68a351dabe&ts=1682043792714
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash
2cc531bc67e8ca523e9184528973e8e6d709c2cb14f3229b8d3d00ad09243403

Request headers

x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
accept-language
de-DE,de;q=0.9
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
2.0.1

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
gzip
x-api-version
0.47.5
pa-user-id
47722406-5ad2-471d-b68b-e2fd36e375e4
etag
W/"afd-SSd73QDYdtvU1b34zRUhJ3pY6es"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
x-request-id
c6baca66-9a32-4489-b817-120f5e14a15b
TxMSyw
vengeful-egg.com/c.Di9Y6ebO2F5/lJSdWpQr9wNzDfYfwXOlTIULzIM/Sy0d0-NWjnAX5pN/ 		0
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vengeful-egg.com/c.Di9Y6ebO2F5/lJSdWpQr9wNzDfYfwXOlTIULzIM/Sy0d0-NWjnAX5pN/TxMSyw
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2a00:1178:1:4b::1a , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:12 GMT
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
expires
Mon, 26 Jul 2011 05:00:00 GMT
invoke.js
warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/invoke.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 21 Apr 2023 02:23:13 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
Nouveau-projet.jpg
w1.areturnersmagic.com/wp-content/uploads/2022/08/
Redirect Chain
  • https://areturnersmagic.com/wp-content/uploads/2022/08/Nouveau-projet.jpg
  • https://w1.areturnersmagic.com/wp-content/uploads/2022/08/Nouveau-projet.jpg
55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w1.areturnersmagic.com/wp-content/uploads/2022/08/Nouveau-projet.jpg
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0359faff623bdf7d6cc2335c648947e2f808b6093c1a5b0780971ef4c67516d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958009
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56106
last-modified
Sat, 06 Aug 2022 13:31:48 GMT
server
cloudflare
etag
"62ee6d44-db2a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9v068f6NQY0Qxm9ImxbOETArfSCtRD%2BeyVkkl1RVFJfQzPiZbaeS6iES2w%2BwJVM2uAMf2EnJwtMuvppX%2Biba5UlbHaHwM5sP6rgDf8R0%2F6d2Ks7JQLYrV2E34VADNLKHmykIp3KzHpuyHn%2BprEIb7Fx7jUvO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7bb229e938fb9b8c-FRA
expires
Wed, 10 May 2023 00:16:43 GMT

Redirect headers

date
Fri, 21 Apr 2023 02:23:12 GMT
strict-transport-security
max-age=31536000
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMOewjIMfS6uGpUSftbCqDOH6Zk49gY8OC8zoMdME6LJMIag5TFyfNZHByQPZBeb971TWJHtA1B5dFMRevXfuoPDryVCId1Mza1N0%2Br%2BN1url5UFprjLcC3mqdYp18CMZzhApHXVSi%2Bt1PAS%2BBM8%2BfT1"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
http://w1.areturnersmagic.com/wp-content/uploads/2022/08/Nouveau-projet.jpg
cache-control
max-age=14400
cf-ray
7bb229e8d8c59b8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options
nosniff
age
1069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Apr 2024 02:05:23 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 11:03:21 GMT
x-content-type-options
nosniff
age
141591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Apr 2024 11:03:21 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options
nosniff
age
1069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Apr 2024 02:05:23 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/ 		350 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31074024
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3327298579154787
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80021c87ebc1c7954850407b7cde8d5c496cc61be604dd94f21433e571a9767e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120575
x-xss-protection
0
server
cafe
etag
338424240309913116
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 21 Apr 2023 02:23:12 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame BAF9 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3327298579154787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23734
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 19:47:38 GMT
etag
2378337311435320485
expires
Thu, 04 May 2023 19:47:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
init
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1682043792819
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
date
Fri, 21 Apr 2023 02:23:12 GMT
init
api.purpleads.io/x/ 		88 B
378 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1682043792819
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash
3b8c82e1a32337e150164886ef2dd2761fc41c86ee4f6f98b6b3bc408623fc81

Request headers

x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
accept-language
de-DE,de;q=0.9
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.1

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
x-api-version
0.47.5
etag
W/"58-xHfpdyWesQspKgt99FMxHrYL2p8"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
content-length
88
x-request-id
f9a3af8e-d8f4-4148-940e-d973ca48333c
collect
www.google-analytics.com/j/ 		15 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1337188456&t=pageview&_s=1&dl=https%3A%2F%2Fw1.areturnersmagic.com%2F&ul=en-us&de=UTF-8&dt=Read%20A%20Returners%20Magic%20Should%20Be%20Special%20Manga%20-%20%5BEnglish%20Version%5D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1816382892&gjid=2120619962&cid=245917242.1682043793&tid=UA-162169209-13&_gid=1967916159.1682043793&_r=1&_slc=1&z=1425444741
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3bfa49ee4e1a2fba0b7d35cddf9560f1be07546565cebb86d47d1fcc6ee2cc69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		199 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0YRP7Y1G4K&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
69f64f1e6bb256561b8012c88bebb2472dd7429da6087bf6f0d9590cd3360b64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73119
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 21 Apr 2023 02:23:13 GMT
cookie.js
partner.googleadservices.com/gampad/ 		405 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=w1.areturnersmagic.com&callback=_gfp_s_&client=ca-pub-3327298579154787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31074024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3741904813692e927151411f744ca2198a9d466be62477c293aed6405617452
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
258
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=w1.areturnersmagic.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31074024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=w1.areturnersmagic.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31074024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20lh-nav-bg-transform%20navbar-default%20navbar-fixed-top%20navbar-left&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 7481 		121 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3327298579154787&output=html&adk=1812271804&adf=3025194257&lmt=1682004453&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fw1.areturnersmagic.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682043792802&bpp=3&bdt=255&idt=230&shv=r20230418&mjsv=m202304170102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7035776275707&frm=20&pv=2&ga_vid=245917242.1682043793&ga_sid=1682043793&ga_hid=1337188456&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31073968%2C31074024%2C44789761&oid=2&pvsid=432858823415047&tmod=2010400593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31074024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9107a36d1390e69af6871e220560b1c883557f8fd86f2dcc1a24ed07b0ab80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
24863
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 02:23:13 GMT
expires
Fri, 21 Apr 2023 02:23:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0YRP7Y1G4K&gtm=45je34j0&_p=1337188456&cid=245917242.1682043793&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBA&_s=1&sid=1682043793&sct=1&seg=0&dl=https%3A%2F%2Fw1.areturnersmagic.com%2F&dt=Read%20A%20Returners%20Magic%20Should%20Be%20Special%20Manga%20-%20%5BEnglish%20Version%5D&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0YRP7Y1G4K&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/reactive_library_fy2021.js?bust=31074024
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31074024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72a1ab231e485d9bfd9288e2fe9b3602ba8998004d9a65fc3db7036eef75ba05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52102
x-xss-protection
0
server
cafe
etag
2618612029816284271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 21 Apr 2023 02:23:13 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=w1.areturnersmagic.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31074024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=w1.areturnersmagic.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31074024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/ Frame 665D 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31074024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 02:23:13 GMT
etag
2378337311435320485
expires
Fri, 05 May 2023 02:23:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/ Frame 825A 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31074024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 02:23:13 GMT
etag
2378337311435320485
expires
Fri, 05 May 2023 02:23:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/ Frame 9BF2 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31074024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 02:23:13 GMT
etag
2378337311435320485
expires
Fri, 05 May 2023 02:23:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
agent.js
cdn.prplads.com/ 		72 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prplads.com/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
959351a0eabbef2a2491332f85b98d5fc0db7c5a8dac61053f7803066185aa86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PXE8AB57Y4EN0AHN
age
1558
x-amz-id-2
YOVq7OzAIaN74EM3DV0v/RyhC2NWLn0X7sNWk8o/d5RnJt99ULMkOkEPoRf//Us0hTcgdA46y2g=
cf-bgj
minify
last-modified
Wed, 29 Mar 2023 11:39:59 GMT
server
cloudflare
etag
W/"d6217a2941571dc73d5be02e1e847e5e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PZpjAI1B9F44pbCHk8Ss4M2dLCDieuqQO5WgmnnA7z311M44oijvyKc9TDETHHLapDNdzmFlIzNVpjeSxH8wLmRoQTMcPmRwa8wqBX6ho%2Feu8wWYdrEnuSIH7BzmZzyNVtlKQT4mMp70mYOAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7bb229ed2b639150-FRA
/
api.purpleads.io/x/v2/b/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=0&pid=e4270268c8ee4b41b0b05e68a351dabe&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=657573b8-c829-4d83-8168-49b317616547&ts=1682043793622
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash
94c02bbc2fc665542c76bb6ae230199c614b8177c46d9ab57794cf27870b8bc9

Request headers

x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
accept-language
de-DE,de;q=0.9
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.1

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
gzip
x-api-version
0.47.5
pa-user-id
bb05bd8c-761a-490d-9279-262c872b398f
etag
W/"cc8-ZRhmYGv64eYE7F/PMnyDq5XexFU"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
x-request-id
b876d223-3ff4-4f4b-8ea6-0173da50fccd
/
api.purpleads.io/x/v2/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=0&pid=e4270268c8ee4b41b0b05e68a351dabe&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=657573b8-c829-4d83-8168-49b317616547&ts=1682043793622
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
date
Fri, 21 Apr 2023 02:23:13 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 9C75 		157 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKHwIu8diAAxlKp42V9zidhuXeOKiDw&u=%7CtIkYEaG2Wq462YMYvKn4NaSl97nJqQKnX%2BazIAhF1Nw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzTE2NRR225S641ULTy2Ib6EgMp2k7UlfBdwdmMcHgDwzbfC3T_CDG9GS1TR0BuJMcVrhPCn0DnXTi_3MIxCYulMRHoFd7tHO-78eqCU12eUENhUpi_652h1HhpExY1RmryPEE9keR756Ws3bGThFAGysq6bNDmg74zCCkQJ24zjNBgfHEdF5Gvs0lKuNvAZVD6NxgcmQnIKmvZyDd4nJwpEgO1zCJg0xdpqD7ws-DdzPJklofTJu600ShVkqA3Rq6KdcqLhKErplb60gAR8VIfGJU59u1i_HwZEmggHY5GeXMtsAE6xoTkhROOwqju0UOBVSRgPwOeuhazb-ClirZ9JuQm3R5-g1_ImUlXRMykFDDyihMlU7QOezMQLvqhC2us7wYCKeuQlZH2QaqFB2aT7VdOfiMvcYSFlvGL0ZQRhkVTGgB_AiF1EGq1TBT9sPvYKLsrXykfx0EkFjOYY4wGn0CJPjiPD_Of7A-LVx8LhWRYUCYYrM_mkeAn83ENmEk_UUYlpPMaxlyS78qj5GFLxVm17svSeGTw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8SUbkfNBZPzQBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0LKedLbIauWa555qn9uIACtliRG3n04NOLrXAlbMEMqAtQWE2QxOLgkM86DZCC2SNvWa3yHKuQIspXneJhlbx9wFpMAP7UNXyqv-3DwzhJslLSroNg4Ak02Dsq3kLmoZ1liKs-ayFPZWrI5bVuah-x1pZ6eI38xA5umzHfl8eKHvCJoxPZc6o0JLCoJW376Ol_e8EpzaIc0dEZbfUxBl-VxP-RLsOjsfnFjeOzZPQNtujReIkz48gLUTuyIItZnD1cHv9pfTRAVnyTxo1jbJIDRMcFvtuFhEBAPLYWeTG0w16OVEYALj9FL7pvp2BIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jX1fhTBVMivYn9rvwQNcikKr9TQ%26client%3Dca-pub-3327298579154787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b2a515095950979160ea466edd49eeec2a9dcb219216c00eada5ac5e9a72c944
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 02:23:13 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=DyC04jdFoKZbJS8vH9nd0NeyvV_VTWBKLXe4n_-H6d0lxUbqFylwFadfTkAwFFEhBdJaSK0_zN-ZAXjsx5YzQMQaMBlrZ5ikxw09SKSwUO7gI6T4ZzihEUg8zrNIT5eKv3ogf8KeAp2s-EI1DBinFC2wVYdtMVy2mLU10A_aF5qtDjgbOlhhejLSDGBx7Vis-rOOyiH4xQE2kO_TmzOC45gOvld8Fus1XEtG3uNcEfMIc-I-GEVIecqp_tjnn3ivg1GckA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
61369037
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 665D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 16:46:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
34609
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 16:46:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 665D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 May 2023 02:23:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 665D 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Apr 2023 02:23:13 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 3DB1 		149 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKH0Iu8diAAxlKuTllHD5cOwiWpRbvg&u=%7CtIkYEaG2Wq60sl9QSEAvQs8bverFEI8a%2BEjHxbJZOgg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZRf8mSY4s2yWA5MNWkuH4PeE7RdvetCqi7EDrRBFmb6r5P8n-YIKZnOHr1GxItlzLHs9zOcRNoX4rJApB7EIjDjv-T7glT0CmWaIaNTUxudn5KnJbCNLC17R6PtMVpr0T3f0Ggs6hmYbhvcVS4By9jIp5HWV_yWA2fIPr84RPRBQris7OP-EKzjgc4mtpUxhsJ5hKFDVXH_PoHFgL0U6f0ZV2GeRqUEUqsXEcpwVK9QgUsrR-2VRsqZtzrlM2iCE09NzB4F_r7GbwS8uH3UWdxGQXIdomXeoknSBX_JgbWSuKikadZcKb90_F4TK82lq7nv9OhTnfkjKkioXacTf5mK1fNlQ0lijk-rZZYP7vX8ueoQ20Y_bEPX59rVPEPbif9M4ZySXtnZxNw-wsVzeTBgKvVsI4y4h6khFDAg59YDHOw0v0dql0S1t8ZRtIgrzKdY1VUbs8UyskHn_7RUDjqp_M1Tx52SWDkbPM1MeweTmtztVA1gybWwZd8Z7qSg6PLGXxc0wl-Bh3L83H1Sqc9hy1lNZOM1eWw5MauvxEj3Mga7jVgBDOYGLpVvKDK_b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv9clkfNBZP3QBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0EoHRX-nJraqGUiw7fyfYdKQmoZoSTmO7PyC3Rvof5js3JP8RBscvzNZzeQWGwdlSrIA4vlkwFTEPXN7OzMRkKF2bLKFwVssjAC80b48tozfOgjdelSItTxHbMbF3cRuWZtwAyNqqNj14Q6J__yBsx1K400SNQO7BOXtLLTgLvVUew0eNdKhA61DKtv-FU6cYtDS0eCrFmfWYnR2MRaCXx0kxPLM7Cfuljl1c8WsOcskP-pTKtS65Wj8bb2NrDFSrqmW6qFS-VSHYCGEfqUEs1VDJWwY5yixzhgrb6ChlQD6x7MdLuiDTMLPttIIH4AGq5-pzdqi4vUnoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Vql2FLY0mV8F3ffHjS-ydVyuvrA%26client%3Dca-pub-3327298579154787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c62493c612f9c1e47024f8cdf592884e21c4ebe774359383f0670bd5a995b68f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 02:23:13 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=0qrqdjdFoKZbJS8vioaN9exXp76iolGYk-9xcyIpiUQVkQ5JzriySayEq2g-GG7IIt4dmOZXDk3lZAFZQA7Vc5-8gPZPU42Xd_upWmExoVfKI0PSPfmXa2ZYFK15Ncn5ZKuupptKrVANMkG9_a0B7vVPbjQVVq7ELejZtNKUvr1sZXGHbGRIDkcjF3nUVqj2ciUclyAKMZA1f9nbvHFeoY3n_vog5NYYsulW5XPQ6E8ncwIlq-ucApq5zV0"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
57327865
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 825A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 16:46:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
34609
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 16:46:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 825A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 May 2023 02:23:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 825A 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Apr 2023 02:23:13 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1D2E 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXZKM1mCLezmwdkBf3C_aqWT15JrghZa8WsXaLxuY0MKxIbsOTZcEnlJp15toqXUAKnvSIIJ-TJCpLp_qPx0XBzUcc8wi2mquq-XFYHF9hCQZtR9xQB6vZ23x7WUqidnMeasKc717oIOIkKTR33H2vEZEsU7jKAmLUR7GS7QTpul_cUeN4
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 02:23:13 GMT
expires
Fri, 21 Apr 2023 02:23:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 65A0 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 21 Apr 2023 02:23:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 65A0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 16:46:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
34609
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 16:46:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 65A0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
0
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 May 2023 02:23:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 65A0 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Apr 2023 02:23:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 65A0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AzvFCCNEhDqZ29e3a7VlIBK7ehwluyHKAwkSOQdbvdSoGIOqoj8grdahY5QxZoth2PtDqtgrfHaL64Zo-GVE-rGt190SvS6ISgOMy7omQOa5UkEIg
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 65A0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3596113751961143113&x=1&ct=119
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.woff2
w1.areturnersmagic.com/wp-content/themes/Ifenzi/font-awesome/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://w1.areturnersmagic.com/wp-content/themes/Ifenzi/font-awesome/css/font-awesome.min.css
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:13 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Wed, 06 Oct 2021 07:52:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"615d55c2-ddcc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0ebJ%2BvPFazluGkpucOFTFfoDkd31wT2O1CLoSdZAwYktGn4GKgpiYmS%2FGrC11alpJcxDoXq5v5yO%2FmvhtQ%2BOAckFBptkZzCeRQ0ODdxpm%2FNP8kRAZfmqRYJKOnoPqEiHo3m7uwcVB6Ay1srXtfUAhagWcQG"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7bb229f00ddd9b8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56780
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300italic,700,700i|Source+Sans+Pro:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options
nosniff
age
1070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12580
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:19:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Apr 2024 02:05:23 GMT
rum
dsum-sec.casalemedia.com/ Frame 1D2E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMXdt5VT2a9bgBXNaisL8I&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMXdt5VT2a9bgBXNaisL8I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXZKM1mCLezmwdkBf3C_aqWT15JrghZa8WsXaLxuY0MKxIbsOTZcEnlJp15toqXUAKnvSIIJ-TJCpLp_qPx0XBzUcc8wi2mquq-XFYHF9hCQZtR9xQB6vZ23x7WUqidnMeasKc717oIOIkKTR33H2vEZEsU7jKAmLUR7GS7QTpul_cUeN4
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMXdt5VT2a9bgBXNaisL8I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1D2E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEHzkhMcP3YRf1lKMzVnVgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMXdt5VT2a9bgBXNaisL8I&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMXdt5VT2a9bgBXNaisL8I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXZKM1mCLezmwdkBf3C_aqWT15JrghZa8WsXaLxuY0MKxIbsOTZcEnlJp15toqXUAKnvSIIJ-TJCpLp_qPx0XBzUcc8wi2mquq-XFYHF9hCQZtR9xQB6vZ23x7WUqidnMeasKc717oIOIkKTR33H2vEZEsU7jKAmLUR7GS7QTpul_cUeN4
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKMXdt5VT2a9bgBXNaisL8I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 1D2E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEG00p-nKXZZdbrNTRhc9MR8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEG00p-nKXZZdbrNTRhc9MR8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXZKM1mCLezmwdkBf3C_aqWT15JrghZa8WsXaLxuY0MKxIbsOTZcEnlJp15toqXUAKnvSIIJ-TJCpLp_qPx0XBzUcc8wi2mquq-XFYHF9hCQZtR9xQB6vZ23x7WUqidnMeasKc717oIOIkKTR33H2vEZEsU7jKAmLUR7GS7QTpul_cUeN4
Protocol
HTTP/1.1
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:14 GMT
AN-X-Request-Uuid
3614b89b-dc01-4750-bfc3-f8e91ac57bad
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEG00p-nKXZZdbrNTRhc9MR8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1D2E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA1MDI5ODI1MDMyNDEzMDcxMg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA1MDI5ODI1MDMyNDEzMDcxMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNXZKM1mCLezmwdkBf3C_aqWT15JrghZa8WsXaLxuY0MKxIbsOTZcEnlJp15toqXUAKnvSIIJ-TJCpLp_qPx0XBzUcc8wi2mquq-XFYHF9hCQZtR9xQB6vZ23x7WUqidnMeasKc717oIOIkKTR33H2vEZEsU7jKAmLUR7GS7QTpul_cUeN4
Protocol
H2
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 21 Apr 2023 02:23:14 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bd631cf9-16aa-4932-9a59-d4e4febf72c7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA1MDI5ODI1MDMyNDEzMDcxMg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3DB1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKH0Iu8diAAxlKuTllHD5cOwiWpRbvg&u=%7CtIkYEaG2Wq60sl9QSEAvQs8bverFEI8a%2BEjHxbJZOgg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZRf8mSY4s2yWA5MNWkuH4PeE7RdvetCqi7EDrRBFmb6r5P8n-YIKZnOHr1GxItlzLHs9zOcRNoX4rJApB7EIjDjv-T7glT0CmWaIaNTUxudn5KnJbCNLC17R6PtMVpr0T3f0Ggs6hmYbhvcVS4By9jIp5HWV_yWA2fIPr84RPRBQris7OP-EKzjgc4mtpUxhsJ5hKFDVXH_PoHFgL0U6f0ZV2GeRqUEUqsXEcpwVK9QgUsrR-2VRsqZtzrlM2iCE09NzB4F_r7GbwS8uH3UWdxGQXIdomXeoknSBX_JgbWSuKikadZcKb90_F4TK82lq7nv9OhTnfkjKkioXacTf5mK1fNlQ0lijk-rZZYP7vX8ueoQ20Y_bEPX59rVPEPbif9M4ZySXtnZxNw-wsVzeTBgKvVsI4y4h6khFDAg59YDHOw0v0dql0S1t8ZRtIgrzKdY1VUbs8UyskHn_7RUDjqp_M1Tx52SWDkbPM1MeweTmtztVA1gybWwZd8Z7qSg6PLGXxc0wl-Bh3L83H1Sqc9hy1lNZOM1eWw5MauvxEj3Mga7jVgBDOYGLpVvKDK_b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv9clkfNBZP3QBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0EoHRX-nJraqGUiw7fyfYdKQmoZoSTmO7PyC3Rvof5js3JP8RBscvzNZzeQWGwdlSrIA4vlkwFTEPXN7OzMRkKF2bLKFwVssjAC80b48tozfOgjdelSItTxHbMbF3cRuWZtwAyNqqNj14Q6J__yBsx1K400SNQO7BOXtLLTgLvVUew0eNdKhA61DKtv-FU6cYtDS0eCrFmfWYnR2MRaCXx0kxPLM7Cfuljl1c8WsOcskP-pTKtS65Wj8bb2NrDFSrqmW6qFS-VSHYCGEfqUEs1VDJWwY5yixzhgrb6ChlQD6x7MdLuiDTMLPttIIH4AGq5-pzdqi4vUnoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Vql2FLY0mV8F3ffHjS-ydVyuvrA%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Apr 2024 02:23:14 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3DB1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKH0Iu8diAAxlKuTllHD5cOwiWpRbvg&u=%7CtIkYEaG2Wq60sl9QSEAvQs8bverFEI8a%2BEjHxbJZOgg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZRf8mSY4s2yWA5MNWkuH4PeE7RdvetCqi7EDrRBFmb6r5P8n-YIKZnOHr1GxItlzLHs9zOcRNoX4rJApB7EIjDjv-T7glT0CmWaIaNTUxudn5KnJbCNLC17R6PtMVpr0T3f0Ggs6hmYbhvcVS4By9jIp5HWV_yWA2fIPr84RPRBQris7OP-EKzjgc4mtpUxhsJ5hKFDVXH_PoHFgL0U6f0ZV2GeRqUEUqsXEcpwVK9QgUsrR-2VRsqZtzrlM2iCE09NzB4F_r7GbwS8uH3UWdxGQXIdomXeoknSBX_JgbWSuKikadZcKb90_F4TK82lq7nv9OhTnfkjKkioXacTf5mK1fNlQ0lijk-rZZYP7vX8ueoQ20Y_bEPX59rVPEPbif9M4ZySXtnZxNw-wsVzeTBgKvVsI4y4h6khFDAg59YDHOw0v0dql0S1t8ZRtIgrzKdY1VUbs8UyskHn_7RUDjqp_M1Tx52SWDkbPM1MeweTmtztVA1gybWwZd8Z7qSg6PLGXxc0wl-Bh3L83H1Sqc9hy1lNZOM1eWw5MauvxEj3Mga7jVgBDOYGLpVvKDK_b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv9clkfNBZP3QBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0EoHRX-nJraqGUiw7fyfYdKQmoZoSTmO7PyC3Rvof5js3JP8RBscvzNZzeQWGwdlSrIA4vlkwFTEPXN7OzMRkKF2bLKFwVssjAC80b48tozfOgjdelSItTxHbMbF3cRuWZtwAyNqqNj14Q6J__yBsx1K400SNQO7BOXtLLTgLvVUew0eNdKhA61DKtv-FU6cYtDS0eCrFmfWYnR2MRaCXx0kxPLM7Cfuljl1c8WsOcskP-pTKtS65Wj8bb2NrDFSrqmW6qFS-VSHYCGEfqUEs1VDJWwY5yixzhgrb6ChlQD6x7MdLuiDTMLPttIIH4AGq5-pzdqi4vUnoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Vql2FLY0mV8F3ffHjS-ydVyuvrA%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Apr 2024 02:23:14 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3DB1 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKH0Iu8diAAxlKuTllHD5cOwiWpRbvg&u=%7CtIkYEaG2Wq60sl9QSEAvQs8bverFEI8a%2BEjHxbJZOgg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZRf8mSY4s2yWA5MNWkuH4PeE7RdvetCqi7EDrRBFmb6r5P8n-YIKZnOHr1GxItlzLHs9zOcRNoX4rJApB7EIjDjv-T7glT0CmWaIaNTUxudn5KnJbCNLC17R6PtMVpr0T3f0Ggs6hmYbhvcVS4By9jIp5HWV_yWA2fIPr84RPRBQris7OP-EKzjgc4mtpUxhsJ5hKFDVXH_PoHFgL0U6f0ZV2GeRqUEUqsXEcpwVK9QgUsrR-2VRsqZtzrlM2iCE09NzB4F_r7GbwS8uH3UWdxGQXIdomXeoknSBX_JgbWSuKikadZcKb90_F4TK82lq7nv9OhTnfkjKkioXacTf5mK1fNlQ0lijk-rZZYP7vX8ueoQ20Y_bEPX59rVPEPbif9M4ZySXtnZxNw-wsVzeTBgKvVsI4y4h6khFDAg59YDHOw0v0dql0S1t8ZRtIgrzKdY1VUbs8UyskHn_7RUDjqp_M1Tx52SWDkbPM1MeweTmtztVA1gybWwZd8Z7qSg6PLGXxc0wl-Bh3L83H1Sqc9hy1lNZOM1eWw5MauvxEj3Mga7jVgBDOYGLpVvKDK_b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv9clkfNBZP3QBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0EoHRX-nJraqGUiw7fyfYdKQmoZoSTmO7PyC3Rvof5js3JP8RBscvzNZzeQWGwdlSrIA4vlkwFTEPXN7OzMRkKF2bLKFwVssjAC80b48tozfOgjdelSItTxHbMbF3cRuWZtwAyNqqNj14Q6J__yBsx1K400SNQO7BOXtLLTgLvVUew0eNdKhA61DKtv-FU6cYtDS0eCrFmfWYnR2MRaCXx0kxPLM7Cfuljl1c8WsOcskP-pTKtS65Wj8bb2NrDFSrqmW6qFS-VSHYCGEfqUEs1VDJWwY5yixzhgrb6ChlQD6x7MdLuiDTMLPttIIH4AGq5-pzdqi4vUnoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Vql2FLY0mV8F3ffHjS-ydVyuvrA%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 15 Apr 2024 02:23:14 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 3DB1 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKH0Iu8diAAxlKuTllHD5cOwiWpRbvg&u=%7CtIkYEaG2Wq60sl9QSEAvQs8bverFEI8a%2BEjHxbJZOgg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZRf8mSY4s2yWA5MNWkuH4PeE7RdvetCqi7EDrRBFmb6r5P8n-YIKZnOHr1GxItlzLHs9zOcRNoX4rJApB7EIjDjv-T7glT0CmWaIaNTUxudn5KnJbCNLC17R6PtMVpr0T3f0Ggs6hmYbhvcVS4By9jIp5HWV_yWA2fIPr84RPRBQris7OP-EKzjgc4mtpUxhsJ5hKFDVXH_PoHFgL0U6f0ZV2GeRqUEUqsXEcpwVK9QgUsrR-2VRsqZtzrlM2iCE09NzB4F_r7GbwS8uH3UWdxGQXIdomXeoknSBX_JgbWSuKikadZcKb90_F4TK82lq7nv9OhTnfkjKkioXacTf5mK1fNlQ0lijk-rZZYP7vX8ueoQ20Y_bEPX59rVPEPbif9M4ZySXtnZxNw-wsVzeTBgKvVsI4y4h6khFDAg59YDHOw0v0dql0S1t8ZRtIgrzKdY1VUbs8UyskHn_7RUDjqp_M1Tx52SWDkbPM1MeweTmtztVA1gybWwZd8Z7qSg6PLGXxc0wl-Bh3L83H1Sqc9hy1lNZOM1eWw5MauvxEj3Mga7jVgBDOYGLpVvKDK_b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv9clkfNBZP3QBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0EoHRX-nJraqGUiw7fyfYdKQmoZoSTmO7PyC3Rvof5js3JP8RBscvzNZzeQWGwdlSrIA4vlkwFTEPXN7OzMRkKF2bLKFwVssjAC80b48tozfOgjdelSItTxHbMbF3cRuWZtwAyNqqNj14Q6J__yBsx1K400SNQO7BOXtLLTgLvVUew0eNdKhA61DKtv-FU6cYtDS0eCrFmfWYnR2MRaCXx0kxPLM7Cfuljl1c8WsOcskP-pTKtS65Wj8bb2NrDFSrqmW6qFS-VSHYCGEfqUEs1VDJWwY5yixzhgrb6ChlQD6x7MdLuiDTMLPttIIH4AGq5-pzdqi4vUnoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Vql2FLY0mV8F3ffHjS-ydVyuvrA%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 15 Apr 2024 02:23:14 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 3DB1 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=mpzxKbtN-RQUOohkDdd_K8QTT36kYvdlTbs-QdmJ9WjdWsezOzImg8z39iTFbB3Hr0ipuKcurjMeI8_D4fk2BOfx3ogcNFll8omuhJ_8g6hz8a-Xvt15HGgP8wDqd7BS1sSyyj9IJiSYpo0JE0J4P7T_lztBY1-ZSuVoo0H1rUx-nMStH54atyU-d2AytDd8nJj3wBcSld8H9c9vl-xWOktA23sYODJWFdrRKEP3jrVBAHisHuupcr9V4Sy0HQ--9yUpoP-frSQjJU4Q-ZVdYUkFczdpi-MWB2HcpWlDixsVqu1eY1RzwSf1nBAI9AYk2wDWkB149-eDKE2EcLrKVfUM-1z6XjafAOKB4ymAQUP2SnxIl_By0NLEKeA3U1GLITAnPoO5m647LbyHibubM3_tSxxFtwjfvp7yBpOY2uPj0xxO
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKH0Iu8diAAxlKuTllHD5cOwiWpRbvg&u=%7CtIkYEaG2Wq60sl9QSEAvQs8bverFEI8a%2BEjHxbJZOgg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZRf8mSY4s2yWA5MNWkuH4PeE7RdvetCqi7EDrRBFmb6r5P8n-YIKZnOHr1GxItlzLHs9zOcRNoX4rJApB7EIjDjv-T7glT0CmWaIaNTUxudn5KnJbCNLC17R6PtMVpr0T3f0Ggs6hmYbhvcVS4By9jIp5HWV_yWA2fIPr84RPRBQris7OP-EKzjgc4mtpUxhsJ5hKFDVXH_PoHFgL0U6f0ZV2GeRqUEUqsXEcpwVK9QgUsrR-2VRsqZtzrlM2iCE09NzB4F_r7GbwS8uH3UWdxGQXIdomXeoknSBX_JgbWSuKikadZcKb90_F4TK82lq7nv9OhTnfkjKkioXacTf5mK1fNlQ0lijk-rZZYP7vX8ueoQ20Y_bEPX59rVPEPbif9M4ZySXtnZxNw-wsVzeTBgKvVsI4y4h6khFDAg59YDHOw0v0dql0S1t8ZRtIgrzKdY1VUbs8UyskHn_7RUDjqp_M1Tx52SWDkbPM1MeweTmtztVA1gybWwZd8Z7qSg6PLGXxc0wl-Bh3L83H1Sqc9hy1lNZOM1eWw5MauvxEj3Mga7jVgBDOYGLpVvKDK_b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv9clkfNBZP3QBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0EoHRX-nJraqGUiw7fyfYdKQmoZoSTmO7PyC3Rvof5js3JP8RBscvzNZzeQWGwdlSrIA4vlkwFTEPXN7OzMRkKF2bLKFwVssjAC80b48tozfOgjdelSItTxHbMbF3cRuWZtwAyNqqNj14Q6J__yBsx1K400SNQO7BOXtLLTgLvVUew0eNdKhA61DKtv-FU6cYtDS0eCrFmfWYnR2MRaCXx0kxPLM7Cfuljl1c8WsOcskP-pTKtS65Wj8bb2NrDFSrqmW6qFS-VSHYCGEfqUEs1VDJWwY5yixzhgrb6ChlQD6x7MdLuiDTMLPttIIH4AGq5-pzdqi4vUnoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Vql2FLY0mV8F3ffHjS-ydVyuvrA%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:13 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2627464
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9C75 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKHwIu8diAAxlKp42V9zidhuXeOKiDw&u=%7CtIkYEaG2Wq462YMYvKn4NaSl97nJqQKnX%2BazIAhF1Nw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzTE2NRR225S641ULTy2Ib6EgMp2k7UlfBdwdmMcHgDwzbfC3T_CDG9GS1TR0BuJMcVrhPCn0DnXTi_3MIxCYulMRHoFd7tHO-78eqCU12eUENhUpi_652h1HhpExY1RmryPEE9keR756Ws3bGThFAGysq6bNDmg74zCCkQJ24zjNBgfHEdF5Gvs0lKuNvAZVD6NxgcmQnIKmvZyDd4nJwpEgO1zCJg0xdpqD7ws-DdzPJklofTJu600ShVkqA3Rq6KdcqLhKErplb60gAR8VIfGJU59u1i_HwZEmggHY5GeXMtsAE6xoTkhROOwqju0UOBVSRgPwOeuhazb-ClirZ9JuQm3R5-g1_ImUlXRMykFDDyihMlU7QOezMQLvqhC2us7wYCKeuQlZH2QaqFB2aT7VdOfiMvcYSFlvGL0ZQRhkVTGgB_AiF1EGq1TBT9sPvYKLsrXykfx0EkFjOYY4wGn0CJPjiPD_Of7A-LVx8LhWRYUCYYrM_mkeAn83ENmEk_UUYlpPMaxlyS78qj5GFLxVm17svSeGTw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8SUbkfNBZPzQBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0LKedLbIauWa555qn9uIACtliRG3n04NOLrXAlbMEMqAtQWE2QxOLgkM86DZCC2SNvWa3yHKuQIspXneJhlbx9wFpMAP7UNXyqv-3DwzhJslLSroNg4Ak02Dsq3kLmoZ1liKs-ayFPZWrI5bVuah-x1pZ6eI38xA5umzHfl8eKHvCJoxPZc6o0JLCoJW376Ol_e8EpzaIc0dEZbfUxBl-VxP-RLsOjsfnFjeOzZPQNtujReIkz48gLUTuyIItZnD1cHv9pfTRAVnyTxo1jbJIDRMcFvtuFhEBAPLYWeTG0w16OVEYALj9FL7pvp2BIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jX1fhTBVMivYn9rvwQNcikKr9TQ%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Apr 2024 02:23:14 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9C75 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKHwIu8diAAxlKp42V9zidhuXeOKiDw&u=%7CtIkYEaG2Wq462YMYvKn4NaSl97nJqQKnX%2BazIAhF1Nw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzTE2NRR225S641ULTy2Ib6EgMp2k7UlfBdwdmMcHgDwzbfC3T_CDG9GS1TR0BuJMcVrhPCn0DnXTi_3MIxCYulMRHoFd7tHO-78eqCU12eUENhUpi_652h1HhpExY1RmryPEE9keR756Ws3bGThFAGysq6bNDmg74zCCkQJ24zjNBgfHEdF5Gvs0lKuNvAZVD6NxgcmQnIKmvZyDd4nJwpEgO1zCJg0xdpqD7ws-DdzPJklofTJu600ShVkqA3Rq6KdcqLhKErplb60gAR8VIfGJU59u1i_HwZEmggHY5GeXMtsAE6xoTkhROOwqju0UOBVSRgPwOeuhazb-ClirZ9JuQm3R5-g1_ImUlXRMykFDDyihMlU7QOezMQLvqhC2us7wYCKeuQlZH2QaqFB2aT7VdOfiMvcYSFlvGL0ZQRhkVTGgB_AiF1EGq1TBT9sPvYKLsrXykfx0EkFjOYY4wGn0CJPjiPD_Of7A-LVx8LhWRYUCYYrM_mkeAn83ENmEk_UUYlpPMaxlyS78qj5GFLxVm17svSeGTw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8SUbkfNBZPzQBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0LKedLbIauWa555qn9uIACtliRG3n04NOLrXAlbMEMqAtQWE2QxOLgkM86DZCC2SNvWa3yHKuQIspXneJhlbx9wFpMAP7UNXyqv-3DwzhJslLSroNg4Ak02Dsq3kLmoZ1liKs-ayFPZWrI5bVuah-x1pZ6eI38xA5umzHfl8eKHvCJoxPZc6o0JLCoJW376Ol_e8EpzaIc0dEZbfUxBl-VxP-RLsOjsfnFjeOzZPQNtujReIkz48gLUTuyIItZnD1cHv9pfTRAVnyTxo1jbJIDRMcFvtuFhEBAPLYWeTG0w16OVEYALj9FL7pvp2BIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jX1fhTBVMivYn9rvwQNcikKr9TQ%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Apr 2024 02:23:14 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9C75 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKHwIu8diAAxlKp42V9zidhuXeOKiDw&u=%7CtIkYEaG2Wq462YMYvKn4NaSl97nJqQKnX%2BazIAhF1Nw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzTE2NRR225S641ULTy2Ib6EgMp2k7UlfBdwdmMcHgDwzbfC3T_CDG9GS1TR0BuJMcVrhPCn0DnXTi_3MIxCYulMRHoFd7tHO-78eqCU12eUENhUpi_652h1HhpExY1RmryPEE9keR756Ws3bGThFAGysq6bNDmg74zCCkQJ24zjNBgfHEdF5Gvs0lKuNvAZVD6NxgcmQnIKmvZyDd4nJwpEgO1zCJg0xdpqD7ws-DdzPJklofTJu600ShVkqA3Rq6KdcqLhKErplb60gAR8VIfGJU59u1i_HwZEmggHY5GeXMtsAE6xoTkhROOwqju0UOBVSRgPwOeuhazb-ClirZ9JuQm3R5-g1_ImUlXRMykFDDyihMlU7QOezMQLvqhC2us7wYCKeuQlZH2QaqFB2aT7VdOfiMvcYSFlvGL0ZQRhkVTGgB_AiF1EGq1TBT9sPvYKLsrXykfx0EkFjOYY4wGn0CJPjiPD_Of7A-LVx8LhWRYUCYYrM_mkeAn83ENmEk_UUYlpPMaxlyS78qj5GFLxVm17svSeGTw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8SUbkfNBZPzQBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0LKedLbIauWa555qn9uIACtliRG3n04NOLrXAlbMEMqAtQWE2QxOLgkM86DZCC2SNvWa3yHKuQIspXneJhlbx9wFpMAP7UNXyqv-3DwzhJslLSroNg4Ak02Dsq3kLmoZ1liKs-ayFPZWrI5bVuah-x1pZ6eI38xA5umzHfl8eKHvCJoxPZc6o0JLCoJW376Ol_e8EpzaIc0dEZbfUxBl-VxP-RLsOjsfnFjeOzZPQNtujReIkz48gLUTuyIItZnD1cHv9pfTRAVnyTxo1jbJIDRMcFvtuFhEBAPLYWeTG0w16OVEYALj9FL7pvp2BIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jX1fhTBVMivYn9rvwQNcikKr9TQ%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 15 Apr 2024 02:23:14 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9C75 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKHwIu8diAAxlKp42V9zidhuXeOKiDw&u=%7CtIkYEaG2Wq462YMYvKn4NaSl97nJqQKnX%2BazIAhF1Nw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzTE2NRR225S641ULTy2Ib6EgMp2k7UlfBdwdmMcHgDwzbfC3T_CDG9GS1TR0BuJMcVrhPCn0DnXTi_3MIxCYulMRHoFd7tHO-78eqCU12eUENhUpi_652h1HhpExY1RmryPEE9keR756Ws3bGThFAGysq6bNDmg74zCCkQJ24zjNBgfHEdF5Gvs0lKuNvAZVD6NxgcmQnIKmvZyDd4nJwpEgO1zCJg0xdpqD7ws-DdzPJklofTJu600ShVkqA3Rq6KdcqLhKErplb60gAR8VIfGJU59u1i_HwZEmggHY5GeXMtsAE6xoTkhROOwqju0UOBVSRgPwOeuhazb-ClirZ9JuQm3R5-g1_ImUlXRMykFDDyihMlU7QOezMQLvqhC2us7wYCKeuQlZH2QaqFB2aT7VdOfiMvcYSFlvGL0ZQRhkVTGgB_AiF1EGq1TBT9sPvYKLsrXykfx0EkFjOYY4wGn0CJPjiPD_Of7A-LVx8LhWRYUCYYrM_mkeAn83ENmEk_UUYlpPMaxlyS78qj5GFLxVm17svSeGTw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8SUbkfNBZPzQBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0LKedLbIauWa555qn9uIACtliRG3n04NOLrXAlbMEMqAtQWE2QxOLgkM86DZCC2SNvWa3yHKuQIspXneJhlbx9wFpMAP7UNXyqv-3DwzhJslLSroNg4Ak02Dsq3kLmoZ1liKs-ayFPZWrI5bVuah-x1pZ6eI38xA5umzHfl8eKHvCJoxPZc6o0JLCoJW376Ol_e8EpzaIc0dEZbfUxBl-VxP-RLsOjsfnFjeOzZPQNtujReIkz48gLUTuyIItZnD1cHv9pfTRAVnyTxo1jbJIDRMcFvtuFhEBAPLYWeTG0w16OVEYALj9FL7pvp2BIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jX1fhTBVMivYn9rvwQNcikKr9TQ%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 15 Apr 2024 02:23:14 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 9C75 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=RSIHg1pK7UNOzZVT8RZfYtdX4rCjPMY94DebptGCtun8jsLHPueOxKG1V_SJpKKrFV2HgRnjToe_yN1YgvjXKsPUaOKHJo8hDTUImBfQFPEQWSU_YGGUUzTxN0_hrLBsa0RM1x-LPXWSyMi0fyvzm2fozjRHM7sXIvKBd7L6llsNabLpQiW_euyWWHegpq3EIuAPyZRBQ_SWvMBdl9zkI_m4FbMrU6KAItUkXBG7hSLvCdEaLetuVUdkuDtRgAfouNuK_BRxbu-Y4kzqKqiC0ld2wLpQAPoVQd2eNWqeYVNO7MueRFUw4AJ5ajwnj-_9YRlBqh30mnJM1iAU-cisi1t1jRjntadkIyFSC8BvxTGFiiPYtH8YVNhmMxHsSmoldQFCav-LBr3RkpSD291SJlt7cgaXQoX0WUNrdQ8PJssnKr9L
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKHwIu8diAAxlKp42V9zidhuXeOKiDw&u=%7CtIkYEaG2Wq462YMYvKn4NaSl97nJqQKnX%2BazIAhF1Nw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzTE2NRR225S641ULTy2Ib6EgMp2k7UlfBdwdmMcHgDwzbfC3T_CDG9GS1TR0BuJMcVrhPCn0DnXTi_3MIxCYulMRHoFd7tHO-78eqCU12eUENhUpi_652h1HhpExY1RmryPEE9keR756Ws3bGThFAGysq6bNDmg74zCCkQJ24zjNBgfHEdF5Gvs0lKuNvAZVD6NxgcmQnIKmvZyDd4nJwpEgO1zCJg0xdpqD7ws-DdzPJklofTJu600ShVkqA3Rq6KdcqLhKErplb60gAR8VIfGJU59u1i_HwZEmggHY5GeXMtsAE6xoTkhROOwqju0UOBVSRgPwOeuhazb-ClirZ9JuQm3R5-g1_ImUlXRMykFDDyihMlU7QOezMQLvqhC2us7wYCKeuQlZH2QaqFB2aT7VdOfiMvcYSFlvGL0ZQRhkVTGgB_AiF1EGq1TBT9sPvYKLsrXykfx0EkFjOYY4wGn0CJPjiPD_Of7A-LVx8LhWRYUCYYrM_mkeAn83ENmEk_UUYlpPMaxlyS78qj5GFLxVm17svSeGTw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8SUbkfNBZPzQBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0LKedLbIauWa555qn9uIACtliRG3n04NOLrXAlbMEMqAtQWE2QxOLgkM86DZCC2SNvWa3yHKuQIspXneJhlbx9wFpMAP7UNXyqv-3DwzhJslLSroNg4Ak02Dsq3kLmoZ1liKs-ayFPZWrI5bVuah-x1pZ6eI38xA5umzHfl8eKHvCJoxPZc6o0JLCoJW376Ol_e8EpzaIc0dEZbfUxBl-VxP-RLsOjsfnFjeOzZPQNtujReIkz48gLUTuyIItZnD1cHv9pfTRAVnyTxo1jbJIDRMcFvtuFhEBAPLYWeTG0w16OVEYALj9FL7pvp2BIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jX1fhTBVMivYn9rvwQNcikKr9TQ%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:14 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1768659
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
api.purpleads.io/x/v2/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=1&pid=e4270268c8ee4b41b0b05e68a351dabe&sizes=[[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=a029bb1c-31a0-4947-95ae-5c5ab9158a14&ts=1682043794054
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
date
Fri, 21 Apr 2023 02:23:14 GMT
/
api.purpleads.io/x/v2/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=2&pid=e4270268c8ee4b41b0b05e68a351dabe&sizes=[[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[300,100]]&slotid=d23bc9e3-da8a-4187-a5aa-c5102e9bd255&ts=1682043794055
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
date
Fri, 21 Apr 2023 02:23:14 GMT
forkawesome-webfont.woff2
w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/ 		107 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/forkawesome-webfont.woff2?v=1.2.0
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:327b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://w1.areturnersmagic.com/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Wed, 29 Mar 2023 15:14:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"642455eb-1ad5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIV3V7FIGIkdczxWDcMrJq5vgSp%2BweBlJNL%2BR%2FeSdt9SwpwTf1jQeXPYXM2hyPyqXE7xyqI53VvzGor4Ai0GFJGlMU4tEMcvSWwFvqaHDUPkyL3u%2BM8vBEi8%2FEPTa%2FAQgxGqmk4CmkaxEmxLizq%2FwDsOFpVN"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7bb229f0be639b8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
109916
/
api.purpleads.io/x/v2/b/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=1&pid=e4270268c8ee4b41b0b05e68a351dabe&sizes=[[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=a029bb1c-31a0-4947-95ae-5c5ab9158a14&ts=1682043794054
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash
d3ec65c33cf33da4584a7875fa73aa47db39b05163c891600fefd3dd635a4c15

Request headers

x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
accept-language
de-DE,de;q=0.9
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.1

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
x-api-version
0.47.5
pa-user-id
333fca9d-08ae-4a9a-a58b-8c6dae157a1c
etag
W/"e58-+N9b/awOmNWkCKffVAnQCgUPoiY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
x-request-id
a4356a66-4746-41cf-b952-b0492e429465
/
api.purpleads.io/x/v2/b/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=2&pid=e4270268c8ee4b41b0b05e68a351dabe&sizes=[[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[300,100]]&slotid=d23bc9e3-da8a-4187-a5aa-c5102e9bd255&ts=1682043794055
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash
f2bf6b49cd225ae4e1850eb803edc24cd1da6f41fa9905e75f36edab042d43b8

Request headers

x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
accept-language
de-DE,de;q=0.9
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.1

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
x-api-version
0.47.5
pa-user-id
60ca74d4-165d-4862-98df-d985b746d8d9
etag
W/"d05-51EO1fIZGdh+iSSrXxQLbCQcyBE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
x-request-id
a2a39393-deb0-4483-9e34-be150d44ad61
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 3DB1 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKH0Iu8diAAxlKuTllHD5cOwiWpRbvg&u=%7CtIkYEaG2Wq60sl9QSEAvQs8bverFEI8a%2BEjHxbJZOgg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZRf8mSY4s2yWA5MNWkuH4PeE7RdvetCqi7EDrRBFmb6r5P8n-YIKZnOHr1GxItlzLHs9zOcRNoX4rJApB7EIjDjv-T7glT0CmWaIaNTUxudn5KnJbCNLC17R6PtMVpr0T3f0Ggs6hmYbhvcVS4By9jIp5HWV_yWA2fIPr84RPRBQris7OP-EKzjgc4mtpUxhsJ5hKFDVXH_PoHFgL0U6f0ZV2GeRqUEUqsXEcpwVK9QgUsrR-2VRsqZtzrlM2iCE09NzB4F_r7GbwS8uH3UWdxGQXIdomXeoknSBX_JgbWSuKikadZcKb90_F4TK82lq7nv9OhTnfkjKkioXacTf5mK1fNlQ0lijk-rZZYP7vX8ueoQ20Y_bEPX59rVPEPbif9M4ZySXtnZxNw-wsVzeTBgKvVsI4y4h6khFDAg59YDHOw0v0dql0S1t8ZRtIgrzKdY1VUbs8UyskHn_7RUDjqp_M1Tx52SWDkbPM1MeweTmtztVA1gybWwZd8Z7qSg6PLGXxc0wl-Bh3L83H1Sqc9hy1lNZOM1eWw5MauvxEj3Mga7jVgBDOYGLpVvKDK_b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv9clkfNBZP3QBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0EoHRX-nJraqGUiw7fyfYdKQmoZoSTmO7PyC3Rvof5js3JP8RBscvzNZzeQWGwdlSrIA4vlkwFTEPXN7OzMRkKF2bLKFwVssjAC80b48tozfOgjdelSItTxHbMbF3cRuWZtwAyNqqNj14Q6J__yBsx1K400SNQO7BOXtLLTgLvVUew0eNdKhA61DKtv-FU6cYtDS0eCrFmfWYnR2MRaCXx0kxPLM7Cfuljl1c8WsOcskP-pTKtS65Wj8bb2NrDFSrqmW6qFS-VSHYCGEfqUEs1VDJWwY5yixzhgrb6ChlQD6x7MdLuiDTMLPttIIH4AGq5-pzdqi4vUnoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Vql2FLY0mV8F3ffHjS-ydVyuvrA%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6379
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7o7eY4OcKFHcKV19XrS4IUNyd2%2BWsKjB7pydZA%2B2WVJ23pvO9a%2FhzOEk0T75%2FxQsYuI1DZ5LYZtegq2Qn2esLRVhBYB0vEOAbZ5m02RAJwX%2FX5dla5XSsXd1T2y9IzKV00usAipEUxvs8ejy%2BCHofAXW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7bb229f11ec3bbc1-FRA
expires
Wed, 10 Apr 2024 02:23:14 GMT
animejs.js
static.criteo.net/animejs/ Frame 3DB1 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKH0Iu8diAAxlKuTllHD5cOwiWpRbvg&u=%7CtIkYEaG2Wq60sl9QSEAvQs8bverFEI8a%2BEjHxbJZOgg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZRf8mSY4s2yWA5MNWkuH4PeE7RdvetCqi7EDrRBFmb6r5P8n-YIKZnOHr1GxItlzLHs9zOcRNoX4rJApB7EIjDjv-T7glT0CmWaIaNTUxudn5KnJbCNLC17R6PtMVpr0T3f0Ggs6hmYbhvcVS4By9jIp5HWV_yWA2fIPr84RPRBQris7OP-EKzjgc4mtpUxhsJ5hKFDVXH_PoHFgL0U6f0ZV2GeRqUEUqsXEcpwVK9QgUsrR-2VRsqZtzrlM2iCE09NzB4F_r7GbwS8uH3UWdxGQXIdomXeoknSBX_JgbWSuKikadZcKb90_F4TK82lq7nv9OhTnfkjKkioXacTf5mK1fNlQ0lijk-rZZYP7vX8ueoQ20Y_bEPX59rVPEPbif9M4ZySXtnZxNw-wsVzeTBgKvVsI4y4h6khFDAg59YDHOw0v0dql0S1t8ZRtIgrzKdY1VUbs8UyskHn_7RUDjqp_M1Tx52SWDkbPM1MeweTmtztVA1gybWwZd8Z7qSg6PLGXxc0wl-Bh3L83H1Sqc9hy1lNZOM1eWw5MauvxEj3Mga7jVgBDOYGLpVvKDK_b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv9clkfNBZP3QBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0EoHRX-nJraqGUiw7fyfYdKQmoZoSTmO7PyC3Rvof5js3JP8RBscvzNZzeQWGwdlSrIA4vlkwFTEPXN7OzMRkKF2bLKFwVssjAC80b48tozfOgjdelSItTxHbMbF3cRuWZtwAyNqqNj14Q6J__yBsx1K400SNQO7BOXtLLTgLvVUew0eNdKhA61DKtv-FU6cYtDS0eCrFmfWYnR2MRaCXx0kxPLM7Cfuljl1c8WsOcskP-pTKtS65Wj8bb2NrDFSrqmW6qFS-VSHYCGEfqUEs1VDJWwY5yixzhgrb6ChlQD6x7MdLuiDTMLPttIIH4AGq5-pzdqi4vUnoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Vql2FLY0mV8F3ffHjS-ydVyuvrA%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Apr 2024 02:23:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 65A0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9946596979316&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 65A0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9946596979316&version=m202301230201&ct=119&x=1&cor=3596113751961143300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 65A0 		82 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dy1GQ11L5scwV1EenVhj807mtTciF5g3BEZp29Q9EqOSqUTIMOW0idaxW3DwLewzD4xlsigderT-2Wcq74NL9uvi7ZVCboRLkBkvBzkYvmmKI07Sj5Xkwue1FcaYMzrh2NpEceZpc_V8XD4GVfmSDlhf3gllqTdtCzK56Y9SdDPyQqlHM&cry=1&dbm_d=AKAmf-DGvuIqEMY-Daw-0Bd18b3k5nVVtMkphczakc_gkWaTLv4aEB82LO1tJl9n6-gURbC9qmUG9uOKkNyydEEStSnc2498oIt6EpUJozKOB4fiye8ivKHFGrIZt5zVCpuAZm9NiSZpxVNNOG_M4sZhQVjenhGYc4gEWuS4DyEV92l20_GibH5o69yd0yw1VEOb351-097D49_ns64YftEYaR-L-XfnwJB8SvBJWEyxFTeBKOG5q-Hy4_Mux38d36CjJ-hjzjpgE8S49c9QNB4p2k4sszAgLqQg40RICZS_D2TorR_w65M0MeVnHYgfiPaqQxBs8RySqRBrhZoWs0O_9x4UNQ3sjSRCbf--ikO3Kl9LkKl901XLPZSDpelymY-Y9fp0nwYagxks8L0OI7_NuYYheq4ChYJrk-SuGbACIaGOFz_wnT-0ZYaeB_GktghEArcopbTkp4Mu2xPSLSgB_8eaosbB_QGpny8RFfctNy5AL9ngTl4N2AdG4w6271Vh7ckyaueCLbPF7CCTUd-gp-kJd3id-fnisoW41zsMb4BeFQkhMDj8E4zaSU_yQxknnKOnvI079LnsmPIXlLKOzvddhAwiNnEIJtIgDqoa7gJCSxDOi5sN1kMyeUphuv12CETHiZh_gFspyaGlYCK2kKrsbvV-tsIk8vSzLoLMQaLnly2nFj4hReEoGJieUw3CUqvsRhuYwxhJ_cqtPByqaa3FVeHAERU_7TBlphu8j9iH8-0cbNiqAKCi3WlCkpxCsKWfZoAkeO5-z7eA1BH_bv3UhAEzoQQQLb9Lxl0ArS6OhdpMetazIOAVP6AQdNpnqdw6bK4YJCYQy7Xy4ag3pbwClzN4loa7gygSVL-TB7aeZZpmTmSxNlimGce3oCPiszyt9UXbM2b2ZGs5ziRZaRk6LhOykXV5i3-gI1HV8FT6GwDmLFt98aX98qyfuOEoOulHXSqtJADg1lqEHp0qoC4_q24Hp4d5NpPqAKJwssCK4RMdF85Yc57rzGVWyebcaCfxdIuE-8r82H-V0iSHktjEULS4Qc1gUl1m0yDsjbIoKpHh-4B2FWhZfbzaAPIhswQ_4aNxTrwzb-pCc71qwtR05L-FpbFsrVql2MLGsmJruzFq8yCHMr1VIvdZXFMwWz_2Yp2slprlXHHah3TFxkdQIBPfKe41jnkjxVZbEG5fwyhJllev0jCZeT0WqO5MTMxQNOl7UgLS9NpkJ9oj4SBHIZ9aBu_pl50kxDpZly5_j4jlUoKPAA2IObdnYwW1p2aIJDIYiDf8ojBtqFkFuXi5DNGTCQf_EjVJL-QLun04EH2IaZSeZ26kuIGAjSMo38H6sWjpeewSgRgVvM4B3WS0h7Hlq4po7OLDW4YexVQ9l24QaB6Mwy3Wsvm-it10XAHAb3hk45xFNijafSGTva1c2toPDqSfSFNau-AmQh2Pdb8RbQrYIsLteSswyAKxf3B_fVU8lAnPpzCp3VjLQSQfds3Jb-d4j7p44zkjfGtzVjvEw56wTnNmOKknC_Rj9sAIwZihDsO5C5iTNdvgAGfrIu6p7SzwM_OZMExELAg_ocmGVcD0gj-3jcYM2yibsF6J05raunMbkWGabhb5Nvh3pPlo__rG9dh9XgZXv026US_woTuZ4CN1OnzwVs8qruRWtoOw0mPjzWNrfhsW5hqK-6VJABd6Q8XuYcryRuASQe4k86vo1DeZToe8r9xQozXmudAEfRVu6wpRha61Dcqwa7cpwJqpkde_YMUQWOZBmlj9_7gcq4hWSB9Uu0Mf39orSqFlp_Xw4eJgPahX1Dz7n9hDph5ptima4Y804lxdHjxzJG2EODPTTQpzJXKmIpdBswYlPxL50v2V5dbyhDUMdCUKMYGvWzXisf2kgzuMJqN09DdslVo0GWGh2mnXhqYouJHIc4lze9PCeV0oq_DkyF6kzGNYxDJjgtxNmOMrIqdBXDIPOelJZc7p8qT2rpXWG-ZGjd_ob8BU8W6zW0bMVdf0N2WthmC_xM8R1Ummsd87vX64_HP27HbyZUjBizoWbf94h9NiMaYzCEzReXHdm-l1V-w7a1ZHNoct3BcyOVAEyq5YxX6ko9k_UAOD1T8mxUFR8qtOSGtleYUHYYDMrivZqwfQ7RuNIp31uaoeqEJ4oRN8yddIE_DMkQKpCZXs1HTmEbfjHNQc_6aInJT52NkBaJF48vxBR1OuBRNWnnJrOmUiHLMdqiOeXpTkWISu2WpI7ZncpCk6nUnfmYng-QNxNDaZyRmsG8ysqZ_W5VG8YRUBz-LPUqxW53x7s9FlQZiWX7vsVRSJsDrnMMxuC8SpNcb2cmLsyvDrxMR1u9p7iuJUyRQ-NhnEQU7MJ7whNtAhDb44TLiSkKDBRxzTQ-7focV_nsX6XvvNjXnIbYMbJSUg8lfsVlNzbb7J6CUqNW-BfiLFkepesfREogBFfiJvZIhHuSRIOX5qXzh2gIIU8MQy3JLakHZmAIwg5dXOgKqld_EJJhpfhVkQdTJ0V9UArsnBZ3O1dz_pmoPMQGt23ZSDHWiBHCRkKIasvpNBCJUmrybVVEMYqx-oqdw4vEOctWIup1ug3mgJITsz_ehGnqxMi6j6kIeT8If0NCNTKWNpfLk83eQvv0zEsFEZCL-MXyW2vc-EqTPIPLmq3WGsf6MdOSUrTdYrA4KXvYONq6fGKDTrMAGtHJPLvEFBuXz2GWI0JtgSnTEbR_UQn6eebEfecTcTWWOieTI3Zx9gXmOf4Rra8rDLREcbOyQvURV0rek0FQBUGvFD8i5SMwiUyY6hQWSy6LPxtpwtiC1gW2FDWUqOc3b3bkUJC9cMfU8Z0aA9v9JuUDZIZhLcaHwvrdHXRx7ah8qcFUn35gCjwVje8YHLjpdn5jq3Mo_gDkbJIYo1X-vD76h71fzjxnguGV89FKIAuundDUeU5VIqLTkTYFA2s6pnkRt7NzrOTRkBL71zSgaldeXcGyf-BFpbDOgsfSFMbrTnZxWC8k6U03HkXuBbbH-eVn5h34nAza3PSzF2WJ2yMlTzVe-XkNw15G1CnEJKBf5fKgY2tldWzkUlJC4sZtKW-E7iNm3RJ1i3EAzPn-BttFXYUkhvBJp-rXWAPYU8KC-FBYdD4f7VffmhRaXJo1IxpIESr3yw0wx4EvZo0oqHt3Oy36JtgJRZolSXQohzxmqPujn358f5G7G9PzoQ118ysh9U8zB439q9Jfv52hvbOAaWLZTVGzVNEeqWqIZ3xgKdQ_gV7AdW2LJzmI8F9Disc35yiOtYRLKcPliwHW2LjVXDn9R8U934qrzxXF3ixACRiW70Bdp4CRu3UnJczFueAj3MMZ-cC9TVSkRSODAW_X_9p1mnIlQYPYKB7jrREq3NMwF02jDpfuA7nI5DKTl7xCzXqtya1UUG55MJgNzRXgD097uGOOmWEjSNekSWhusVPKmcN3_-7XF4UIEHQnIYPJePfcrglNjAiFY0Gm0ZMNJBiujPn7_UauBXNdS2msfq9idEDyvIpeN5F6NeEcaY2tw22VyF6KcJxw&cid=CAQSGwBygQiDES1Dlf7qf8nJDftJeepyC4QbevKCXRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fw1.areturnersmagic.com%2F&ds=l&xdt=1&iif=1&cor=3596113751961143300&adk=1761367587&idt=63&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10fd68a075f02280cfe674fbfbf5bf51d07989d1cc01bc79d74c458a21896603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35501
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9C75 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKHwIu8diAAxlKp42V9zidhuXeOKiDw&u=%7CtIkYEaG2Wq462YMYvKn4NaSl97nJqQKnX%2BazIAhF1Nw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzTE2NRR225S641ULTy2Ib6EgMp2k7UlfBdwdmMcHgDwzbfC3T_CDG9GS1TR0BuJMcVrhPCn0DnXTi_3MIxCYulMRHoFd7tHO-78eqCU12eUENhUpi_652h1HhpExY1RmryPEE9keR756Ws3bGThFAGysq6bNDmg74zCCkQJ24zjNBgfHEdF5Gvs0lKuNvAZVD6NxgcmQnIKmvZyDd4nJwpEgO1zCJg0xdpqD7ws-DdzPJklofTJu600ShVkqA3Rq6KdcqLhKErplb60gAR8VIfGJU59u1i_HwZEmggHY5GeXMtsAE6xoTkhROOwqju0UOBVSRgPwOeuhazb-ClirZ9JuQm3R5-g1_ImUlXRMykFDDyihMlU7QOezMQLvqhC2us7wYCKeuQlZH2QaqFB2aT7VdOfiMvcYSFlvGL0ZQRhkVTGgB_AiF1EGq1TBT9sPvYKLsrXykfx0EkFjOYY4wGn0CJPjiPD_Of7A-LVx8LhWRYUCYYrM_mkeAn83ENmEk_UUYlpPMaxlyS78qj5GFLxVm17svSeGTw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8SUbkfNBZPzQBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0LKedLbIauWa555qn9uIACtliRG3n04NOLrXAlbMEMqAtQWE2QxOLgkM86DZCC2SNvWa3yHKuQIspXneJhlbx9wFpMAP7UNXyqv-3DwzhJslLSroNg4Ak02Dsq3kLmoZ1liKs-ayFPZWrI5bVuah-x1pZ6eI38xA5umzHfl8eKHvCJoxPZc6o0JLCoJW376Ol_e8EpzaIc0dEZbfUxBl-VxP-RLsOjsfnFjeOzZPQNtujReIkz48gLUTuyIItZnD1cHv9pfTRAVnyTxo1jbJIDRMcFvtuFhEBAPLYWeTG0w16OVEYALj9FL7pvp2BIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jX1fhTBVMivYn9rvwQNcikKr9TQ%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6379
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyOO%2BKZU14d8vLtCRUjNZIMkoDUzjugVILACDK0u68RajnymZbkUZO%2B3C2MvZ6cgQ6RwtaqXEUcsyFuB1FrRsLeRDUOvttzGE5l4bRVyBTPDtS9MnG%2FUtXQVOABfgzfeSkGEUx8VZVPgHVM4sGJbIxYW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7bb229f11ec5bbc1-FRA
expires
Wed, 10 Apr 2024 02:23:14 GMT
animejs.js
static.criteo.net/animejs/ Frame 9C75 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKHwIu8diAAxlKp42V9zidhuXeOKiDw&u=%7CtIkYEaG2Wq462YMYvKn4NaSl97nJqQKnX%2BazIAhF1Nw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzTE2NRR225S641ULTy2Ib6EgMp2k7UlfBdwdmMcHgDwzbfC3T_CDG9GS1TR0BuJMcVrhPCn0DnXTi_3MIxCYulMRHoFd7tHO-78eqCU12eUENhUpi_652h1HhpExY1RmryPEE9keR756Ws3bGThFAGysq6bNDmg74zCCkQJ24zjNBgfHEdF5Gvs0lKuNvAZVD6NxgcmQnIKmvZyDd4nJwpEgO1zCJg0xdpqD7ws-DdzPJklofTJu600ShVkqA3Rq6KdcqLhKErplb60gAR8VIfGJU59u1i_HwZEmggHY5GeXMtsAE6xoTkhROOwqju0UOBVSRgPwOeuhazb-ClirZ9JuQm3R5-g1_ImUlXRMykFDDyihMlU7QOezMQLvqhC2us7wYCKeuQlZH2QaqFB2aT7VdOfiMvcYSFlvGL0ZQRhkVTGgB_AiF1EGq1TBT9sPvYKLsrXykfx0EkFjOYY4wGn0CJPjiPD_Of7A-LVx8LhWRYUCYYrM_mkeAn83ENmEk_UUYlpPMaxlyS78qj5GFLxVm17svSeGTw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8SUbkfNBZPzQBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0LKedLbIauWa555qn9uIACtliRG3n04NOLrXAlbMEMqAtQWE2QxOLgkM86DZCC2SNvWa3yHKuQIspXneJhlbx9wFpMAP7UNXyqv-3DwzhJslLSroNg4Ak02Dsq3kLmoZ1liKs-ayFPZWrI5bVuah-x1pZ6eI38xA5umzHfl8eKHvCJoxPZc6o0JLCoJW376Ol_e8EpzaIc0dEZbfUxBl-VxP-RLsOjsfnFjeOzZPQNtujReIkz48gLUTuyIItZnD1cHv9pfTRAVnyTxo1jbJIDRMcFvtuFhEBAPLYWeTG0w16OVEYALj9FL7pvp2BIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jX1fhTBVMivYn9rvwQNcikKr9TQ%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Apr 2024 02:23:14 GMT
all
csm.eu.criteo.net/ Frame 3DB1 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=0qrqdjdFoKZbJS8vioaN9exXp76iolGYk-9xcyIpiUQVkQ5JzriySayEq2g-GG7IIt4dmOZXDk3lZAFZQA7Vc5-8gPZPU42Xd_upWmExoVfKI0PSPfmXa2ZYFK15Ncn5ZKuupptKrVANMkG9_a0B7vVPbjQVVq7ELejZtNKUvr1sZXGHbGRIDkcjF3nUVqj2ciUclyAKMZA1f9nbvHFeoY3n_vog5NYYsulW5XPQ6E8ncwIlq-ucApq5zV0&sds=2&rev=85950&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKH0Iu8diAAxlKuTllHD5cOwiWpRbvg&u=%7CtIkYEaG2Wq60sl9QSEAvQs8bverFEI8a%2BEjHxbJZOgg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZRf8mSY4s2yWA5MNWkuH4PeE7RdvetCqi7EDrRBFmb6r5P8n-YIKZnOHr1GxItlzLHs9zOcRNoX4rJApB7EIjDjv-T7glT0CmWaIaNTUxudn5KnJbCNLC17R6PtMVpr0T3f0Ggs6hmYbhvcVS4By9jIp5HWV_yWA2fIPr84RPRBQris7OP-EKzjgc4mtpUxhsJ5hKFDVXH_PoHFgL0U6f0ZV2GeRqUEUqsXEcpwVK9QgUsrR-2VRsqZtzrlM2iCE09NzB4F_r7GbwS8uH3UWdxGQXIdomXeoknSBX_JgbWSuKikadZcKb90_F4TK82lq7nv9OhTnfkjKkioXacTf5mK1fNlQ0lijk-rZZYP7vX8ueoQ20Y_bEPX59rVPEPbif9M4ZySXtnZxNw-wsVzeTBgKvVsI4y4h6khFDAg59YDHOw0v0dql0S1t8ZRtIgrzKdY1VUbs8UyskHn_7RUDjqp_M1Tx52SWDkbPM1MeweTmtztVA1gybWwZd8Z7qSg6PLGXxc0wl-Bh3L83H1Sqc9hy1lNZOM1eWw5MauvxEj3Mga7jVgBDOYGLpVvKDK_b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv9clkfNBZP3QBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0EoHRX-nJraqGUiw7fyfYdKQmoZoSTmO7PyC3Rvof5js3JP8RBscvzNZzeQWGwdlSrIA4vlkwFTEPXN7OzMRkKF2bLKFwVssjAC80b48tozfOgjdelSItTxHbMbF3cRuWZtwAyNqqNj14Q6J__yBsx1K400SNQO7BOXtLLTgLvVUew0eNdKhA61DKtv-FU6cYtDS0eCrFmfWYnR2MRaCXx0kxPLM7Cfuljl1c8WsOcskP-pTKtS65Wj8bb2NrDFSrqmW6qFS-VSHYCGEfqUEs1VDJWwY5yixzhgrb6ChlQD6x7MdLuiDTMLPttIIH4AGq5-pzdqi4vUnoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Vql2FLY0mV8F3ffHjS-ydVyuvrA%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 21 Apr 2023 02:23:13 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3DB1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKH0Iu8diAAxlKuTllHD5cOwiWpRbvg&u=%7CtIkYEaG2Wq60sl9QSEAvQs8bverFEI8a%2BEjHxbJZOgg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZRf8mSY4s2yWA5MNWkuH4PeE7RdvetCqi7EDrRBFmb6r5P8n-YIKZnOHr1GxItlzLHs9zOcRNoX4rJApB7EIjDjv-T7glT0CmWaIaNTUxudn5KnJbCNLC17R6PtMVpr0T3f0Ggs6hmYbhvcVS4By9jIp5HWV_yWA2fIPr84RPRBQris7OP-EKzjgc4mtpUxhsJ5hKFDVXH_PoHFgL0U6f0ZV2GeRqUEUqsXEcpwVK9QgUsrR-2VRsqZtzrlM2iCE09NzB4F_r7GbwS8uH3UWdxGQXIdomXeoknSBX_JgbWSuKikadZcKb90_F4TK82lq7nv9OhTnfkjKkioXacTf5mK1fNlQ0lijk-rZZYP7vX8ueoQ20Y_bEPX59rVPEPbif9M4ZySXtnZxNw-wsVzeTBgKvVsI4y4h6khFDAg59YDHOw0v0dql0S1t8ZRtIgrzKdY1VUbs8UyskHn_7RUDjqp_M1Tx52SWDkbPM1MeweTmtztVA1gybWwZd8Z7qSg6PLGXxc0wl-Bh3L83H1Sqc9hy1lNZOM1eWw5MauvxEj3Mga7jVgBDOYGLpVvKDK_b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv9clkfNBZP3QBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0EoHRX-nJraqGUiw7fyfYdKQmoZoSTmO7PyC3Rvof5js3JP8RBscvzNZzeQWGwdlSrIA4vlkwFTEPXN7OzMRkKF2bLKFwVssjAC80b48tozfOgjdelSItTxHbMbF3cRuWZtwAyNqqNj14Q6J__yBsx1K400SNQO7BOXtLLTgLvVUew0eNdKhA61DKtv-FU6cYtDS0eCrFmfWYnR2MRaCXx0kxPLM7Cfuljl1c8WsOcskP-pTKtS65Wj8bb2NrDFSrqmW6qFS-VSHYCGEfqUEs1VDJWwY5yixzhgrb6ChlQD6x7MdLuiDTMLPttIIH4AGq5-pzdqi4vUnoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Vql2FLY0mV8F3ffHjS-ydVyuvrA%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Apr 2024 02:23:14 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3DB1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKH0Iu8diAAxlKuTllHD5cOwiWpRbvg&u=%7CtIkYEaG2Wq60sl9QSEAvQs8bverFEI8a%2BEjHxbJZOgg%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZRf8mSY4s2yWA5MNWkuH4PeE7RdvetCqi7EDrRBFmb6r5P8n-YIKZnOHr1GxItlzLHs9zOcRNoX4rJApB7EIjDjv-T7glT0CmWaIaNTUxudn5KnJbCNLC17R6PtMVpr0T3f0Ggs6hmYbhvcVS4By9jIp5HWV_yWA2fIPr84RPRBQris7OP-EKzjgc4mtpUxhsJ5hKFDVXH_PoHFgL0U6f0ZV2GeRqUEUqsXEcpwVK9QgUsrR-2VRsqZtzrlM2iCE09NzB4F_r7GbwS8uH3UWdxGQXIdomXeoknSBX_JgbWSuKikadZcKb90_F4TK82lq7nv9OhTnfkjKkioXacTf5mK1fNlQ0lijk-rZZYP7vX8ueoQ20Y_bEPX59rVPEPbif9M4ZySXtnZxNw-wsVzeTBgKvVsI4y4h6khFDAg59YDHOw0v0dql0S1t8ZRtIgrzKdY1VUbs8UyskHn_7RUDjqp_M1Tx52SWDkbPM1MeweTmtztVA1gybWwZd8Z7qSg6PLGXxc0wl-Bh3L83H1Sqc9hy1lNZOM1eWw5MauvxEj3Mga7jVgBDOYGLpVvKDK_b&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCv9clkfNBZP3QBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0EoHRX-nJraqGUiw7fyfYdKQmoZoSTmO7PyC3Rvof5js3JP8RBscvzNZzeQWGwdlSrIA4vlkwFTEPXN7OzMRkKF2bLKFwVssjAC80b48tozfOgjdelSItTxHbMbF3cRuWZtwAyNqqNj14Q6J__yBsx1K400SNQO7BOXtLLTgLvVUew0eNdKhA61DKtv-FU6cYtDS0eCrFmfWYnR2MRaCXx0kxPLM7Cfuljl1c8WsOcskP-pTKtS65Wj8bb2NrDFSrqmW6qFS-VSHYCGEfqUEs1VDJWwY5yixzhgrb6ChlQD6x7MdLuiDTMLPttIIH4AGq5-pzdqi4vUnoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Vql2FLY0mV8F3ffHjS-ydVyuvrA%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Apr 2024 02:23:14 GMT
all
csm.eu.criteo.net/ Frame 9C75 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=DyC04jdFoKZbJS8vH9nd0NeyvV_VTWBKLXe4n_-H6d0lxUbqFylwFadfTkAwFFEhBdJaSK0_zN-ZAXjsx5YzQMQaMBlrZ5ikxw09SKSwUO7gI6T4ZzihEUg8zrNIT5eKv3ogf8KeAp2s-EI1DBinFC2wVYdtMVy2mLU10A_aF5qtDjgbOlhhejLSDGBx7Vis-rOOyiH4xQE2kO_TmzOC45gOvld8Fus1XEtG3uNcEfMIc-I-GEVIecqp_tjnn3ivg1GckA&sds=2&rev=85950&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKHwIu8diAAxlKp42V9zidhuXeOKiDw&u=%7CtIkYEaG2Wq462YMYvKn4NaSl97nJqQKnX%2BazIAhF1Nw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzTE2NRR225S641ULTy2Ib6EgMp2k7UlfBdwdmMcHgDwzbfC3T_CDG9GS1TR0BuJMcVrhPCn0DnXTi_3MIxCYulMRHoFd7tHO-78eqCU12eUENhUpi_652h1HhpExY1RmryPEE9keR756Ws3bGThFAGysq6bNDmg74zCCkQJ24zjNBgfHEdF5Gvs0lKuNvAZVD6NxgcmQnIKmvZyDd4nJwpEgO1zCJg0xdpqD7ws-DdzPJklofTJu600ShVkqA3Rq6KdcqLhKErplb60gAR8VIfGJU59u1i_HwZEmggHY5GeXMtsAE6xoTkhROOwqju0UOBVSRgPwOeuhazb-ClirZ9JuQm3R5-g1_ImUlXRMykFDDyihMlU7QOezMQLvqhC2us7wYCKeuQlZH2QaqFB2aT7VdOfiMvcYSFlvGL0ZQRhkVTGgB_AiF1EGq1TBT9sPvYKLsrXykfx0EkFjOYY4wGn0CJPjiPD_Of7A-LVx8LhWRYUCYYrM_mkeAn83ENmEk_UUYlpPMaxlyS78qj5GFLxVm17svSeGTw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8SUbkfNBZPzQBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0LKedLbIauWa555qn9uIACtliRG3n04NOLrXAlbMEMqAtQWE2QxOLgkM86DZCC2SNvWa3yHKuQIspXneJhlbx9wFpMAP7UNXyqv-3DwzhJslLSroNg4Ak02Dsq3kLmoZ1liKs-ayFPZWrI5bVuah-x1pZ6eI38xA5umzHfl8eKHvCJoxPZc6o0JLCoJW376Ol_e8EpzaIc0dEZbfUxBl-VxP-RLsOjsfnFjeOzZPQNtujReIkz48gLUTuyIItZnD1cHv9pfTRAVnyTxo1jbJIDRMcFvtuFhEBAPLYWeTG0w16OVEYALj9FL7pvp2BIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jX1fhTBVMivYn9rvwQNcikKr9TQ%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 21 Apr 2023 02:23:13 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9C75 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKHwIu8diAAxlKp42V9zidhuXeOKiDw&u=%7CtIkYEaG2Wq462YMYvKn4NaSl97nJqQKnX%2BazIAhF1Nw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzTE2NRR225S641ULTy2Ib6EgMp2k7UlfBdwdmMcHgDwzbfC3T_CDG9GS1TR0BuJMcVrhPCn0DnXTi_3MIxCYulMRHoFd7tHO-78eqCU12eUENhUpi_652h1HhpExY1RmryPEE9keR756Ws3bGThFAGysq6bNDmg74zCCkQJ24zjNBgfHEdF5Gvs0lKuNvAZVD6NxgcmQnIKmvZyDd4nJwpEgO1zCJg0xdpqD7ws-DdzPJklofTJu600ShVkqA3Rq6KdcqLhKErplb60gAR8VIfGJU59u1i_HwZEmggHY5GeXMtsAE6xoTkhROOwqju0UOBVSRgPwOeuhazb-ClirZ9JuQm3R5-g1_ImUlXRMykFDDyihMlU7QOezMQLvqhC2us7wYCKeuQlZH2QaqFB2aT7VdOfiMvcYSFlvGL0ZQRhkVTGgB_AiF1EGq1TBT9sPvYKLsrXykfx0EkFjOYY4wGn0CJPjiPD_Of7A-LVx8LhWRYUCYYrM_mkeAn83ENmEk_UUYlpPMaxlyS78qj5GFLxVm17svSeGTw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8SUbkfNBZPzQBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0LKedLbIauWa555qn9uIACtliRG3n04NOLrXAlbMEMqAtQWE2QxOLgkM86DZCC2SNvWa3yHKuQIspXneJhlbx9wFpMAP7UNXyqv-3DwzhJslLSroNg4Ak02Dsq3kLmoZ1liKs-ayFPZWrI5bVuah-x1pZ6eI38xA5umzHfl8eKHvCJoxPZc6o0JLCoJW376Ol_e8EpzaIc0dEZbfUxBl-VxP-RLsOjsfnFjeOzZPQNtujReIkz48gLUTuyIItZnD1cHv9pfTRAVnyTxo1jbJIDRMcFvtuFhEBAPLYWeTG0w16OVEYALj9FL7pvp2BIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jX1fhTBVMivYn9rvwQNcikKr9TQ%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Apr 2024 02:23:14 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9C75 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKHwIu8diAAxlKp42V9zidhuXeOKiDw&u=%7CtIkYEaG2Wq462YMYvKn4NaSl97nJqQKnX%2BazIAhF1Nw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzTE2NRR225S641ULTy2Ib6EgMp2k7UlfBdwdmMcHgDwzbfC3T_CDG9GS1TR0BuJMcVrhPCn0DnXTi_3MIxCYulMRHoFd7tHO-78eqCU12eUENhUpi_652h1HhpExY1RmryPEE9keR756Ws3bGThFAGysq6bNDmg74zCCkQJ24zjNBgfHEdF5Gvs0lKuNvAZVD6NxgcmQnIKmvZyDd4nJwpEgO1zCJg0xdpqD7ws-DdzPJklofTJu600ShVkqA3Rq6KdcqLhKErplb60gAR8VIfGJU59u1i_HwZEmggHY5GeXMtsAE6xoTkhROOwqju0UOBVSRgPwOeuhazb-ClirZ9JuQm3R5-g1_ImUlXRMykFDDyihMlU7QOezMQLvqhC2us7wYCKeuQlZH2QaqFB2aT7VdOfiMvcYSFlvGL0ZQRhkVTGgB_AiF1EGq1TBT9sPvYKLsrXykfx0EkFjOYY4wGn0CJPjiPD_Of7A-LVx8LhWRYUCYYrM_mkeAn83ENmEk_UUYlpPMaxlyS78qj5GFLxVm17svSeGTw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8SUbkfNBZPzQBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0LKedLbIauWa555qn9uIACtliRG3n04NOLrXAlbMEMqAtQWE2QxOLgkM86DZCC2SNvWa3yHKuQIspXneJhlbx9wFpMAP7UNXyqv-3DwzhJslLSroNg4Ak02Dsq3kLmoZ1liKs-ayFPZWrI5bVuah-x1pZ6eI38xA5umzHfl8eKHvCJoxPZc6o0JLCoJW376Ol_e8EpzaIc0dEZbfUxBl-VxP-RLsOjsfnFjeOzZPQNtujReIkz48gLUTuyIItZnD1cHv9pfTRAVnyTxo1jbJIDRMcFvtuFhEBAPLYWeTG0w16OVEYALj9FL7pvp2BIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jX1fhTBVMivYn9rvwQNcikKr9TQ%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Apr 2024 02:23:14 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
636
etag
W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7bb229f1fbbc9a3f-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 24 Apr 2023 02:23:14 GMT
prebid-2023-03-22.js
cdn.prplads.com/ Frame 5D70 		366 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prplads.com/prebid-2023-03-22.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d7d916b7239c63396df3f758d766f2f186687af57b02d9af7b05bdcd1ffbbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
J1RBWE1AGY0XZ3ZC
age
1776
cf-polished
origSize=375127
x-amz-id-2
6MBsab+ThbNhaldBOj6tQ/kh1peBHVckQr5/gXCqj3JdULuTlXQv/cY2RjffzzN1JoofrGWCQzM=
cf-bgj
minify
last-modified
Wed, 22 Mar 2023 16:08:32 GMT
server
cloudflare
etag
W/"99f3c3ccaab6ea63fe6fdc9617e04981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLLtdkGKKFFZYaqgkNpgqdjXnRv7AqOrPeF6cf5p4818l9nrW6QYdmdGaAbSB1Vssx%2F%2BqNU4N2AKHeeMyx5OWVLJEWde7SWBrU94ZG%2BV6kAVODmm3K%2BfNxleY6qWEr3hgUAbZvBnOCh1aig3UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1209600
cf-ray
7bb229f30f759150-FRA
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 65A0 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60961
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Apr 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame 65A0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dy1GQ11L5scwV1EenVhj807mtTciF5g3BEZp29Q9EqOSqUTIMOW0idaxW3DwLewzD4xlsigderT-2Wcq74NL9uvi7ZVCboRLkBkvBzkYvmmKI07Sj5Xkwue1FcaYMzrh2NpEceZpc_V8XD4GVfmSDlhf3gllqTdtCzK56Y9SdDPyQqlHM&cry=1&dbm_d=AKAmf-DGvuIqEMY-Daw-0Bd18b3k5nVVtMkphczakc_gkWaTLv4aEB82LO1tJl9n6-gURbC9qmUG9uOKkNyydEEStSnc2498oIt6EpUJozKOB4fiye8ivKHFGrIZt5zVCpuAZm9NiSZpxVNNOG_M4sZhQVjenhGYc4gEWuS4DyEV92l20_GibH5o69yd0yw1VEOb351-097D49_ns64YftEYaR-L-XfnwJB8SvBJWEyxFTeBKOG5q-Hy4_Mux38d36CjJ-hjzjpgE8S49c9QNB4p2k4sszAgLqQg40RICZS_D2TorR_w65M0MeVnHYgfiPaqQxBs8RySqRBrhZoWs0O_9x4UNQ3sjSRCbf--ikO3Kl9LkKl901XLPZSDpelymY-Y9fp0nwYagxks8L0OI7_NuYYheq4ChYJrk-SuGbACIaGOFz_wnT-0ZYaeB_GktghEArcopbTkp4Mu2xPSLSgB_8eaosbB_QGpny8RFfctNy5AL9ngTl4N2AdG4w6271Vh7ckyaueCLbPF7CCTUd-gp-kJd3id-fnisoW41zsMb4BeFQkhMDj8E4zaSU_yQxknnKOnvI079LnsmPIXlLKOzvddhAwiNnEIJtIgDqoa7gJCSxDOi5sN1kMyeUphuv12CETHiZh_gFspyaGlYCK2kKrsbvV-tsIk8vSzLoLMQaLnly2nFj4hReEoGJieUw3CUqvsRhuYwxhJ_cqtPByqaa3FVeHAERU_7TBlphu8j9iH8-0cbNiqAKCi3WlCkpxCsKWfZoAkeO5-z7eA1BH_bv3UhAEzoQQQLb9Lxl0ArS6OhdpMetazIOAVP6AQdNpnqdw6bK4YJCYQy7Xy4ag3pbwClzN4loa7gygSVL-TB7aeZZpmTmSxNlimGce3oCPiszyt9UXbM2b2ZGs5ziRZaRk6LhOykXV5i3-gI1HV8FT6GwDmLFt98aX98qyfuOEoOulHXSqtJADg1lqEHp0qoC4_q24Hp4d5NpPqAKJwssCK4RMdF85Yc57rzGVWyebcaCfxdIuE-8r82H-V0iSHktjEULS4Qc1gUl1m0yDsjbIoKpHh-4B2FWhZfbzaAPIhswQ_4aNxTrwzb-pCc71qwtR05L-FpbFsrVql2MLGsmJruzFq8yCHMr1VIvdZXFMwWz_2Yp2slprlXHHah3TFxkdQIBPfKe41jnkjxVZbEG5fwyhJllev0jCZeT0WqO5MTMxQNOl7UgLS9NpkJ9oj4SBHIZ9aBu_pl50kxDpZly5_j4jlUoKPAA2IObdnYwW1p2aIJDIYiDf8ojBtqFkFuXi5DNGTCQf_EjVJL-QLun04EH2IaZSeZ26kuIGAjSMo38H6sWjpeewSgRgVvM4B3WS0h7Hlq4po7OLDW4YexVQ9l24QaB6Mwy3Wsvm-it10XAHAb3hk45xFNijafSGTva1c2toPDqSfSFNau-AmQh2Pdb8RbQrYIsLteSswyAKxf3B_fVU8lAnPpzCp3VjLQSQfds3Jb-d4j7p44zkjfGtzVjvEw56wTnNmOKknC_Rj9sAIwZihDsO5C5iTNdvgAGfrIu6p7SzwM_OZMExELAg_ocmGVcD0gj-3jcYM2yibsF6J05raunMbkWGabhb5Nvh3pPlo__rG9dh9XgZXv026US_woTuZ4CN1OnzwVs8qruRWtoOw0mPjzWNrfhsW5hqK-6VJABd6Q8XuYcryRuASQe4k86vo1DeZToe8r9xQozXmudAEfRVu6wpRha61Dcqwa7cpwJqpkde_YMUQWOZBmlj9_7gcq4hWSB9Uu0Mf39orSqFlp_Xw4eJgPahX1Dz7n9hDph5ptima4Y804lxdHjxzJG2EODPTTQpzJXKmIpdBswYlPxL50v2V5dbyhDUMdCUKMYGvWzXisf2kgzuMJqN09DdslVo0GWGh2mnXhqYouJHIc4lze9PCeV0oq_DkyF6kzGNYxDJjgtxNmOMrIqdBXDIPOelJZc7p8qT2rpXWG-ZGjd_ob8BU8W6zW0bMVdf0N2WthmC_xM8R1Ummsd87vX64_HP27HbyZUjBizoWbf94h9NiMaYzCEzReXHdm-l1V-w7a1ZHNoct3BcyOVAEyq5YxX6ko9k_UAOD1T8mxUFR8qtOSGtleYUHYYDMrivZqwfQ7RuNIp31uaoeqEJ4oRN8yddIE_DMkQKpCZXs1HTmEbfjHNQc_6aInJT52NkBaJF48vxBR1OuBRNWnnJrOmUiHLMdqiOeXpTkWISu2WpI7ZncpCk6nUnfmYng-QNxNDaZyRmsG8ysqZ_W5VG8YRUBz-LPUqxW53x7s9FlQZiWX7vsVRSJsDrnMMxuC8SpNcb2cmLsyvDrxMR1u9p7iuJUyRQ-NhnEQU7MJ7whNtAhDb44TLiSkKDBRxzTQ-7focV_nsX6XvvNjXnIbYMbJSUg8lfsVlNzbb7J6CUqNW-BfiLFkepesfREogBFfiJvZIhHuSRIOX5qXzh2gIIU8MQy3JLakHZmAIwg5dXOgKqld_EJJhpfhVkQdTJ0V9UArsnBZ3O1dz_pmoPMQGt23ZSDHWiBHCRkKIasvpNBCJUmrybVVEMYqx-oqdw4vEOctWIup1ug3mgJITsz_ehGnqxMi6j6kIeT8If0NCNTKWNpfLk83eQvv0zEsFEZCL-MXyW2vc-EqTPIPLmq3WGsf6MdOSUrTdYrA4KXvYONq6fGKDTrMAGtHJPLvEFBuXz2GWI0JtgSnTEbR_UQn6eebEfecTcTWWOieTI3Zx9gXmOf4Rra8rDLREcbOyQvURV0rek0FQBUGvFD8i5SMwiUyY6hQWSy6LPxtpwtiC1gW2FDWUqOc3b3bkUJC9cMfU8Z0aA9v9JuUDZIZhLcaHwvrdHXRx7ah8qcFUn35gCjwVje8YHLjpdn5jq3Mo_gDkbJIYo1X-vD76h71fzjxnguGV89FKIAuundDUeU5VIqLTkTYFA2s6pnkRt7NzrOTRkBL71zSgaldeXcGyf-BFpbDOgsfSFMbrTnZxWC8k6U03HkXuBbbH-eVn5h34nAza3PSzF2WJ2yMlTzVe-XkNw15G1CnEJKBf5fKgY2tldWzkUlJC4sZtKW-E7iNm3RJ1i3EAzPn-BttFXYUkhvBJp-rXWAPYU8KC-FBYdD4f7VffmhRaXJo1IxpIESr3yw0wx4EvZo0oqHt3Oy36JtgJRZolSXQohzxmqPujn358f5G7G9PzoQ118ysh9U8zB439q9Jfv52hvbOAaWLZTVGzVNEeqWqIZ3xgKdQ_gV7AdW2LJzmI8F9Disc35yiOtYRLKcPliwHW2LjVXDn9R8U934qrzxXF3ixACRiW70Bdp4CRu3UnJczFueAj3MMZ-cC9TVSkRSODAW_X_9p1mnIlQYPYKB7jrREq3NMwF02jDpfuA7nI5DKTl7xCzXqtya1UUG55MJgNzRXgD097uGOOmWEjSNekSWhusVPKmcN3_-7XF4UIEHQnIYPJePfcrglNjAiFY0Gm0ZMNJBiujPn7_UauBXNdS2msfq9idEDyvIpeN5F6NeEcaY2tw22VyF6KcJxw&cid=CAQSGwBygQiDES1Dlf7qf8nJDftJeepyC4QbevKCXRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fw1.areturnersmagic.com%2F&ds=l&xdt=1&iif=1&cor=3596113751961143300&adk=1761367587&idt=63&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 16:58:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
33907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4123
x-xss-protection
0
server
cafe
etag
4541610132340792384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 16:58:07 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 65A0 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dy1GQ11L5scwV1EenVhj807mtTciF5g3BEZp29Q9EqOSqUTIMOW0idaxW3DwLewzD4xlsigderT-2Wcq74NL9uvi7ZVCboRLkBkvBzkYvmmKI07Sj5Xkwue1FcaYMzrh2NpEceZpc_V8XD4GVfmSDlhf3gllqTdtCzK56Y9SdDPyQqlHM&cry=1&dbm_d=AKAmf-DGvuIqEMY-Daw-0Bd18b3k5nVVtMkphczakc_gkWaTLv4aEB82LO1tJl9n6-gURbC9qmUG9uOKkNyydEEStSnc2498oIt6EpUJozKOB4fiye8ivKHFGrIZt5zVCpuAZm9NiSZpxVNNOG_M4sZhQVjenhGYc4gEWuS4DyEV92l20_GibH5o69yd0yw1VEOb351-097D49_ns64YftEYaR-L-XfnwJB8SvBJWEyxFTeBKOG5q-Hy4_Mux38d36CjJ-hjzjpgE8S49c9QNB4p2k4sszAgLqQg40RICZS_D2TorR_w65M0MeVnHYgfiPaqQxBs8RySqRBrhZoWs0O_9x4UNQ3sjSRCbf--ikO3Kl9LkKl901XLPZSDpelymY-Y9fp0nwYagxks8L0OI7_NuYYheq4ChYJrk-SuGbACIaGOFz_wnT-0ZYaeB_GktghEArcopbTkp4Mu2xPSLSgB_8eaosbB_QGpny8RFfctNy5AL9ngTl4N2AdG4w6271Vh7ckyaueCLbPF7CCTUd-gp-kJd3id-fnisoW41zsMb4BeFQkhMDj8E4zaSU_yQxknnKOnvI079LnsmPIXlLKOzvddhAwiNnEIJtIgDqoa7gJCSxDOi5sN1kMyeUphuv12CETHiZh_gFspyaGlYCK2kKrsbvV-tsIk8vSzLoLMQaLnly2nFj4hReEoGJieUw3CUqvsRhuYwxhJ_cqtPByqaa3FVeHAERU_7TBlphu8j9iH8-0cbNiqAKCi3WlCkpxCsKWfZoAkeO5-z7eA1BH_bv3UhAEzoQQQLb9Lxl0ArS6OhdpMetazIOAVP6AQdNpnqdw6bK4YJCYQy7Xy4ag3pbwClzN4loa7gygSVL-TB7aeZZpmTmSxNlimGce3oCPiszyt9UXbM2b2ZGs5ziRZaRk6LhOykXV5i3-gI1HV8FT6GwDmLFt98aX98qyfuOEoOulHXSqtJADg1lqEHp0qoC4_q24Hp4d5NpPqAKJwssCK4RMdF85Yc57rzGVWyebcaCfxdIuE-8r82H-V0iSHktjEULS4Qc1gUl1m0yDsjbIoKpHh-4B2FWhZfbzaAPIhswQ_4aNxTrwzb-pCc71qwtR05L-FpbFsrVql2MLGsmJruzFq8yCHMr1VIvdZXFMwWz_2Yp2slprlXHHah3TFxkdQIBPfKe41jnkjxVZbEG5fwyhJllev0jCZeT0WqO5MTMxQNOl7UgLS9NpkJ9oj4SBHIZ9aBu_pl50kxDpZly5_j4jlUoKPAA2IObdnYwW1p2aIJDIYiDf8ojBtqFkFuXi5DNGTCQf_EjVJL-QLun04EH2IaZSeZ26kuIGAjSMo38H6sWjpeewSgRgVvM4B3WS0h7Hlq4po7OLDW4YexVQ9l24QaB6Mwy3Wsvm-it10XAHAb3hk45xFNijafSGTva1c2toPDqSfSFNau-AmQh2Pdb8RbQrYIsLteSswyAKxf3B_fVU8lAnPpzCp3VjLQSQfds3Jb-d4j7p44zkjfGtzVjvEw56wTnNmOKknC_Rj9sAIwZihDsO5C5iTNdvgAGfrIu6p7SzwM_OZMExELAg_ocmGVcD0gj-3jcYM2yibsF6J05raunMbkWGabhb5Nvh3pPlo__rG9dh9XgZXv026US_woTuZ4CN1OnzwVs8qruRWtoOw0mPjzWNrfhsW5hqK-6VJABd6Q8XuYcryRuASQe4k86vo1DeZToe8r9xQozXmudAEfRVu6wpRha61Dcqwa7cpwJqpkde_YMUQWOZBmlj9_7gcq4hWSB9Uu0Mf39orSqFlp_Xw4eJgPahX1Dz7n9hDph5ptima4Y804lxdHjxzJG2EODPTTQpzJXKmIpdBswYlPxL50v2V5dbyhDUMdCUKMYGvWzXisf2kgzuMJqN09DdslVo0GWGh2mnXhqYouJHIc4lze9PCeV0oq_DkyF6kzGNYxDJjgtxNmOMrIqdBXDIPOelJZc7p8qT2rpXWG-ZGjd_ob8BU8W6zW0bMVdf0N2WthmC_xM8R1Ummsd87vX64_HP27HbyZUjBizoWbf94h9NiMaYzCEzReXHdm-l1V-w7a1ZHNoct3BcyOVAEyq5YxX6ko9k_UAOD1T8mxUFR8qtOSGtleYUHYYDMrivZqwfQ7RuNIp31uaoeqEJ4oRN8yddIE_DMkQKpCZXs1HTmEbfjHNQc_6aInJT52NkBaJF48vxBR1OuBRNWnnJrOmUiHLMdqiOeXpTkWISu2WpI7ZncpCk6nUnfmYng-QNxNDaZyRmsG8ysqZ_W5VG8YRUBz-LPUqxW53x7s9FlQZiWX7vsVRSJsDrnMMxuC8SpNcb2cmLsyvDrxMR1u9p7iuJUyRQ-NhnEQU7MJ7whNtAhDb44TLiSkKDBRxzTQ-7focV_nsX6XvvNjXnIbYMbJSUg8lfsVlNzbb7J6CUqNW-BfiLFkepesfREogBFfiJvZIhHuSRIOX5qXzh2gIIU8MQy3JLakHZmAIwg5dXOgKqld_EJJhpfhVkQdTJ0V9UArsnBZ3O1dz_pmoPMQGt23ZSDHWiBHCRkKIasvpNBCJUmrybVVEMYqx-oqdw4vEOctWIup1ug3mgJITsz_ehGnqxMi6j6kIeT8If0NCNTKWNpfLk83eQvv0zEsFEZCL-MXyW2vc-EqTPIPLmq3WGsf6MdOSUrTdYrA4KXvYONq6fGKDTrMAGtHJPLvEFBuXz2GWI0JtgSnTEbR_UQn6eebEfecTcTWWOieTI3Zx9gXmOf4Rra8rDLREcbOyQvURV0rek0FQBUGvFD8i5SMwiUyY6hQWSy6LPxtpwtiC1gW2FDWUqOc3b3bkUJC9cMfU8Z0aA9v9JuUDZIZhLcaHwvrdHXRx7ah8qcFUn35gCjwVje8YHLjpdn5jq3Mo_gDkbJIYo1X-vD76h71fzjxnguGV89FKIAuundDUeU5VIqLTkTYFA2s6pnkRt7NzrOTRkBL71zSgaldeXcGyf-BFpbDOgsfSFMbrTnZxWC8k6U03HkXuBbbH-eVn5h34nAza3PSzF2WJ2yMlTzVe-XkNw15G1CnEJKBf5fKgY2tldWzkUlJC4sZtKW-E7iNm3RJ1i3EAzPn-BttFXYUkhvBJp-rXWAPYU8KC-FBYdD4f7VffmhRaXJo1IxpIESr3yw0wx4EvZo0oqHt3Oy36JtgJRZolSXQohzxmqPujn358f5G7G9PzoQ118ysh9U8zB439q9Jfv52hvbOAaWLZTVGzVNEeqWqIZ3xgKdQ_gV7AdW2LJzmI8F9Disc35yiOtYRLKcPliwHW2LjVXDn9R8U934qrzxXF3ixACRiW70Bdp4CRu3UnJczFueAj3MMZ-cC9TVSkRSODAW_X_9p1mnIlQYPYKB7jrREq3NMwF02jDpfuA7nI5DKTl7xCzXqtya1UUG55MJgNzRXgD097uGOOmWEjSNekSWhusVPKmcN3_-7XF4UIEHQnIYPJePfcrglNjAiFY0Gm0ZMNJBiujPn7_UauBXNdS2msfq9idEDyvIpeN5F6NeEcaY2tw22VyF6KcJxw&cid=CAQSGwBygQiDES1Dlf7qf8nJDftJeepyC4QbevKCXRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fw1.areturnersmagic.com%2F&ds=l&xdt=1&iif=1&cor=3596113751961143300&adk=1761367587&idt=63&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
84177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10768
x-xss-protection
0
server
cafe
etag
11141491900784070631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 May 2023 03:00:17 GMT
montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame 3DB1 		2 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7e-675"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Apr 2024 02:23:14 GMT
montserrat-700.css
static.criteo.net/design/googlefont/montserrat/ Frame 3DB1 		2 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:55 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7f-675"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Apr 2024 02:23:14 GMT
prebid-2023-03-22.js
cdn.prplads.com/ Frame EC78 		366 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prplads.com/prebid-2023-03-22.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d7d916b7239c63396df3f758d766f2f186687af57b02d9af7b05bdcd1ffbbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
J1RBWE1AGY0XZ3ZC
age
1776
cf-polished
origSize=375127
x-amz-id-2
6MBsab+ThbNhaldBOj6tQ/kh1peBHVckQr5/gXCqj3JdULuTlXQv/cY2RjffzzN1JoofrGWCQzM=
cf-bgj
minify
last-modified
Wed, 22 Mar 2023 16:08:32 GMT
server
cloudflare
etag
W/"99f3c3ccaab6ea63fe6fdc9617e04981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZ17Y4y5Jo8veiLmeR4FKfdQ%2FlgVvbuG6gdjvQ4zm9Ibq9IurqSBf2VjIpNxK9COfR0IwAGU03ld%2F3k%2BNF1K95U5i9%2BKaRNVgz5erUyD%2F503xK6bqpkZS%2BRBu6j9Wq0N1QDrv8SWjHp3tSBy2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1209600
cf-ray
7bb229f388269150-FRA
ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 9C75 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZEHzkQABKHwIu8diAAxlKp42V9zidhuXeOKiDw&u=%7CtIkYEaG2Wq462YMYvKn4NaSl97nJqQKnX%2BazIAhF1Nw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2zoTQRGf6zTEz1SHTygELQD3gw2w7PS2jzTE2NRR225S641ULTy2Ib6EgMp2k7UlfBdwdmMcHgDwzbfC3T_CDG9GS1TR0BuJMcVrhPCn0DnXTi_3MIxCYulMRHoFd7tHO-78eqCU12eUENhUpi_652h1HhpExY1RmryPEE9keR756Ws3bGThFAGysq6bNDmg74zCCkQJ24zjNBgfHEdF5Gvs0lKuNvAZVD6NxgcmQnIKmvZyDd4nJwpEgO1zCJg0xdpqD7ws-DdzPJklofTJu600ShVkqA3Rq6KdcqLhKErplb60gAR8VIfGJU59u1i_HwZEmggHY5GeXMtsAE6xoTkhROOwqju0UOBVSRgPwOeuhazb-ClirZ9JuQm3R5-g1_ImUlXRMykFDDyihMlU7QOezMQLvqhC2us7wYCKeuQlZH2QaqFB2aT7VdOfiMvcYSFlvGL0ZQRhkVTGgB_AiF1EGq1TBT9sPvYKLsrXykfx0EkFjOYY4wGn0CJPjiPD_Of7A-LVx8LhWRYUCYYrM_mkeAn83ENmEk_UUYlpPMaxlyS78qj5GFLxVm17svSeGTw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8SUbkfNBZPzQBOKO7_UPqsqxmAvJntKxXMWMi-CaAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMzI3Mjk4NTc5MTU0Nzg3yAEJqQLIauLaZGWyPqgDAaoE7wFP0LKedLbIauWa555qn9uIACtliRG3n04NOLrXAlbMEMqAtQWE2QxOLgkM86DZCC2SNvWa3yHKuQIspXneJhlbx9wFpMAP7UNXyqv-3DwzhJslLSroNg4Ak02Dsq3kLmoZ1liKs-ayFPZWrI5bVuah-x1pZ6eI38xA5umzHfl8eKHvCJoxPZc6o0JLCoJW376Ol_e8EpzaIc0dEZbfUxBl-VxP-RLsOjsfnFjeOzZPQNtujReIkz48gLUTuyIItZnD1cHv9pfTRAVnyTxo1jbJIDRMcFvtuFhEBAPLYWeTG0w16OVEYALj9FL7pvp2BIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1jX1fhTBVMivYn9rvwQNcikKr9TQ%26client%3Dca-pub-3327298579154787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-b778"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Apr 2024 02:23:14 GMT
prebid-2023-03-22.js
cdn.prplads.com/ Frame EF4E 		366 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prplads.com/prebid-2023-03-22.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d7d916b7239c63396df3f758d766f2f186687af57b02d9af7b05bdcd1ffbbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
J1RBWE1AGY0XZ3ZC
age
1776
cf-polished
origSize=375127
x-amz-id-2
6MBsab+ThbNhaldBOj6tQ/kh1peBHVckQr5/gXCqj3JdULuTlXQv/cY2RjffzzN1JoofrGWCQzM=
cf-bgj
minify
last-modified
Wed, 22 Mar 2023 16:08:32 GMT
server
cloudflare
etag
W/"99f3c3ccaab6ea63fe6fdc9617e04981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZ%2FeAdb2B4mZKy2GMlIoK8q9vUsedI2ejqy9I%2FCfIaKmU76U3yPwa0hqj%2B8lq7e5PMLW4dvWreLYHCYhvtDObR3hYq7no%2BrncdYdmdv0YwJ9a0IKFzIehmryA46tRTMwxWpB3%2FnfBs%2F8MVIgxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1209600
cf-ray
7bb229f3a83b9150-FRA
localstore.js
script.4dex.io/ Frame 5D70 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:14 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1220018
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQWcy4YP7Y7GpNVJHlYmlVbr8FBYhL%2FmkYGA9sN%2B3DV17pNH3W0R3oF41Uj02EyePn%2BpYYTamt3yQSvMI6n9NW32HK3GzsKJiqbCI%2BOrZ9A6TD0ZKOUw2N%2BQBydAzzRTPaYtUpjI%2FgN1lO11"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7bb229f41e39362d-FRA
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 65A0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 03:50:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81142
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Apr 2024 03:50:52 GMT
truncated
/ Frame 65A0 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a0f006ff1a71d7f51be0015ffb7098aadd66cb43e024c173ec0cda543ed6426

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ Frame 5D70 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://w1.areturnersmagic.com
Access-Control-Allow-Credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5D70 		0
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Fri, 21 Apr 2023 02:23:14 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
adreq
ads.servenobid.com/ Frame 5D70 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5984
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6bb93f650a13e14e178c84a6ff2a14ce58456b94c587733b41c7aee6ce61c64d

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 02:23:15 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 5D70 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Fri, 21 Apr 2023 02:23:14 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
server
envoy
vary
origin, Accept-Encoding
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 5D70 		180 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F&PageUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F&PageReferrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&CanonicalUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
5ff48f51a8c1d7cc52656ee07a6ce5cd608cc58a6b8b6d90ac0a02c762407791
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:14 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
180
expires
0
prebid
mp.4dex.io/ Frame 5D70 		199 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0196a384e9013a062ab67b48e6db4ea7ae6d4bc35c30e499f91b3f4c608bb0ae

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 21 Apr 2023 02:23:14 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bb229f4990091d8-FRA
expires
0
pbjs
prebid.admanmedia.com/ Frame 5D70 		2 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.admanmedia.com/pbjs
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.109.168 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://w1.areturnersmagic.com
Date
Fri, 21 Apr 2023 02:23:14 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 3DB1 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7e-31a4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Apr 2024 02:23:14 GMT
localstore.js
script.4dex.io/ Frame EC78 		483 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:14 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1220018
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1IQZvceCrSKToFoyLjeexop9XtsBtidzkgAWgJ19W0T5l5pKyv8IKRqFErk8CkjnrxZAOXbr56Bqxo74bgZJz%2Fx4pLHRd%2FqXxIQRRQJAlc8A5O912vPPyMgqtrNvNt0694UyBmg%2B5PrMfgEF"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7bb229f46e6c362d-FRA
c
prebid.a-mo.net/a/ Frame EC78 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Fri, 21 Apr 2023 02:23:14 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
server
envoy
vary
origin, Accept-Encoding
prebid
mp.4dex.io/ Frame EC78 		199 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f7f5efabc4ce4f4f4f6769dd11d53e20c31753222d8dd4fc9319df10a4cedf9

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 21 Apr 2023 02:23:14 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bb229f4990191d8-FRA
expires
0
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ Frame EC78 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://w1.areturnersmagic.com
Access-Control-Allow-Credentials
true
adreq
ads.servenobid.com/ Frame EC78 		537 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9373
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
aa4f613dfd3cc3d4b373f6b76270f06be23304b070646a64d740888ed151776c

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 02:23:15 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame EC78 		0
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Fri, 21 Apr 2023 02:23:14 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
prebid.admanmedia.com/ Frame EC78 		2 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.admanmedia.com/pbjs
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.109.168 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://w1.areturnersmagic.com
Date
Fri, 21 Apr 2023 02:23:15 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame EC78 		180 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F&PageUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F&PageReferrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&CanonicalUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
91731f1d018fb6b5566bbab5d3c7447509b83f543046f2361767cc1f35b02628
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:14 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
180
expires
0
localstore.js
script.4dex.io/ Frame EF4E 		483 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:14 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1220018
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2Ymst1Y7tKAYfIwwsq2wXu1%2FkLVUfo4L%2BVHUXwOiWA0k45evV1xYlcTx13VhSq8Y3RD%2BN6XqtRhznMoOxYFzUdvznWHzp29bL0nbcR4cP7tXBatcFXVk95750SwtTlU7ebGCzgjjmNavF34"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7bb229f49e98362d-FRA
adagio.js
script.4dex.io/ Frame 5D70 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:14 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1568571
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OyHzpBLt807ZvnP%2F7CBzk5u0elOkNr2GGT1eHXD65ZoXWRGkG1ya597D9Qp8o0Sz4SySPv4j1UfEIxGF2XSuIvgtjNLOBRtCH8WvbXY572oLwFaE6oik26eFcR4zWtrJqcnSC%2B29sqyPqDv"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7bb229f4cb083a7e-FRA
adreq
ads.servenobid.com/ Frame EF4E 		537 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10639
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
aa4f613dfd3cc3d4b373f6b76270f06be23304b070646a64d740888ed151776c

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 02:23:15 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame EF4E 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Fri, 21 Apr 2023 02:23:14 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
server
envoy
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame EF4E 		0
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Fri, 21 Apr 2023 02:23:14 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
prebid.admanmedia.com/ Frame EF4E 		2 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.admanmedia.com/pbjs
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.109.168 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://w1.areturnersmagic.com
Date
Fri, 21 Apr 2023 02:23:15 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ Frame EF4E 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://w1.areturnersmagic.com
Access-Control-Allow-Credentials
true
prebid
mp.4dex.io/ Frame EF4E 		199 B
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbc47837dbf7f0710160cdbd5b341399533253c5bc048e52e059561422d60009

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 21 Apr 2023 02:23:14 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bb229f4d96591d8-FRA
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame EF4E 		180 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F&PageUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F&PageReferrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&CanonicalUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
55474c95c9ef6d07da210e0306e84276e464f434461f1ece2a4eb77fe0221652
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:14 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
180
expires
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 50D9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
144775
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 10:10:19 GMT
expires
Thu, 18 Apr 2024 10:10:19 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aulus-728x90-DE.html
s0.2mdn.net/sadbundle/11207411921136063200/ Frame 9B72 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf5a32878407b7e1f4fae574fdd255f300dd3002c7cc3561b4d5b03df1edb5b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
145000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2378
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Apr 2023 10:06:34 GMT
expires
Thu, 18 Apr 2024 10:06:34 GMT
last-modified
Tue, 11 Apr 2023 12:03:09 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 65A0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsssc-P_Am1fxuzeUbTJefKRP0kLDyBnSC_Ifiu5YSzsii4-A7Th8NRo2mAuYIZdu6AqA97JQUlH2fCeQu9OOmmwY4miNpPFZGIKy_x0c-GjeOxb_ZF1GnoHt-IPtDwEqUn0garMKwSw8iiZrztHoru25HWdoyIaQ7uDn76rwmafOvGcQXmEj6UTXiPrwmGmmYsnKoHu2TUuSB95f5F83k38unmo9oLQU11YJ3m1VpyjN_8mTplON0pDkxjPpG92XhsMxCQUmdo-w_vJG-buTMCtbopcpxk5NzJ2Rxqe5hNDdyNhRF5VYvokCIik9nbmR8UdaA__UQZJa98mkeh6H0CJ8aJqHsi2-oz-AyLvnt6S8vwVD_xII8dfQdlxCxvDesiHt7dYmDNeoQoItKsKHN_kxSLgIbBxr4PWDs1w8f27U9mJ9PegPjruiGLObSH2cDdPLt0NqHiSKQSrFecNpcKuApJaspaK67hdsK9aevIJh7Cy8fzf40XsEB3KAwCJHEswuHMPhwO5qtQdr_KVbZ9-Sc8NPlZuapOeWQWVPYTlt8l1HdSoZJRxxbz1dx8lzNOZmDRUZzBZhfunlW-fn1y2RgnbtPEE5F5byJpJ5gr6UJHC2RZIC2wf7ZDNgf3dQ0gKKTR__x6WYLo3UhEsp4KTp0gCqMef2UqjDHq_9EZT0DpGKLE5gXdEUao5Gqb4mGqLEsm-ja4LV5rNSABij46_qKA2nbZvzqDLACRHiBB_8tEE7lKuJ8i1fU5bbeu_hFFVAiqMkHIdlixu5wCaxXEt0otDhNtZ3gvCHBVHV9t_o35ny8DxLku-_cmLF-38I88IhOLIUnhf4bUiZqMybfgYlOsvoTSkX2ChcQCkPE5lsAnhyHzatRVIXU6S440xgv3_YY7F9cYVHzdPgEaTBl6E-wivqg53y709k_j462t9tIiIdgsK2eEi_nOB5NBmUysykbjmMI2-NX5ln-nL9W9KdDlZKcode9AnxLIq2Fm3-HgBO34TDVINRC0A21Mejr7mwty_h51X8AGft1n3z2n8wats-dY70d1HOR28SeiqfFE_9MJKSnWWASTXmNwsF0cjRoxAl-MmgvvfZaLPm03q4tBQJGJNHPnyIvRidAZJAlxcgys8ahpm0RLJA6tVVFwPUaQkeBJZqJXFRc1CRM-0IBsHQIQB9EQH15jHVIJTynMnfC1vV9UnpgQBqM5W_jMG1Th3VaKjteVdHmyPJE56t5ypCQrtiUE2d222l3qY38eNNNIXPb365Bg3UrJ0Xu6i7-oirMFjXA&sai=AMfl-YS9bnDMwlqlhiK_6SjDwWbzLFplcKDn2oOD1a0Pub3rNlzcHGHs9vhAXp5gfT6L9Z4SZBpB_wk-NnzVjaQABwjQAS0nE66no-SY_LaSRbrsiEOx97hMEOOH2iL8i8zyzoqzW6UfasfMmaqMzGc_qACyI32fQJed4KKQPZ1VJPznORj93tw&sig=Cg0ArKJSzMX0In4b_aDaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=269&cbvp=1&cstd=265&cisv=r20230418.80366&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 21 Apr 2023 02:23:14 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 21 Apr 2023 02:23:14 GMT
adagio.js
script.4dex.io/ Frame EC78 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:14 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1568571
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NOx1UeFwE4XnLsoQEbUdFKJtwc7nyrS9Ghgin%2FablIvGAefq4dXN%2F%2FHu7VfPx292jeMUiD2a2BJz1%2BI6upU453WwqA36bmukBFUaSWL3Fh%2BJneYXYk3ZApw5gqZMWcfPEvSmx3LdFKj34f3%2F"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7bb229f51b3d3a7e-FRA
adagio.js
script.4dex.io/ Frame EF4E 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:14 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1568571
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxGRnUfEwoS58heeSTbskOqphyNrbRNmGy8MwqIeAEcjcuOwOvyIGgqwcYtYuxoeCjXd2ZNbN1S9LT%2BixyKiNithQBoTS2EpSVWSBtrzcuCn1hok3n74DEpWtQdhEjTuYi1nOkUQKjlljJuJ"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7bb229f53b533a7e-FRA
CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js
pagead2.googlesyndication.com/bg/ Frame 50D9 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 02:54:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
84503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14219
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Apr 2024 02:54:51 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9B72 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Apr 2023 02:23:14 GMT
aulus-728x90-DE.js
s0.2mdn.net/sadbundle/11207411921136063200/ Frame 9B72 		142 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8126a786b178c58984fe63249ce3fabaa0236797990fe6f75082bc49c9dcb0d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 04:05:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80274
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14409
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 12:03:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Apr 2024 04:05:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 50D9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeWdUkvNBZKLBBsjE7gPxvYcoAAAAADgB4AQC&bg=!R0SlRBDNAAYfNdXmPzU7ADkAdvg8WuYy9ucmGbDf9tTkwa3Po2iAlNDjnGK0bFHLpsonJUJ5OD2QrCuKd4mUHDwu6RyCnWofaBMCAAAAb1IAAAACaAEHmQM-ojgi2DkwqyAQKbVT87yUdRysGKtfl5UWwpXh7OREAsAvHtWGme-gqfnTbNNC89TitGl0FudGBuVpPk_bMLxLR2a51XaOS8tN97se3rfnoKfvO8uueWyqP4YGZKHy_m1nI2U5MQ6-FY6T1yFpZiE8tpWHST-17XfRXjJ8tT67BsmF8BD-GWvqUbkAAXNVmqcV0SP-H2gBtTopPNHiLM5lttSGGzl4TgPcnaJmesKxtjJl2xA_7gbcUt10Icvtv0fL81ffACPs-LMuMeY99cCPFOEcm-XZPV5k5UI-r1B_XVU7BrX70jkXh1w9VYG2UzHzqSO0at52HmJWedqObPrTgzkMqmrL_7RK6tJOlpvMVZHOZ0tKiC8YX_RVmQnnRxCeFB9rJe3YrhZPjvyztHdlZPz55cMqE3ENTNazyx9yGTP1_udnbRU3r3bh6SMaliXkWTVtDUHZ6O9nOj3Cp8blx0uSCGvQLdIKtToY1yhxXFjihk6HN0V2WhCjKmSNmEJptzsqEv54rTbagL7o7CL3CHD6LIfiRhOdYeNB5n4Z9eApO3fvgr0H-EQeC7MACzCMeBlMHt6TbWE4dUl-PkFWHdGeSrN96XqwRe1nVb5XmYf4aCBsZuWk7y7cF9uDweycLJEnZN6Nps-HDaI5wsTJD-YHYPO_XHdCHPM3GHcieshHhyP6ca8l-p3ZZU7tXfwbSsib7opOYGw1oSOqtGDpFJxNFsib7Lbyc-q1IxMEX55d8HqukAKfbPK8AFiGqt-QP-qiUGEQT0cwnopjRxbhcOUolgIvgezFXYBiHoUetVaD6XD2-uBFWyuG2i4JurGLD5SQMm6L5ZSXKK9ash1yKjqpXcdkYMTvdrvVYYok-LQsgRjrtwju078RSfeWozHynU1ceDLmbaf2mWMn59CftgNXsZsXF87fPINnUtIpquythI4nQ5bDndQnRBz_AZxW60MH7RxRbOYGabEV0SgnmAQH4KFNx59NLWJKYk8EY9FLGoKDmQfF7KKTSnrWTBFP9fSdZUznQmfybxnbEMzk9IiYZ1RGsozjhrGS6bkM2CgonmUjylbK-0RDmVSv463V7hH45sfaQBH8yu2tljo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aulus_728x90_DE_atlas_1.jpg
s0.2mdn.net/sadbundle/11207411921136063200/images/ Frame 9B72 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11207411921136063200/images/aulus_728x90_DE_atlas_1.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c57474d88bc77066cc29ddbaaa5e853c3dc5e4892ab6cfe64ec36be3058389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 09:59:37 GMT
x-content-type-options
nosniff
age
145417
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2173118
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 12:03:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Apr 2024 09:59:37 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 65A0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsssc-P_Am1fxuzeUbTJefKRP0kLDyBnSC_Ifiu5YSzsii4-A7Th8NRo2mAuYIZdu6AqA97JQUlH2fCeQu9OOmmwY4miNpPFZGIKy_x0c-GjeOxb_ZF1GnoHt-IPtDwEqUn0garMKwSw8iiZrztHoru25HWdoyIaQ7uDn76rwmafOvGcQXmEj6UTXiPrwmGmmYsnKoHu2TUuSB95f5F83k38unmo9oLQU11YJ3m1VpyjN_8mTplON0pDkxjPpG92XhsMxCQUmdo-w_vJG-buTMCtbopcpxk5NzJ2Rxqe5hNDdyNhRF5VYvokCIik9nbmR8UdaA__UQZJa98mkeh6H0CJ8aJqHsi2-oz-AyLvnt6S8vwVD_xII8dfQdlxCxvDesiHt7dYmDNeoQoItKsKHN_kxSLgIbBxr4PWDs1w8f27U9mJ9PegPjruiGLObSH2cDdPLt0NqHiSKQSrFecNpcKuApJaspaK67hdsK9aevIJh7Cy8fzf40XsEB3KAwCJHEswuHMPhwO5qtQdr_KVbZ9-Sc8NPlZuapOeWQWVPYTlt8l1HdSoZJRxxbz1dx8lzNOZmDRUZzBZhfunlW-fn1y2RgnbtPEE5F5byJpJ5gr6UJHC2RZIC2wf7ZDNgf3dQ0gKKTR__x6WYLo3UhEsp4KTp0gCqMef2UqjDHq_9EZT0DpGKLE5gXdEUao5Gqb4mGqLEsm-ja4LV5rNSABij46_qKA2nbZvzqDLACRHiBB_8tEE7lKuJ8i1fU5bbeu_hFFVAiqMkHIdlixu5wCaxXEt0otDhNtZ3gvCHBVHV9t_o35ny8DxLku-_cmLF-38I88IhOLIUnhf4bUiZqMybfgYlOsvoTSkX2ChcQCkPE5lsAnhyHzatRVIXU6S440xgv3_YY7F9cYVHzdPgEaTBl6E-wivqg53y709k_j462t9tIiIdgsK2eEi_nOB5NBmUysykbjmMI2-NX5ln-nL9W9KdDlZKcode9AnxLIq2Fm3-HgBO34TDVINRC0A21Mejr7mwty_h51X8AGft1n3z2n8wats-dY70d1HOR28SeiqfFE_9MJKSnWWASTXmNwsF0cjRoxAl-MmgvvfZaLPm03q4tBQJGJNHPnyIvRidAZJAlxcgys8ahpm0RLJA6tVVFwPUaQkeBJZqJXFRc1CRM-0IBsHQIQB9EQH15jHVIJTynMnfC1vV9UnpgQBqM5W_jMG1Th3VaKjteVdHmyPJE56t5ypCQrtiUE2d222l3qY38eNNNIXPb365Bg3UrJ0Xu6i7-oirMFjXA&sai=AMfl-YS9bnDMwlqlhiK_6SjDwWbzLFplcKDn2oOD1a0Pub3rNlzcHGHs9vhAXp5gfT6L9Z4SZBpB_wk-NnzVjaQABwjQAS0nE66no-SY_LaSRbrsiEOx97hMEOOH2iL8i8zyzoqzW6UfasfMmaqMzGc_qACyI32fQJed4KKQPZ1VJPznORj93tw&sig=Cg0ArKJSzMX0In4b_aDaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=504&vt=11&dtpt=235&dett=3&cstd=265&cisv=r20230418.80366&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 21 Apr 2023 02:23:14 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230418&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31074024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0cc7bfdeceed61eaa7b0966c5dc56e42e4045d8b331f0fdaff977d23c2e5af4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11301
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3327298579154787&plah=w1.areturnersmagic.com&bust=31074024
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Apr 2023 02:23:15 GMT
winner
api.purpleads.io/x/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/winner?ts=1682043795070
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
POST
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
date
Fri, 21 Apr 2023 02:23:15 GMT
i
api.purpleads.io/x/a/b80d223ddca0de090ca13de92f4fbb4e:5fe31792674dd889a0787cb226cf30afda29fcb5d733322907c8bc2cfe94d8d354180416e016abea94e8f2540531b59b8210dee8f4f56bd23aeec76fae765ba8fcc356e0e2bc375... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/b80d223ddca0de090ca13de92f4fbb4e:5fe31792674dd889a0787cb226cf30afda29fcb5d733322907c8bc2cfe94d8d354180416e016abea94e8f2540531b59b8210dee8f4f56bd23aeec76fae765ba8fcc356e0e2bc3756341e28fd153fef1250657894d035f1f473973a01a0351e4de14933c53165d49bed3c03aa7f7f9d63977db77cf5d8209e6f181183be3ff3d9062550c53dd9e76bb1274d0b40b6d5ce/i?id=b876d223-3ff4-4f4b-8ea6-0173da50fccd&ts=1682043795070
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
date
Fri, 21 Apr 2023 02:23:15 GMT
blacklist_script.js
tagan.adlightning.com/nobid/ Frame 44D1 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nobid/blacklist_script.js
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33384660a45967e30803da7640ddd67aa3ce0906807b575a8d2de315d630f95b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
un63ZU9omZRlZPeyedpNYAym85OrK0y3
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
date
Fri, 21 Apr 2023 02:19:32 GMT
x-amz-cf-pop
FRA60-P4
age
229
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15014
x-amz-meta-git_commit
deea5a1
last-modified
Thu, 20 Apr 2023 17:18:59 GMT
server
AmazonS3
etag
"4ab2f6c5bcf88477d10ff1db65dcf104"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Tx42A1Xp7JAhrZcAELls3FMMydcylVRT8OhKLoKOx0TWwKoh7DmObQ==
blocking_script.js
tagan.adlightning.com/nobid/ Frame 44D1 		69 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nobid/blocking_script.js
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-43.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5acb17616ffbd91876355147e8f9f5e3381791692b3417bef4e884cf688249dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:19:24 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-version-id
4u2cUip_TeqI4HlG7WLzcGoZUrd8oMOO
x-amz-cf-pop
FRA60-P4
age
32631
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26395
x-amz-meta-git_commit
8db6969
last-modified
Sat, 17 Dec 2022 08:35:50 GMT
server
AmazonS3
etag
"282e87a9c30608f374518b3e779ed524"
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
JQdCOB4rGIjev7lV0F3HC_uKqB71q2JplPmDLWu6TOYdmSUA-FzN6Q==
winner
api.purpleads.io/x/a/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/winner?ts=1682043795070
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
accept-language
de-DE,de;q=0.9
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.1

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Fri, 21 Apr 2023 02:23:15 GMT
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
x-api-version
0.47.5
x-request-id
0a39fdcf-4d0c-4b74-a89e-8157c8ee7d59
i
api.purpleads.io/x/a/b80d223ddca0de090ca13de92f4fbb4e:5fe31792674dd889a0787cb226cf30afda29fcb5d733322907c8bc2cfe94d8d354180416e016abea94e8f2540531b59b8210dee8f4f56bd23aeec76fae765ba8fcc356e0e2bc375... 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/a/b80d223ddca0de090ca13de92f4fbb4e:5fe31792674dd889a0787cb226cf30afda29fcb5d733322907c8bc2cfe94d8d354180416e016abea94e8f2540531b59b8210dee8f4f56bd23aeec76fae765ba8fcc356e0e2bc3756341e28fd153fef1250657894d035f1f473973a01a0351e4de14933c53165d49bed3c03aa7f7f9d63977db77cf5d8209e6f181183be3ff3d9062550c53dd9e76bb1274d0b40b6d5ce/i?id=b876d223-3ff4-4f4b-8ea6-0173da50fccd&ts=1682043795070
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
accept-language
de-DE,de;q=0.9
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.1

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Fri, 21 Apr 2023 02:23:15 GMT
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
x-api-version
0.47.5
x-request-id
6638f2a1-b684-4a39-9fe7-4b146dd48f58
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 091E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
25047
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Apr 2023 19:25:48 GMT
expires
Fri, 19 Apr 2024 19:25:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B35C 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4b25859886bf5c0f68dfffd6fd6388e1d882f3473e86b9ca6386401151800335
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oFendyzYKIs11-3hOjLmhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-oFendyzYKIs11-3hOjLmhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 02:23:15 GMT
expires
Fri, 21 Apr 2023 02:23:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
c.js
assets.a-mo.net/js/ Frame 44D1 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/c.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nobid/blocking_script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
589287787f8805dedb24cde98bfecc87405aec4af8668301ba671b5b530ef3be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:15 GMT
via
1.1 b0c439f28ddbcb58cac8a530a312cd86.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
MXP64-P1
age
224
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 31 Aug 2022 15:27:03 GMT
server
cloudflare
etag
W/"a05a49d5210edbc753011f3d8ce5e63c"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7bb229f8fb169b64-FRA
x-amz-cf-id
UC2OKsLiAL1eT6XZi96teRC4XqfI05lFLDuzc3gusnflPYzb9ckO3A==
expires
Fri, 21 Apr 2023 03:23:15 GMT
/
api.purpleads.io/x/v2/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=3&pid=e4270268c8ee4b41b0b05e68a351dabe&sizes=[[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=a029bb1c-31a0-4947-95ae-5c5ab9158a14&demand=unifiedPb&ts=1682043795322
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
date
Fri, 21 Apr 2023 02:23:15 GMT
/
api.purpleads.io/x/v2/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=4&pid=e4270268c8ee4b41b0b05e68a351dabe&sizes=[[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[300,100]]&slotid=d23bc9e3-da8a-4187-a5aa-c5102e9bd255&demand=unifiedPb&ts=1682043795322
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
date
Fri, 21 Apr 2023 02:23:15 GMT
/
api.purpleads.io/x/v2/b/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=3&pid=e4270268c8ee4b41b0b05e68a351dabe&sizes=[[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=a029bb1c-31a0-4947-95ae-5c5ab9158a14&demand=unifiedPb&ts=1682043795322
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
accept-language
de-DE,de;q=0.9
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.1

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Fri, 21 Apr 2023 02:23:16 GMT
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
x-api-version
0.47.5
pa-user-id
4631d79a-cde7-459c-91e5-ea8a3a689d11
x-request-id
eafcba92-0b0a-459f-844e-0069ad18a37e
/
api.purpleads.io/x/v2/b/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/b/?idx=4&pid=e4270268c8ee4b41b0b05e68a351dabe&sizes=[[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[300,100]]&slotid=d23bc9e3-da8a-4187-a5aa-c5102e9bd255&demand=unifiedPb&ts=1682043795322
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
accept-language
de-DE,de;q=0.9
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
3.0.1

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Fri, 21 Apr 2023 02:23:16 GMT
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
x-api-version
0.47.5
pa-user-id
442bb267-c956-4122-8305-b7a92493c8aa
x-request-id
657a0f92-6c6a-4e26-8766-9b4ce61e2f27
ab
ams3-ib.adnxs-simple.com/ Frame 44D1 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs-simple.com/ab?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QLoB2zoAwAAAwDWAAUBCJLnh6IGEOj11rz8w_T3GRj_EQF4ASo2CZDZOL-8ONA_EULYE0Wnk8s_GQAAAAApXBRAIRESACkRJNgxAAAAgOtR8D8wkM2-CjiCYED2CEhbUIaCypUBWLGTkAFgAGiijqkBeKX3BYABAYoBA1VTRJIBAQb0CAOYAcACoAEyqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ01DTDJ4Y1FyUW892AIA4ALY1VvqAh9odHRwczovL3cxLmFyZXR1cm5lcnNtYWdpYy5jb20v8gIsCgdFTkNfQ1BNEiFoWGdJTTVLdEphdmtMaF80LU1FNnMxSnhDY3BIaURhdjDyAr0CCgxFTkNfUlRCX0RBVEESrAIwelIxMk9PYVFaZjdYV1UyUkhkZVVHLS03V2dHaFdYbVMyRmRjRnZ4UWI5VUxOVTBLNzhSX3F5MC1wVS1JOENUdEI4YUdBYnU5eGFsWFBpa1FSeUx2Y21xQ1ZYa1ZLcjJPMFg5LVk1Smx1SGVTbzV1UXNKaEFhZXBSVHV4cWJrclRmU1FfXzYwcGpWekwydFNWRFo4V09zVVphOUtqQkM2TjF1clNJbXRRVEVlTEg3cWthXzVwRHlBODV5NVJLM2hKZy1zSjNmNmlFSnh6aUt6dGlQemd0MDk5QUw2WXp3Q0RVNkpqc1NSVDZFcDNoQlpzQmRHalhLdVhkYUVyVlh4akpZQ1BhYmlZanNXeFVCZTY3cDVzLU1rMzB6VUhEdEV1VmpDS0FnVFk5MDHyAgYKBEFESUTyAgsKCUNPT0tJRV9JRIADAYgDAJADAJgDFKADAaoDJxoVMTg2ODk0MzQwNDMxNjM0MzAxNl8xKgQ0MTcyOgg0OTcyNjkxMsADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8xODUuMjEzLjE1NS4xODSoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAPAEhoLKlQH6BBIJAAAAwMwMSUARAAAAQDMzIUCIBQGYBQCgBYCc99qnjuqXbqoFEEhGSFZPSkczVU1ITzM3TFTABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX6ixj6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AGv_MB2gYWChAAAAAAAAAAAAAAAABhXnQQABgA4AYB8gYCCACABwGIBwCgBwHIB6X3BdIHDQkBIgEBASYM2gcGCAUJYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=6662b6222744f0fa8106eb172e4431dbffd3a218&pp=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nobid/blocking_script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a3439d490cc4b79611478432d79052a419e6dde49e28e59e11084712c85b7607
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:15 GMT
Content-Encoding
gzip
X-Creative-ID
313688326
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1bda1d10-00c7-4de1-9e38-ee768f0a05cc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
himp
1x1.a-mo.net/hbx/ Frame 44D1 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/himp?wv=rtbp&us=p&rj=0&_e=CsECIgp3a2x3Y3E3eWlqMXu1Qnrfxa4_OgVtb25ldEIMZ3B0LXBhc3NiYWNrShNhcmV0dXJuZXJzbWFnaWMuY29tUgRhYXMtahNhcmV0dXJuZXJzbWFnaWMuY29teAGKAQhkMzIzZGY4MaABMqgBwALAAeP7C8gBAOgBAPIBDzcyOTg5MDAyMDEyNjYyMpgC2QSpAgAAAAAAAAAAsgIUcG9zdGNvZGUtbG90dGVyaWUuZGWiAxdaSFZ5WVhScGIyNXRaV1JwWVM1amIyMKgDJeAD85EB6gMQN18zMjdfVDR6a3dNT0llM6oEA0RDSIoFIjMyN19ncHQtcGFzc2JhY2tfMzIweDUwX0dLN2ltU01LZ1LSBQkxMDUxOTk1NznYBQDgBQHqBQdkZXNrdG9w8gUMVFNPSzRYM1hERkNX-gUDYW02&M=13&cn3=0&c4=native_dom&C=stb&m=x%3A0&e=&sw=320&sh=50&rr=stb&rw=320&rh=50&rer=&dr=0&lng=en-US&cv=c.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.153.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-153-58.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:15 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
himp
1x1.a-mo.net/hbx/ Frame 44D1 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/himp?wv=rtbp&us=p&rj=0&_e=CrMDIgtfd2tsd2NxN3lpajFJSQ9Dq5PLPzoIYXBwbmV4dXNCDGdwdC1wYXNzYmFja0oTYXJldHVybmVyc21hZ2ljLmNvbVIEYWFzLWoTYXJldHVybmVyc21hZ2ljLmNvbXgBigEIZDMyM2RmODGSAQIxMKABMqgBwALAAeX7C8gBANAB____________AegBAPIBDzcyOTg5MDAyMDEyNjYyMpECe7VCet_Frj-YAuoQqQIAAAAAAAAAALICFHBvc3Rjb2RlLWxvdHRlcmllLmRlugIJMzEzNjg4MzI2wgIEMTE0MtoCCDIxOTk3MjAw8QIAAAAAAAAAAKIDF1pIVnlZWFJwYjI1dFpXUnBZUzVqYjIwqAMlygMEMTE0MuAD85EB6gMQN18zMjdfVDR6a3dNT0llM6oEA0RDSIIFEzI0NTk0MTg3MDQ4NjA3MjkxMzSKBSIzMjdfZ3B0LXBhc3NiYWNrXzMyMHg1MF9HSzdpbVNNS2dSwgUCOTHKBQYzOTQ3NDbSBQkxMDUxOTk1NznYBQDgBQHqBQdkZXNrdG9w8gUMVFNPSzRYM1hERkNX-gUDYW02&M=13&cn3=0&c4=native_dom&C=stb&m=x%3A0&e=&sw=320&sh=50&rr=stb&rw=320&rh=50&rer=&dr=0&lng=en-US&cv=c.js
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.153.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-153-58.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:15 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
inde
1x1.a-mo.net/hbx/ Frame 44D1 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1x1.a-mo.net/hbx/inde?aid=YXJldHVybmVyc21hZ2ljLmNvbQ&b=w1.areturnersmagic.com&M=13&v=pba0.0-aa2.13.0-93ddeb2-1&cv=c.js&lng=en-US&wv=rtbp&us=p&rj=0&_e=CrMDIgtfd2tsd2NxN3lpajFJSQ9Dq5PLPzoIYXBwbmV4dXNCDGdwdC1wYXNzYmFja0oTYXJldHVybmVyc21hZ2ljLmNvbVIEYWFzLWoTYXJldHVybmVyc21hZ2ljLmNvbXgBigEIZDMyM2RmODGSAQIxMKABMqgBwALAAeX7C8gBANAB____________AegBAPIBDzcyOTg5MDAyMDEyNjYyMpECe7VCet_Frj-YAuoQqQIAAAAAAAAAALICFHBvc3Rjb2RlLWxvdHRlcmllLmRlugIJMzEzNjg4MzI2wgIEMTE0MtoCCDIxOTk3MjAw8QIAAAAAAAAAAKIDF1pIVnlZWFJwYjI1dFpXUnBZUzVqYjIwqAMlygMEMTE0MuAD85EB6gMQN18zMjdfVDR6a3dNT0llM6oEA0RDSIIFEzI0NTk0MTg3MDQ4NjA3MjkxMzSKBSIzMjdfZ3B0LXBhc3NiYWNrXzMyMHg1MF9HSzdpbVNNS2dSwgUCOTHKBQYzOTQ3NDbSBQkxMDUxOTk1NznYBQDgBQHqBQdkZXNrdG9w8gUMVFNPSzRYM1hERkNX-gUDYW02&r=1&C=stb&m=x%3A0&e=&sw=320&sh=50&rr=stb&rw=320&rh=50&rer=&dr=0&eid=1znfgjsqu9zlcwjb90&ts=1682043795500
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.153.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-153-58.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:15 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
css
fonts.googleapis.com/ Frame C3C1 		700 B
461 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato&display=swap
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cd5d9b9721d6b1bfc18d8c81562508902e01c61e2d2058485cc31fad4222c7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Apr 2023 02:23:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 02:02:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Apr 2023 02:23:15 GMT
prebid-2023-03-22.js
cdn.prplads.com/ Frame C3C1 		366 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prplads.com/prebid-2023-03-22.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d7d916b7239c63396df3f758d766f2f186687af57b02d9af7b05bdcd1ffbbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
J1RBWE1AGY0XZ3ZC
age
1777
cf-polished
origSize=375127
x-amz-id-2
6MBsab+ThbNhaldBOj6tQ/kh1peBHVckQr5/gXCqj3JdULuTlXQv/cY2RjffzzN1JoofrGWCQzM=
cf-bgj
minify
last-modified
Wed, 22 Mar 2023 16:08:32 GMT
server
cloudflare
etag
W/"99f3c3ccaab6ea63fe6fdc9617e04981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNpq4S2OcvZyZ7j0XnquIf3I3d9xu3j2ggSP4yQ8QoGl0hCWBUIdLVIKmQdIRqrccctvLmxYf8AJY2URhZZaNVknjwJgkyb4ZPtCD25UYJv6n%2B5QXiIRMcXXchKT5DXdQ3e0aPgnuACy7sQsxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1209600
cf-ray
7bb229f9fd279150-FRA
sodar
pagead2.googlesyndication.com/pagead/ Frame B35C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230418&jk=432858823415047&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js
pagead2.googlesyndication.com/bg/ Frame 091E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 02:54:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
84504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14219
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 19 Apr 2024 02:54:51 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame C3C1 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://w1.areturnersmagic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 11:03:21 GMT
x-content-type-options
nosniff
age
141594
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Apr 2024 11:03:21 GMT
localstore.js
script.4dex.io/ Frame C3C1 		483 B
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:15 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1220019
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiGdiLIBekdEHAyCXpZlOatQen2YK9HuywQ2YupfNRZfh1yNsIsjb%2FFfIYqV8y5bv9vb%2FsIem1B%2FpnKSqP2ks62OO39FGLYhxbIDqmLDFsdV0A%2BPAeEbXUiizo5rkCwZPOOH6zQFFji8gJn%2F"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7bb229fa8a24362d-FRA
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame C3C1 		179 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F&PageUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F&PageReferrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&CanonicalUrl=https%3A%2F%2Fw1.areturnersmagic.com%2F
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
973e13c21682c0e79991ec0e786a9088c8f1db6aaeb577fab32e9837884d0dd9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:15 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
179
expires
0
adreq
ads.servenobid.com/ Frame C3C1 		537 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=7727
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ Frame C3C1 		0
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://w1.areturnersmagic.com
Access-Control-Allow-Credentials
true
c
prebid.a-mo.net/a/ Frame C3C1 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Fri, 21 Apr 2023 02:23:15 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame C3C1 		0
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Fri, 21 Apr 2023 02:23:15 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
prebid.admanmedia.com/ Frame C3C1 		2 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.admanmedia.com/pbjs
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.109.168 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://w1.areturnersmagic.com
Date
Fri, 21 Apr 2023 02:23:15 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
prebid
mp.4dex.io/ Frame C3C1 		184 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c66f2f3a7c4d1fd62b2003edfcf8411a6039bf667caf5a110973605454b15c5

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 21 Apr 2023 02:23:15 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1263
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://w1.areturnersmagic.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bb229faada791d8-FRA
expires
0
if
ams3-ib.adnxs-simple.com/ Frame 8136 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs-simple.com/if?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QLoB2zoAwAAAwDWAAUBCJLnh6IGEOj11rz8w_T3GRj_EQF4ASo2CZDZOL-8ONA_EULYE0Wnk8s_GQAAAAApXBRAIRESACkRJNgxAAAAgOtR8D8wkM2-CjiCYED2CEhbUIaCypUBWLGTkAFgAGiijqkBeKX3BYABAYoBA1VTRJIBAQb0CAOYAcACoAEyqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ01DTDJ4Y1FyUW892AIA4ALY1VvqAh9odHRwczovL3cxLmFyZXR1cm5lcnNtYWdpYy5jb20v8gIsCgdFTkNfQ1BNEiFoWGdJTTVLdEphdmtMaF80LU1FNnMxSnhDY3BIaURhdjDyAr0CCgxFTkNfUlRCX0RBVEESrAIwelIxMk9PYVFaZjdYV1UyUkhkZVVHLS03V2dHaFdYbVMyRmRjRnZ4UWI5VUxOVTBLNzhSX3F5MC1wVS1JOENUdEI4YUdBYnU5eGFsWFBpa1FSeUx2Y21xQ1ZYa1ZLcjJPMFg5LVk1Smx1SGVTbzV1UXNKaEFhZXBSVHV4cWJrclRmU1FfXzYwcGpWekwydFNWRFo4V09zVVphOUtqQkM2TjF1clNJbXRRVEVlTEg3cWthXzVwRHlBODV5NVJLM2hKZy1zSjNmNmlFSnh6aUt6dGlQemd0MDk5QUw2WXp3Q0RVNkpqc1NSVDZFcDNoQlpzQmRHalhLdVhkYUVyVlh4akpZQ1BhYmlZanNXeFVCZTY3cDVzLU1rMzB6VUhEdEV1VmpDS0FnVFk5MDHyAgYKBEFESUTyAgsKCUNPT0tJRV9JRIADAYgDAJADAJgDFKADAaoDJxoVMTg2ODk0MzQwNDMxNjM0MzAxNl8xKgQ0MTcyOgg0OTcyNjkxMsADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8xODUuMjEzLjE1NS4xODSoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEhoLKlQH6BBIJAAAAwMwMSUARAAAAQDMzIUCIBQGYBQCgBYCc99qnjuqXbqoFEEhGSFZPSkczVU1ITzM3TFTABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX6ixj6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AGv_MB2gYWChAAAAAAAAAAAAAAAABhXnQQABgA4AYB8gYCCACABwGIBwCgBwHIB6X3BdIHDQkBIgEBASYM2gcGCAUJYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=a7c0630be50111dc076df95e7313444de197aeaf
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nobid/blocking_script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
61b06a7b51f006191748869ece49d1f5020715bf9a4a2a6c1cf195e38edf6394
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
5cd11a96-3d28-45f3-aee7-ea1335e015f0
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 21 Apr 2023 02:23:15 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Creative-ID
313688326
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
X-XSS-Protection
0
rd_log
ams3-ib.adnxs-simple.com/ Frame 44D1 		0
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs-simple.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QLBB2zBAwAAAwDWAAUBCJLnh6IGEOj11rz8w_T3GRj_EQF4ASo2CZDZOL-8ONA_EULYE0Wnk8s_GQAAAAApXBRAIRESACkRJNgxAAAAgOtR8D8wkM2-CjiCYED2CEhbUIaCypUBWLGTkAFgAGiijqkBeKX3BYABAYoBA1VTRJIBAQb02QKYAcACoAEyqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ01DTDJ4Y1FyUW892AIA4ALY1VvqAh9odHRwczovL3cxLmFyZXR1cm5lcnNtYWdpYy5jb20v8gIsCgdFTkNfQ1BNEiFoWGdJTTVLdEphdmtMaF80LU1FNnMxSnhDY3BIaURhdjDyAr0CCgxFTkNfUlRCX0RBVEESrAIwelIxMk9PYVFaZjdYV1UyUkhkZVVHLS03V2dHaFdYbVMyRmRjRnZ4UWI5VUxOVTBLNzhSX3F5MC1wVS1JOENUdEI4YUdBYnU5eGFsWFBpa1FSeUx2Y21xQ1ZYa1ZLcjJPMFg5LVk1Smx1SGVTbzV1UXNKaEFhZXBSVHV4cWJrclRmU1FfXzYwcGpWekwydFNWRFo4V09zVVphOUtqQkM2TjF1clNJbXRRVEVlTEg3cWthXzVwRHlBODV5NVJLM2hKZy1zSjNmNmlFSnh6aUt6dGlQemd0MDk5QUw2WXp3Q0RVNkpqc1NSVDZFcDNoQlpzQmRHalhLdVhkYUVyVlh4akpZQ1BhYmlZanNXeFVCZTY3cDVzLU1rMzB6VUhEdEV1VmpDS0FnVFk5MDHyAgYKBEFESUTyAgsKCUNPT0tJRV9JRIADAYgDAJADAJgDFKADAaoDAMADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8xODUuMjEzLjE1NS4xODSoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEhoLKlQH6BBIJAAAAwMwMSUARAAAAQDMzIUCIBQGYBQCgBYCc99qnjuqXbqoFEEhGSFZPSkczVU1ITzM3TFTABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX6ixj6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AGv_MB2gYWChAAAAAAYS8RAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB6X3BdIHDQkuJgAM2gcGCAkvXAcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=6372028bc231da88804d1eb3b667a5d69a5cc731&bdref=https%3A%2F%2Fw1.areturnersmagic.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fw1.areturnersmagic.com%2F,https%3A%2F%2Fw1.areturnersmagic.com%2F,https%3A%2F%2Fw1.areturnersmagic.com%2F&
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nobid/blocking_script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:15 GMT
AN-X-Request-Uuid
734540a9-5348-42a0-b704-083598b22222
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 65A0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsup0mxY-rJwRdZU8ZafBISEIK_vbqferAe9UQenfG3BtCEFCG8ddpw-BthD338b2lebSTdEsQvnhcSHYlACqJzhr9SS65GswIVork5YTLd34BhwRckOUWJj7HKu&sai=AMfl-YTZ03LuUcuy8vlNfPUoFbxFsk2OpDHZCOpGRCL_9RQpc5DfKrMxkdUutnCNk0dc1hrQ4G9Df7bnw6Oq&sig=Cg0ArKJSzByOM8ORQR5vEAE&cid=CAQSGwBygQiDES1Dlf7qf8nJDftJeepyC4QbevKCXRgB&id=lidar2&mcvt=1037&p=0,0,90,728&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682043793693&rpt=898&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfscript/ Frame 8136 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=49726912;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.253463-hXgIM5KtJavkLh_4-ME6s1JxCcpHiDav0;rtbr=1868943404316343016_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fw1.areturnersmagic.com%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=0zR12OOaQZf7XWU2RHdeUG--7WgGhWXmS2FdcFvxQb9ULNU0K78R_qy0-pU-I8CTtB8aGAbu9xalXPikQRyLvcmqCVXkVKr2O0X9-Y5JluHeSo5uQsJhAaepRTuxqbkrTfSQ__60pjVzL2tSVDZ8WOsUZa9KjBC6N1urSImtQTEeLH7qka_5pDyA85y5RK3hJg-sJ3f6iEJxziKztiPzgt099AL6YzwCDU6JjsSRT6Ep3hBZsBdGjXKuXdaErVXxjJYCPabiYjsWxUBe67p5s-Mk30zUHDtEuVjCKAgTY901;rtbtest=0
Requested by
Host: ams3-ib.adnxs-simple.com
URL: https://ams3-ib.adnxs-simple.com/if?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QLoB2zoAwAAAwDWAAUBCJLnh6IGEOj11rz8w_T3GRj_EQF4ASo2CZDZOL-8ONA_EULYE0Wnk8s_GQAAAAApXBRAIRESACkRJNgxAAAAgOtR8D8wkM2-CjiCYED2CEhbUIaCypUBWLGTkAFgAGiijqkBeKX3BYABAYoBA1VTRJIBAQb0CAOYAcACoAEyqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ01DTDJ4Y1FyUW892AIA4ALY1VvqAh9odHRwczovL3cxLmFyZXR1cm5lcnNtYWdpYy5jb20v8gIsCgdFTkNfQ1BNEiFoWGdJTTVLdEphdmtMaF80LU1FNnMxSnhDY3BIaURhdjDyAr0CCgxFTkNfUlRCX0RBVEESrAIwelIxMk9PYVFaZjdYV1UyUkhkZVVHLS03V2dHaFdYbVMyRmRjRnZ4UWI5VUxOVTBLNzhSX3F5MC1wVS1JOENUdEI4YUdBYnU5eGFsWFBpa1FSeUx2Y21xQ1ZYa1ZLcjJPMFg5LVk1Smx1SGVTbzV1UXNKaEFhZXBSVHV4cWJrclRmU1FfXzYwcGpWekwydFNWRFo4V09zVVphOUtqQkM2TjF1clNJbXRRVEVlTEg3cWthXzVwRHlBODV5NVJLM2hKZy1zSjNmNmlFSnh6aUt6dGlQemd0MDk5QUw2WXp3Q0RVNkpqc1NSVDZFcDNoQlpzQmRHalhLdVhkYUVyVlh4akpZQ1BhYmlZanNXeFVCZTY3cDVzLU1rMzB6VUhEdEV1VmpDS0FnVFk5MDHyAgYKBEFESUTyAgsKCUNPT0tJRV9JRIADAYgDAJADAJgDFKADAaoDJxoVMTg2ODk0MzQwNDMxNjM0MzAxNl8xKgQ0MTcyOgg0OTcyNjkxMsADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8xODUuMjEzLjE1NS4xODSoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEhoLKlQH6BBIJAAAAwMwMSUARAAAAQDMzIUCIBQGYBQCgBYCc99qnjuqXbqoFEEhGSFZPSkczVU1ITzM3TFTABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX6ixj6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AGv_MB2gYWChAAAAAAAAAAAAAAAABhXnQQABgA4AYB8gYCCACABwGIBwCgBwHIB6X3BdIHDQkBIgEBASYM2gcGCAUJYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=a7c0630be50111dc076df95e7313444de197aeaf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
126f667cd69d9efeaba800d2c0056c0af8f6af1341d6dcf2826a9c14bb462a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ams3-ib.adnxs-simple.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1076
expires
-1
it
ams3-ib.adnxs-simple.com/ Frame 8136 		0
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs-simple.com/it?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QLhBGxhAgAAAwDWAAUBCJLnh6IGEOj11rz8w_T3GRj_EQF4ASo2CZDZOL-8ONA_EULYE0Wnk8s_GQAAAAApXBRAIRESACkRJNgxAAAAgOtR8D8wkM2-CjiCYED2CEhbUIaCypUBWLGTkAFgAGiijqkBeKX3BYABAYoBA1VTRJIBAQb0NAGYAcACoAEyqAEDsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ01DTDJ4Y1FyUW892AIA4ALY1VvqAh9odHRwczovL3cxLmFyZXR1cm5lcnNtYWdpYy5jb20vgAMBiAMAkAMAmAMUoAMBqgMnGhUxODY4OTQzNDA0MzE2MzQzMDE2XzEqBDQxNzI6CDQ5NzI2OTEywAOsAsgDANgDAOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDzE4NS4yMTMuMTU1LjE4NKgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANoEAggB4AQA8ASGgsqVAfoEEgkAAADAzAxJQBEAAABAMzMhQIgFAZgFAKAFgJz32qeO6pduqgUQSEZIVk9KRzNVTUhPMzdMVMAFAMkFAAAhihTwP9IFCQkBCgEBNNgFAeAFAfAF-osY-gUEAYQokAYAmAYAuAYBwQYBITQAAPA_0Aa_8wHaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAel9wXSBw0VZQEmCNoHBgFeaBgA4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=1c8e4898edfa279e95663481640199ba68b2f378
Requested by
Host: ams3-ib.adnxs-simple.com
URL: https://ams3-ib.adnxs-simple.com/if?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QLoB2zoAwAAAwDWAAUBCJLnh6IGEOj11rz8w_T3GRj_EQF4ASo2CZDZOL-8ONA_EULYE0Wnk8s_GQAAAAApXBRAIRESACkRJNgxAAAAgOtR8D8wkM2-CjiCYED2CEhbUIaCypUBWLGTkAFgAGiijqkBeKX3BYABAYoBA1VTRJIBAQb0CAOYAcACoAEyqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ01DTDJ4Y1FyUW892AIA4ALY1VvqAh9odHRwczovL3cxLmFyZXR1cm5lcnNtYWdpYy5jb20v8gIsCgdFTkNfQ1BNEiFoWGdJTTVLdEphdmtMaF80LU1FNnMxSnhDY3BIaURhdjDyAr0CCgxFTkNfUlRCX0RBVEESrAIwelIxMk9PYVFaZjdYV1UyUkhkZVVHLS03V2dHaFdYbVMyRmRjRnZ4UWI5VUxOVTBLNzhSX3F5MC1wVS1JOENUdEI4YUdBYnU5eGFsWFBpa1FSeUx2Y21xQ1ZYa1ZLcjJPMFg5LVk1Smx1SGVTbzV1UXNKaEFhZXBSVHV4cWJrclRmU1FfXzYwcGpWekwydFNWRFo4V09zVVphOUtqQkM2TjF1clNJbXRRVEVlTEg3cWthXzVwRHlBODV5NVJLM2hKZy1zSjNmNmlFSnh6aUt6dGlQemd0MDk5QUw2WXp3Q0RVNkpqc1NSVDZFcDNoQlpzQmRHalhLdVhkYUVyVlh4akpZQ1BhYmlZanNXeFVCZTY3cDVzLU1rMzB6VUhEdEV1VmpDS0FnVFk5MDHyAgYKBEFESUTyAgsKCUNPT0tJRV9JRIADAYgDAJADAJgDFKADAaoDJxoVMTg2ODk0MzQwNDMxNjM0MzAxNl8xKgQ0MTcyOgg0OTcyNjkxMsADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8xODUuMjEzLjE1NS4xODSoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEhoLKlQH6BBIJAAAAwMwMSUARAAAAQDMzIUCIBQGYBQCgBYCc99qnjuqXbqoFEEhGSFZPSkczVU1ITzM3TFTABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX6ixj6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AGv_MB2gYWChAAAAAAAAAAAAAAAABhXnQQABgA4AYB8gYCCACABwGIBwCgBwHIB6X3BdIHDQkBIgEBASYM2gcGCAUJYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=a7c0630be50111dc076df95e7313444de197aeaf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ams3-ib.adnxs-simple.com/if?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QLoB2zoAwAAAwDWAAUBCJLnh6IGEOj11rz8w_T3GRj_EQF4ASo2CZDZOL-8ONA_EULYE0Wnk8s_GQAAAAApXBRAIRESACkRJNgxAAAAgOtR8D8wkM2-CjiCYED2CEhbUIaCypUBWLGTkAFgAGiijqkBeKX3BYABAYoBA1VTRJIBAQb0CAOYAcACoAEyqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ01DTDJ4Y1FyUW892AIA4ALY1VvqAh9odHRwczovL3cxLmFyZXR1cm5lcnNtYWdpYy5jb20v8gIsCgdFTkNfQ1BNEiFoWGdJTTVLdEphdmtMaF80LU1FNnMxSnhDY3BIaURhdjDyAr0CCgxFTkNfUlRCX0RBVEESrAIwelIxMk9PYVFaZjdYV1UyUkhkZVVHLS03V2dHaFdYbVMyRmRjRnZ4UWI5VUxOVTBLNzhSX3F5MC1wVS1JOENUdEI4YUdBYnU5eGFsWFBpa1FSeUx2Y21xQ1ZYa1ZLcjJPMFg5LVk1Smx1SGVTbzV1UXNKaEFhZXBSVHV4cWJrclRmU1FfXzYwcGpWekwydFNWRFo4V09zVVphOUtqQkM2TjF1clNJbXRRVEVlTEg3cWthXzVwRHlBODV5NVJLM2hKZy1zSjNmNmlFSnh6aUt6dGlQemd0MDk5QUw2WXp3Q0RVNkpqc1NSVDZFcDNoQlpzQmRHalhLdVhkYUVyVlh4akpZQ1BhYmlZanNXeFVCZTY3cDVzLU1rMzB6VUhEdEV1VmpDS0FnVFk5MDHyAgYKBEFESUTyAgsKCUNPT0tJRV9JRIADAYgDAJADAJgDFKADAaoDJxoVMTg2ODk0MzQwNDMxNjM0MzAxNl8xKgQ0MTcyOgg0OTcyNjkxMsADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8xODUuMjEzLjE1NS4xODSoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEhoLKlQH6BBIJAAAAwMwMSUARAAAAQDMzIUCIBQGYBQCgBYCc99qnjuqXbqoFEEhGSFZPSkczVU1ITzM3TFTABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX6ixj6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AGv_MB2gYWChAAAAAAAAAAAAAAAABhXnQQABgA4AYB8gYCCACABwGIBwCgBwHIB6X3BdIHDQkBIgEBASYM2gcGCAUJYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=a7c0630be50111dc076df95e7313444de197aeaf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:15 GMT
AN-X-Request-Uuid
3fb2ff6b-8771-400a-8789-c547de6485a8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs-simple.com/v/s/231/ Frame 8136 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs-simple.com/v/s/231/trk.js
Requested by
Host: ams3-ib.adnxs-simple.com
URL: https://ams3-ib.adnxs-simple.com/if?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QLoB2zoAwAAAwDWAAUBCJLnh6IGEOj11rz8w_T3GRj_EQF4ASo2CZDZOL-8ONA_EULYE0Wnk8s_GQAAAAApXBRAIRESACkRJNgxAAAAgOtR8D8wkM2-CjiCYED2CEhbUIaCypUBWLGTkAFgAGiijqkBeKX3BYABAYoBA1VTRJIBAQb0CAOYAcACoAEyqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ01DTDJ4Y1FyUW892AIA4ALY1VvqAh9odHRwczovL3cxLmFyZXR1cm5lcnNtYWdpYy5jb20v8gIsCgdFTkNfQ1BNEiFoWGdJTTVLdEphdmtMaF80LU1FNnMxSnhDY3BIaURhdjDyAr0CCgxFTkNfUlRCX0RBVEESrAIwelIxMk9PYVFaZjdYV1UyUkhkZVVHLS03V2dHaFdYbVMyRmRjRnZ4UWI5VUxOVTBLNzhSX3F5MC1wVS1JOENUdEI4YUdBYnU5eGFsWFBpa1FSeUx2Y21xQ1ZYa1ZLcjJPMFg5LVk1Smx1SGVTbzV1UXNKaEFhZXBSVHV4cWJrclRmU1FfXzYwcGpWekwydFNWRFo4V09zVVphOUtqQkM2TjF1clNJbXRRVEVlTEg3cWthXzVwRHlBODV5NVJLM2hKZy1zSjNmNmlFSnh6aUt6dGlQemd0MDk5QUw2WXp3Q0RVNkpqc1NSVDZFcDNoQlpzQmRHalhLdVhkYUVyVlh4akpZQ1BhYmlZanNXeFVCZTY3cDVzLU1rMzB6VUhEdEV1VmpDS0FnVFk5MDHyAgYKBEFESUTyAgsKCUNPT0tJRV9JRIADAYgDAJADAJgDFKADAaoDJxoVMTg2ODk0MzQwNDMxNjM0MzAxNl8xKgQ0MTcyOgg0OTcyNjkxMsADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8xODUuMjEzLjE1NS4xODSoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEhoLKlQH6BBIJAAAAwMwMSUARAAAAQDMzIUCIBQGYBQCgBYCc99qnjuqXbqoFEEhGSFZPSkczVU1ITzM3TFTABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX6ixj6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AGv_MB2gYWChAAAAAAAAAAAAAAAABhXnQQABgA4AYB8gYCCACABwGIBwCgBwHIB6X3BdIHDQkBIgEBASYM2gcGCAUJYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=a7c0630be50111dc076df95e7313444de197aeaf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ams3-ib.adnxs-simple.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
Thu, 30 Nov 2023 10:08:50 GMT
Date
Fri, 21 Apr 2023 02:23:15 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
12240866
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27455
X-Served-By
cache-lga21927-LGA, cache-fra-eddf8230090-FRA
Last-Modified
Wed, 30 Nov 2022 10:07:25 GMT
Server
AkamaiNetStorage
X-Timer
S1682043796.785323,VS0,VE0
ETag
"48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
12, 91153
adagio.js
script.4dex.io/ Frame C3C1 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:15 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1568572
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmpU%2BzRSjSWVozJAgk%2FyflJ%2FXf%2BFj3bkczTXnJjqaH38zIHdPu%2Fl0O%2Fs%2FjqZzPp6MCQX6gfcdgWle46wPD478oPy843j05KrziMfVQOftSi%2BC7TzPcgYrmWKv8OMjuQS5wIP8qqG%2FdR2MewJ"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7bb229fb2f623a7e-FRA
event
events.servenobids.com/ Frame 44D1 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.servenobids.com/event?cb=8793
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w1.areturnersmagic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Apr 2023 02:23:15 GMT
amp-access-control-allow-source-origin
*
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 8136 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=49726912;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.253463-hXgIM5KtJavkLh_4-ME6s1JxCcpHiDav0;rtbr=1868943404316343016_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fw1.areturnersmagic.com%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=0zR12OOaQZf7XWU2RHdeUG--7WgGhWXmS2FdcFvxQb9ULNU0K78R_qy0-pU-I8CTtB8aGAbu9xalXPikQRyLvcmqCVXkVKr2O0X9-Y5JluHeSo5uQsJhAaepRTuxqbkrTfSQ__60pjVzL2tSVDZ8WOsUZa9KjBC6N1urSImtQTEeLH7qka_5pDyA85y5RK3hJg-sJ3f6iEJxziKztiPzgt099AL6YzwCDU6JjsSRT6Ep3hBZsBdGjXKuXdaErVXxjJYCPabiYjsWxUBe67p5s-Mk30zUHDtEuVjCKAgTY901;rtbtest=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ae684e653cf5edc8bec110ff0669b6daa58f690d550735f98954697799f963da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ams3-ib.adnxs-simple.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:15 GMT
content-encoding
gzip
last-modified
Tue, 18 Apr 2023 08:19:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 19 Apr 2023 13:55:16 GMT
generate_204
tpc.googlesyndication.com/ Frame 091E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?R-KTZA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
track.adform.net/adfserve/ Frame 8136 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=49726912;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.253463-hXgIM5KtJavkLh_4-ME6s1JxCcpHiDav0;rtbr=1868943404316343016_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Fw1.areturnersmagic.com%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=0zR12OOaQZf7XWU2RHdeUG--7WgGhWXmS2FdcFvxQb9ULNU0K78R_qy0-pU-I8CTtB8aGAbu9xalXPikQRyLvcmqCVXkVKr2O0X9-Y5JluHeSo5uQsJhAaepRTuxqbkrTfSQ__60pjVzL2tSVDZ8WOsUZa9KjBC6N1urSImtQTEeLH7qka_5pDyA85y5RK3hJg-sJ3f6iEJxziKztiPzgt099AL6YzwCDU6JjsSRT6Ep3hBZsBdGjXKuXdaErVXxjJYCPabiYjsWxUBe67p5s-Mk30zUHDtEuVjCKAgTY901;rtbtest=0;js=1;adfxid=1x;2203;set=en-US|en-US|1600X1200|0|300|50|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fw1.areturnersmagic.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8a78b66026ecd874302cae87aecf97e39146e1536fa29e3de50ad0bd30158a4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ams3-ib.adnxs-simple.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2246
expires
-1
vevent
ams3-ib.adnxs-simple.com/ Frame 8136 		0
818 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs-simple.com/vevent?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QLhBGxhAgAAAwDWAAUBCJLnh6IGEOj11rz8w_T3GRj_EQF4ASo2CZDZOL-8ONA_EULYE0Wnk8s_GQAAAAApXBRAIRESACkRJNgxAAAAgOtR8D8wkM2-CjiCYED2CEhbUIaCypUBWLGTkAFgAGiijqkBeKX3BYABAYoBA1VTRJIBAQb0NAGYAcACoAEyqAEDsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ01DTDJ4Y1FyUW892AIA4ALY1VvqAh9odHRwczovL3cxLmFyZXR1cm5lcnNtYWdpYy5jb20vgAMBiAMAkAMAmAMUoAMBqgMnGhUxODY4OTQzNDA0MzE2MzQzMDE2XzEqBDQxNzI6CDQ5NzI2OTEywAOsAsgDANgDAOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDzE4NS4yMTMuMTU1LjE4NKgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANoEAggB4AQA8ASGgsqVAfoEEgkAAADAzAxJQBEAAABAMzMhQIgFAZgFAKAFgJz32qeO6pduqgUQSEZIVk9KRzNVTUhPMzdMVMAFAMkFAAAhihTwP9IFCQkBCgEBNNgFAeAFAfAF-osY-gUEAYQokAYAmAYAuAYBwQYBITQAAPA_0Aa_8wHaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAel9wXSBw0VZQEmCNoHBgFeaBgA4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=1c8e4898edfa279e95663481640199ba68b2f378&type=nv&nvt=5&jm=1003&px=0&py=0&bw=320&bh=50&sid=1477754021516414926&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21997200&sw=1600&sh=1200&pw=320&ph=50&ww=320&wh=50&ft=3
Requested by
Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ams3-ib.adnxs-simple.com/if?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QLoB2zoAwAAAwDWAAUBCJLnh6IGEOj11rz8w_T3GRj_EQF4ASo2CZDZOL-8ONA_EULYE0Wnk8s_GQAAAAApXBRAIRESACkRJNgxAAAAgOtR8D8wkM2-CjiCYED2CEhbUIaCypUBWLGTkAFgAGiijqkBeKX3BYABAYoBA1VTRJIBAQb0CAOYAcACoAEyqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ01DTDJ4Y1FyUW892AIA4ALY1VvqAh9odHRwczovL3cxLmFyZXR1cm5lcnNtYWdpYy5jb20v8gIsCgdFTkNfQ1BNEiFoWGdJTTVLdEphdmtMaF80LU1FNnMxSnhDY3BIaURhdjDyAr0CCgxFTkNfUlRCX0RBVEESrAIwelIxMk9PYVFaZjdYV1UyUkhkZVVHLS03V2dHaFdYbVMyRmRjRnZ4UWI5VUxOVTBLNzhSX3F5MC1wVS1JOENUdEI4YUdBYnU5eGFsWFBpa1FSeUx2Y21xQ1ZYa1ZLcjJPMFg5LVk1Smx1SGVTbzV1UXNKaEFhZXBSVHV4cWJrclRmU1FfXzYwcGpWekwydFNWRFo4V09zVVphOUtqQkM2TjF1clNJbXRRVEVlTEg3cWthXzVwRHlBODV5NVJLM2hKZy1zSjNmNmlFSnh6aUt6dGlQemd0MDk5QUw2WXp3Q0RVNkpqc1NSVDZFcDNoQlpzQmRHalhLdVhkYUVyVlh4akpZQ1BhYmlZanNXeFVCZTY3cDVzLU1rMzB6VUhEdEV1VmpDS0FnVFk5MDHyAgYKBEFESUTyAgsKCUNPT0tJRV9JRIADAYgDAJADAJgDFKADAaoDJxoVMTg2ODk0MzQwNDMxNjM0MzAxNl8xKgQ0MTcyOgg0OTcyNjkxMsADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8xODUuMjEzLjE1NS4xODSoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEhoLKlQH6BBIJAAAAwMwMSUARAAAAQDMzIUCIBQGYBQCgBYCc99qnjuqXbqoFEEhGSFZPSkczVU1ITzM3TFTABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX6ixj6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AGv_MB2gYWChAAAAAAAAAAAAAAAABhXnQQABgA4AYB8gYCCACABwGIBwCgBwHIB6X3BdIHDQkBIgEBASYM2gcGCAUJYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=a7c0630be50111dc076df95e7313444de197aeaf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:15 GMT
AN-X-Request-Uuid
8d2adddb-43f9-4201-9697-c63f8484e29a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ams3-ib.adnxs-simple.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 65A0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9946596979316&version=m202301230201&ct=119&x=1&cor=3596113751961143300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.228/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 8136 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.228/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ams3-ib.adnxs-simple.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
content-encoding
gzip
last-modified
Tue, 18 Apr 2023 08:19:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 19 Apr 2023 13:55:16 GMT
f
api.purpleads.io/x/v2/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/f?pid=e4270268c8ee4b41b0b05e68a351dabe&demand=unifiedPb&ts=1682043796052
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js?publisherId=a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

x-request-url
aHR0cHM6Ly93MS5hcmV0dXJuZXJzbWFnaWMuY29tLw==
accept-language
de-DE,de;q=0.9
Authorization
Bearer a0a2af53752676e6edef5683a4ed5bb6:2f77db1c9efd816ef885c3133c042d99e563215340589b4f0848176ec70892712b3de7f7c0f4f8fef394a56f09e3155ec94f72d78e071cedd6660e5b498e37ad
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://w1.areturnersmagic.com/
x-purpleads-version
2.0.1

Response headers

access-control-allow-origin
https://w1.areturnersmagic.com
date
Fri, 21 Apr 2023 02:23:16 GMT
access-control-expose-headers
pa-user-id
access-control-allow-credentials
true
x-api-version
0.47.5
pa-user-id
290244ad-a11d-440b-86c6-ff8cafe43175
x-request-id
ae0ef66f-0a6a-4f77-8d40-b3847a013116
f
api.purpleads.io/x/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/v2/f?pid=e4270268c8ee4b41b0b05e68a351dabe&demand=unifiedPb&ts=1682043796052
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.207.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-207-21.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://w1.areturnersmagic.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-origin
https://w1.areturnersmagic.com
access-control-expose-headers
pa-user-id
date
Fri, 21 Apr 2023 02:23:16 GMT
/
track.adform.net/csimpr/ Frame 8136 		35 B
598 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=49726912&csi=UtXoxlrZgX04em4RpKPugZCd_oHKEQns1m6R5DBYfmDZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ams3-ib.adnxs-simple.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://ams3-ib.adnxs-simple.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
vevent
ams3-ib.adnxs-simple.com/ Frame 8136 		0
818 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs-simple.com/vevent?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QLhBGxhAgAAAwDWAAUBCJLnh6IGEOj11rz8w_T3GRj_EQF4ASo2CZDZOL-8ONA_EULYE0Wnk8s_GQAAAAApXBRAIRESACkRJNgxAAAAgOtR8D8wkM2-CjiCYED2CEhbUIaCypUBWLGTkAFgAGiijqkBeKX3BYABAYoBA1VTRJIBAQb0NAGYAcACoAEyqAEDsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ01DTDJ4Y1FyUW892AIA4ALY1VvqAh9odHRwczovL3cxLmFyZXR1cm5lcnNtYWdpYy5jb20vgAMBiAMAkAMAmAMUoAMBqgMnGhUxODY4OTQzNDA0MzE2MzQzMDE2XzEqBDQxNzI6CDQ5NzI2OTEywAOsAsgDANgDAOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDzE4NS4yMTMuMTU1LjE4NKgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANoEAggB4AQA8ASGgsqVAfoEEgkAAADAzAxJQBEAAABAMzMhQIgFAZgFAKAFgJz32qeO6pduqgUQSEZIVk9KRzNVTUhPMzdMVMAFAMkFAAAhihTwP9IFCQkBCgEBNNgFAeAFAfAF-osY-gUEAYQokAYAmAYAuAYBwQYBITQAAPA_0Aa_8wHaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAel9wXSBw0VZQEmCNoHBgFeaBgA4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=1c8e4898edfa279e95663481640199ba68b2f378&type=nv&nvt=13&jm=1003|1015|1018|1008&px=0&py=0&bw=320&bh=50&sf=1&sid=1477754021516414926&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21997200&ft=3
Requested by
Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ams3-ib.adnxs-simple.com/if?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QLoB2zoAwAAAwDWAAUBCJLnh6IGEOj11rz8w_T3GRj_EQF4ASo2CZDZOL-8ONA_EULYE0Wnk8s_GQAAAAApXBRAIRESACkRJNgxAAAAgOtR8D8wkM2-CjiCYED2CEhbUIaCypUBWLGTkAFgAGiijqkBeKX3BYABAYoBA1VTRJIBAQb0CAOYAcACoAEyqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ01DTDJ4Y1FyUW892AIA4ALY1VvqAh9odHRwczovL3cxLmFyZXR1cm5lcnNtYWdpYy5jb20v8gIsCgdFTkNfQ1BNEiFoWGdJTTVLdEphdmtMaF80LU1FNnMxSnhDY3BIaURhdjDyAr0CCgxFTkNfUlRCX0RBVEESrAIwelIxMk9PYVFaZjdYV1UyUkhkZVVHLS03V2dHaFdYbVMyRmRjRnZ4UWI5VUxOVTBLNzhSX3F5MC1wVS1JOENUdEI4YUdBYnU5eGFsWFBpa1FSeUx2Y21xQ1ZYa1ZLcjJPMFg5LVk1Smx1SGVTbzV1UXNKaEFhZXBSVHV4cWJrclRmU1FfXzYwcGpWekwydFNWRFo4V09zVVphOUtqQkM2TjF1clNJbXRRVEVlTEg3cWthXzVwRHlBODV5NVJLM2hKZy1zSjNmNmlFSnh6aUt6dGlQemd0MDk5QUw2WXp3Q0RVNkpqc1NSVDZFcDNoQlpzQmRHalhLdVhkYUVyVlh4akpZQ1BhYmlZanNXeFVCZTY3cDVzLU1rMzB6VUhEdEV1VmpDS0FnVFk5MDHyAgYKBEFESUTyAgsKCUNPT0tJRV9JRIADAYgDAJADAJgDFKADAaoDJxoVMTg2ODk0MzQwNDMxNjM0MzAxNl8xKgQ0MTcyOgg0OTcyNjkxMsADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8xODUuMjEzLjE1NS4xODSoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEhoLKlQH6BBIJAAAAwMwMSUARAAAAQDMzIUCIBQGYBQCgBYCc99qnjuqXbqoFEEhGSFZPSkczVU1ITzM3TFTABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX6ixj6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AGv_MB2gYWChAAAAAAAAAAAAAAAABhXnQQABgA4AYB8gYCCACABwGIBwCgBwHIB6X3BdIHDQkBIgEBASYM2gcGCAUJYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=a7c0630be50111dc076df95e7313444de197aeaf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:16 GMT
AN-X-Request-Uuid
0481055c-5a82-47ed-b712-352430197b60
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ams3-ib.adnxs-simple.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
12660059.js
s1.adform.net/Banners/Elements/Files/2063239/12660059/ Frame 1081 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/12660059.js?ADFassetID=12660059&bv=258
Requested by
Host: w1.areturnersmagic.com
URL: https://w1.areturnersmagic.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
32bd00dfaa165754d48447d568a5e2c5d51523324f586f6d262f2edd066100eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ams3-ib.adnxs-simple.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
content-encoding
gzip
last-modified
Wed, 19 Apr 2023 07:53:32 GMT
server
nginx
x-amz-request-id
tx000003ea8b99ef3c2c887-006441b62a-3295d06f-default
etag
W/"dc845569006f4971cb4b1abeb83210e9"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
style.min.css
s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/ Frame 1081 		2 KB
915 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.228/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
265ae921bd2141deb192d83ab5748b4e373853c4b96429a217aba361538ba64e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ams3-ib.adnxs-simple.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
content-encoding
gzip
last-modified
Wed, 19 Apr 2023 07:53:32 GMT
server
nginx
x-amz-request-id
tx0000080b482ac930e5aec-006441b62a-32957f68-default
etag
W/"9bfaf6a6927d5057f3129a5f51754a6d"
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 1081 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.228/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ams3-ib.adnxs-simple.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Apr 2023 02:23:16 GMT
confetti.min.js
s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/ Frame 1081 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/confetti.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.228/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
35a38464bc2a2d43f91b6cb7317c9db593aec20a89ad9753436e3d52522b0ffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ams3-ib.adnxs-simple.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
content-encoding
gzip
last-modified
Wed, 19 Apr 2023 07:53:32 GMT
server
nginx
x-amz-request-id
tx00000dd64c2650e9d956c-006441b62a-32950a8f-default
etag
W/"a1cd43b1bc2a245692b6310914e08b59"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
script.min.js
s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/ Frame 1081 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/script.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.228/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
45b77d332cb64026f6eb848cafa32d02df0835e7a7f22b90622fdad6ed5ae64f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ams3-ib.adnxs-simple.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
content-encoding
gzip
last-modified
Wed, 19 Apr 2023 07:53:32 GMT
server
nginx
x-amz-request-id
tx00000ff20c23102db0cfe-006441b62a-3295a825-default
etag
W/"cd04f2e455f4e010fd875c74a35f0e80"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 1081 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.228/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ams3-ib.adnxs-simple.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000a37373505363f9f8-0063766185-329354d9-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
logo.png
s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/ Frame 1081 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/logo.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
287cfccc2b3c2f1184c1b4254b9d2bacddd2b7323765443f4974407f95e43c13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
last-modified
Wed, 19 Apr 2023 07:53:32 GMT
server
nginx
x-amz-request-id
tx0000043b918624afc7e63-006441b5ee-3295d06f-default
etag
"b29743d739f56478655516e1e771cbcc"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4002
headline.png
s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/ Frame 1081 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/headline.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c5761dafe6ae213e252af719930969ad90e23be2e30a9c54d49e94e98bdbd372

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
last-modified
Wed, 19 Apr 2023 07:53:32 GMT
server
nginx
x-amz-request-id
tx000006c86228e02765e9b-006441b62b-3295d04c-default
etag
"45bfa20718df717e99d8f9819c3f179b"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
8976
bulli.png
s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/ Frame 1081 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/bulli.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3bf204c2d3d25a2ce7cced9fc181bbdedb36a6f8d57419d75172993bb153efcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
last-modified
Wed, 19 Apr 2023 07:53:32 GMT
server
nginx
x-amz-request-id
tx000005d774e6d11a01a9f-006441b62b-32950a49-default
etag
"4db1f5bad782e12df8ec01b87471fcfc"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10274
text.png
s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/ Frame 1081 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/text.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3823b27c053072320e706f5fe60a6265104a7d43f1ae9efcbad2246a00e9232f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
last-modified
Wed, 19 Apr 2023 07:53:32 GMT
server
nginx
x-amz-request-id
tx0000099845a539a7d814b-006441b62b-32950a49-default
etag
"ad12a1590d8072c8d7357426ecf190d6"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7056
kai.png
s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/ Frame 1081 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/kai.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0aaa0f6f2544a36e015cd3af2a59d1b9c37a16ec90607f8f1ef32bc579260619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
last-modified
Wed, 19 Apr 2023 07:53:32 GMT
server
nginx
x-amz-request-id
tx00000211ba42736fe0d87-006441b62b-32950a8f-default
etag
"ede23244a4f59cf2c15027c0732e2839"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11095
cta.png
s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/ Frame 1081 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/cta.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ba56cd020246afe10f0e6e03a8612b3f054ed5961894fa3d901c1e470e287e6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
last-modified
Wed, 19 Apr 2023 07:53:32 GMT
server
nginx
x-amz-request-id
tx000006c57e58bcbe07432-006441b62b-32950a8f-default
etag
"a561628d762ac0de241e9178f8ed34e5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1823
background.jpg
s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/ Frame 1081 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/background.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
83e4b2ee16bd0cc38efd27d6887c1ec9058788497ca870997c22049c11752bb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
last-modified
Wed, 19 Apr 2023 07:53:32 GMT
server
nginx
x-amz-request-id
tx0000095f670c774f51588-006441b62b-32950a8f-default
etag
"a8c0b9bdd80ee8c504f7a44bb4a1d7e8"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
22558
butterfly-1-sprite.png
s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/ Frame 1081 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/butterfly-1-sprite.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
415976471a7f5e1b6100f6758067c4b666a7d4bbcab5e57439ca63474df5e3c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
last-modified
Wed, 19 Apr 2023 07:53:32 GMT
server
nginx
x-amz-request-id
tx00000f0cb847f3fa5547c-006441b62b-32950a49-default
etag
"cafedf5882c3f4a5884aff9073549254"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3736
butterfly-2-1.png
s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/ Frame 1081 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/butterfly-2-1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
784631f4bb25d6da9ebb43bd821b756c06fadcd59afc90a11f97c16679e59523

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
last-modified
Wed, 19 Apr 2023 07:53:32 GMT
server
nginx
x-amz-request-id
tx0000072104078c9b24b38-006441b62b-32957f68-default
etag
"25e79bb3cea28d5ecfd18ddf1e9edf54"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1664
butterfly-2-2.png
s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/ Frame 1081 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/butterfly-2-2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d9353b2b548608565fbdaf8b98cd1b5fdd0dd4c711a7c9a49243b65d9581ebf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
last-modified
Wed, 19 Apr 2023 07:53:32 GMT
server
nginx
x-amz-request-id
tx00000ae09dc455a93fc4c-006441b62b-3295d06f-default
etag
"709e1711585504dedfc6c90514e51140"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1923
text-2.png
s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/ Frame 1081 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/text-2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
69428e37364c874e9b333c3d09bc6e7b98d64aabc34e8f953735b25d550c1b0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
last-modified
Wed, 19 Apr 2023 07:53:32 GMT
server
nginx
x-amz-request-id
tx0000085ad365646e20b84-006441b62b-3295d04c-default
etag
"1ea512fdd6d27e9a825eb32e8ef3876a"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2254
text-2-daysleft-7.png
s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/ Frame 1081 		770 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2063239/12660059/bvpath_258/text-2-daysleft-7.png
Requested by
Host: ams3-ib.adnxs-simple.com
URL: https://ams3-ib.adnxs-simple.com/if?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QLoB2zoAwAAAwDWAAUBCJLnh6IGEOj11rz8w_T3GRj_EQF4ASo2CZDZOL-8ONA_EULYE0Wnk8s_GQAAAAApXBRAIRESACkRJNgxAAAAgOtR8D8wkM2-CjiCYED2CEhbUIaCypUBWLGTkAFgAGiijqkBeKX3BYABAYoBA1VTRJIBAQb0CAOYAcACoAEyqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ01DTDJ4Y1FyUW892AIA4ALY1VvqAh9odHRwczovL3cxLmFyZXR1cm5lcnNtYWdpYy5jb20v8gIsCgdFTkNfQ1BNEiFoWGdJTTVLdEphdmtMaF80LU1FNnMxSnhDY3BIaURhdjDyAr0CCgxFTkNfUlRCX0RBVEESrAIwelIxMk9PYVFaZjdYV1UyUkhkZVVHLS03V2dHaFdYbVMyRmRjRnZ4UWI5VUxOVTBLNzhSX3F5MC1wVS1JOENUdEI4YUdBYnU5eGFsWFBpa1FSeUx2Y21xQ1ZYa1ZLcjJPMFg5LVk1Smx1SGVTbzV1UXNKaEFhZXBSVHV4cWJrclRmU1FfXzYwcGpWekwydFNWRFo4V09zVVphOUtqQkM2TjF1clNJbXRRVEVlTEg3cWthXzVwRHlBODV5NVJLM2hKZy1zSjNmNmlFSnh6aUt6dGlQemd0MDk5QUw2WXp3Q0RVNkpqc1NSVDZFcDNoQlpzQmRHalhLdVhkYUVyVlh4akpZQ1BhYmlZanNXeFVCZTY3cDVzLU1rMzB6VUhEdEV1VmpDS0FnVFk5MDHyAgYKBEFESUTyAgsKCUNPT0tJRV9JRIADAYgDAJADAJgDFKADAaoDJxoVMTg2ODk0MzQwNDMxNjM0MzAxNl8xKgQ0MTcyOgg0OTcyNjkxMsADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8xODUuMjEzLjE1NS4xODSoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEhoLKlQH6BBIJAAAAwMwMSUARAAAAQDMzIUCIBQGYBQCgBYCc99qnjuqXbqoFEEhGSFZPSkczVU1ITzM3TFTABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX6ixj6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AGv_MB2gYWChAAAAAAAAAAAAAAAABhXnQQABgA4AYB8gYCCACABwGIBwCgBwHIB6X3BdIHDQkBIgEBASYM2gcGCAUJYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=a7c0630be50111dc076df95e7313444de197aeaf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0e95983c7e24ca259f53f088590ff63b69121d5d41d002b52f6c3035ad9d49c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ams3-ib.adnxs-simple.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:16 GMT
last-modified
Wed, 19 Apr 2023 07:53:32 GMT
server
nginx
x-amz-request-id
tx0000036dc49e0157bb651-006441b5ee-32957f68-default
etag
"19fdbbdb430303e4e8dedc47dfbafbcf"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
770
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230418&jk=432858823415047&bg=!t7SltODNAAYfNdXmPzU7ADkAdvg8Wr3EeNyu3NDk3Womtlkm04roTeIr4TUZczLDn5YrdSNjPzVk8bUkDsL8gEzMaKgwtfY3me8CAAAAtlIAAAADaAEHCgArBcucLeZVA86axYKUtC5codz0azM4yBP1_IaWk-rD9kEKiSKvIaVC6DtNjJkC5HyBUkEBAMNcKVZ0wiSHUDHZIIvYqo9oZKp7NIVOsyJZ_SJZ4l6ckK9xFDhzCvEma3rWx9WlE8xAa1WinIezUvrqWwMy40xkK4wEbqRin96JvleFp8y8Jhp4YsALnd5AmWpYhyIj69sWhWoSNDQ_S8B6ET1_1vxltu-AaC6gj_ShAQN19DnqKFM6EfEGqANH8vgu3UNWND12-lOjENDIx9UCjwm199tKkLvak4SZ0P3o3FxUc5X3L3OFWJdPR2ays7ibNWDNomI5L20QD6WhFkB2Jc3h46Uw5iMkh4hyCpuUh1oeh8MUFWMi8MEa1BRbMsrMH0DQukvV5Q5PNDGzH8YoZGqYIFgpslD7EJIIm_aFbbZE2Arkh5JE_2ekDEFW44nHaX-SvSspjst9AtRzHyPQMJX4QU5Ow5STBsfQ6vJl61heYYi2p_TYJmWGjepZPV40LPoPDSNt8pcRIOYy_C9au74BeTzCfZ9UsEksDKjilfqS2svkbjRJFS06uAhgaGoO7TNPbvstCkF6lFzFjLThqLAXZ1W17t1AuwpFpUzK_IZklByU9M1pNqOREOyiKGKrCM2tZStBurqRJV4vCU2s0dxQM8_rtN3pwHbPSyupdgHvbsRn2qsc2gIBj_b9spWyFm-g3iZlekICWpc7Z9AluiLVJr1Bx4Be4JM-L7SFUX2im1PXwl64O-3w_-It51wYsPJYYOobH4Z4y3DHdpt8e2b0Nkft6406yv453lplKa1T_dX0fQI8qZ5DX4YWKNIpY7iqiQZpeoXys__4VpuB8Zi3SNsc5F4zwa1NmeRUbJeoHEQCgkBtrNGVTSihr8WX76W4bex807f4EiPXjFh1bkrB4UJVx4ymwZOcJAwsKtDOmpKbpAl58Sq3CxBTb6V7Ql0kbqHW8x2WVHF2Mt-pt4BhTbbqvB3RlVdeVagInd9vdt0Hvic82I1yWQfCqdkpqhcCv9-zfU1qrEDTrod9EtBh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
vevent
ams3-ib.adnxs-simple.com/ Frame 8136 		0
818 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs-simple.com/vevent?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QLhBGxhAgAAAwDWAAUBCJLnh6IGEOj11rz8w_T3GRj_EQF4ASo2CZDZOL-8ONA_EULYE0Wnk8s_GQAAAAApXBRAIRESACkRJNgxAAAAgOtR8D8wkM2-CjiCYED2CEhbUIaCypUBWLGTkAFgAGiijqkBeKX3BYABAYoBA1VTRJIBAQb0NAGYAcACoAEyqAEDsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ01DTDJ4Y1FyUW892AIA4ALY1VvqAh9odHRwczovL3cxLmFyZXR1cm5lcnNtYWdpYy5jb20vgAMBiAMAkAMAmAMUoAMBqgMnGhUxODY4OTQzNDA0MzE2MzQzMDE2XzEqBDQxNzI6CDQ5NzI2OTEywAOsAsgDANgDAOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEDzE4NS4yMTMuMTU1LjE4NKgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANoEAggB4AQA8ASGgsqVAfoEEgkAAADAzAxJQBEAAABAMzMhQIgFAZgFAKAFgJz32qeO6pduqgUQSEZIVk9KRzNVTUhPMzdMVMAFAMkFAAAhihTwP9IFCQkBCgEBNNgFAeAFAfAF-osY-gUEAYQokAYAmAYAuAYBwQYBITQAAPA_0Aa_8wHaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAel9wXSBw0VZQEmCNoHBgFeaBgA4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=1c8e4898edfa279e95663481640199ba68b2f378&type=pv&jm=1003|1015|1018|1008&px=0&py=0&bw=320&bh=50&sf=1&sid=1477754021516414926&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21997200&ft=3
Requested by
Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/231/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ams3-ib.adnxs-simple.com/if?an_audit=0&referrer=https%3A%2F%2Fw1.areturnersmagic.com%2F&e=wqT_3QLoB2zoAwAAAwDWAAUBCJLnh6IGEOj11rz8w_T3GRj_EQF4ASo2CZDZOL-8ONA_EULYE0Wnk8s_GQAAAAApXBRAIRESACkRJNgxAAAAgOtR8D8wkM2-CjiCYED2CEhbUIaCypUBWLGTkAFgAGiijqkBeKX3BYABAYoBA1VTRJIBAQb0CAOYAcACoAEyqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA8AEAkgIMQ01DTDJ4Y1FyUW892AIA4ALY1VvqAh9odHRwczovL3cxLmFyZXR1cm5lcnNtYWdpYy5jb20v8gIsCgdFTkNfQ1BNEiFoWGdJTTVLdEphdmtMaF80LU1FNnMxSnhDY3BIaURhdjDyAr0CCgxFTkNfUlRCX0RBVEESrAIwelIxMk9PYVFaZjdYV1UyUkhkZVVHLS03V2dHaFdYbVMyRmRjRnZ4UWI5VUxOVTBLNzhSX3F5MC1wVS1JOENUdEI4YUdBYnU5eGFsWFBpa1FSeUx2Y21xQ1ZYa1ZLcjJPMFg5LVk1Smx1SGVTbzV1UXNKaEFhZXBSVHV4cWJrclRmU1FfXzYwcGpWekwydFNWRFo4V09zVVphOUtqQkM2TjF1clNJbXRRVEVlTEg3cWthXzVwRHlBODV5NVJLM2hKZy1zSjNmNmlFSnh6aUt6dGlQemd0MDk5QUw2WXp3Q0RVNkpqc1NSVDZFcDNoQlpzQmRHalhLdVhkYUVyVlh4akpZQ1BhYmlZanNXeFVCZTY3cDVzLU1rMzB6VUhEdEV1VmpDS0FnVFk5MDHyAgYKBEFESUTyAgsKCUNPT0tJRV9JRIADAYgDAJADAJgDFKADAaoDJxoVMTg2ODk0MzQwNDMxNjM0MzAxNl8xKgQ0MTcyOgg0OTcyNjkxMsADrALIAwDYAwDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8xODUuMjEzLjE1NS4xODSoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEhoLKlQH6BBIJAAAAwMwMSUARAAAAQDMzIUCIBQGYBQCgBYCc99qnjuqXbqoFEEhGSFZPSkczVU1ITzM3TFTABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX6ixj6BQQIABAAkAYAmAYAuAYBwQYAAAAAAADwP9AGv_MB2gYWChAAAAAAAAAAAAAAAABhXnQQABgA4AYB8gYCCACABwGIBwCgBwHIB6X3BdIHDQkBIgEBASYM2gcGCAUJYOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAE.&s=a7c0630be50111dc076df95e7313444de197aeaf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:17 GMT
AN-X-Request-Uuid
233f4616-631e-4d4a-999f-a8969ae8de55
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ams3-ib.adnxs-simple.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/Serving/Event/ Frame 8136 		35 B
598 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=49726912&event=178&time=2&baid=58177898&name=Viewable%20impressions&imprid=391725796971997891&icid=0&eData=UtXoxlrZgX2_2yYtOcWB7D2QWXXvKuCbumjmAI-8sjxo4kOyoBiwbg2&rtbdata=0zR12OOaQZf7XWU2RHdeUG--7WgGhWXmS2FdcFvxQb9ULNU0K78R_qy0-pU-I8CTtB8aGAbu9xalXPikQRyLvcmqCVXkVKr2O0X9-Y5JluHeSo5uQsJhAaepRTuxqbkrTfSQ__60pjVzL2tSVDZ8WOsUZa9KjBC6N1urSImtQTEeLH7qka_5pDyA85y5RK3hJg-sJ3f6iEJxziKztiPzgt099AL6YzwCDU6JjsSRT6Ep3hBZsBdGjXKuXdaErVXxjJYCPabiYjsWxUBe67p5s-Mk30zUHDtEuVjCKAgTY901&rtbwp=0.253463-hXgIM5KtJavkLh_4-ME6s1JxCcpHiDav0&rnd=145968981
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ams3-ib.adnxs-simple.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://ams3-ib.adnxs-simple.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 8136 		35 B
598 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@49726912,391725796971997891,100|1201|0|0|0|0|0|0|0||10|1|||||1|0|0|H6i54mbqb07i5nP9TebYOumn3tQYot-A0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ams3-ib.adnxs-simple.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://ams3-ib.adnxs-simple.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
sync.html
public.servenobid.com/ Frame CDBF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35937
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 20 Apr 2023 16:24:22 GMT
etag
W/"fd0102e5847015626666169917857ba8"
last-modified
Wed, 12 Apr 2023 16:16:50 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-id
77_8I1feBQWq6maEJeCiD6iss1i-weSehSNuXVJ4-VJWpZdRGYS3ww==
x-amz-cf-pop
FRA60-P4
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b4af218c-2bc9-4531-9210-521693d9d5d7
x-amz-meta-codebuild-content-md5
9cec9a15b660da7393081e2fc6c34731
x-amz-meta-codebuild-content-sha256
8e6d48a695640d90e0623cd4e573f94721be8c1becd249758c7df42fcffde7be
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
iframe
cs.admanmedia.com/ Frame 231D 		9 B
175 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
nginx
Transfer-Encoding
chunked
isyn
prebid.a-mo.net/ Frame BC40 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Fri, 21 Apr 2023 02:23:17 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
usync.html
u.4dex.io/ Frame 27B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
date
Fri, 21 Apr 2023 02:23:18 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
prebid
b1h-euc1.zemanta.com/usersync/ Frame 5D70 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
sync.html
public.servenobid.com/ Frame 832D 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35937
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 20 Apr 2023 16:24:22 GMT
etag
W/"fd0102e5847015626666169917857ba8"
last-modified
Wed, 12 Apr 2023 16:16:50 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-id
glP7ye8rH9vJSahUlKgRbtMtstufF3rIYlVJBjSnuxQN46rCjatrog==
x-amz-cf-pop
FRA60-P4
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b4af218c-2bc9-4531-9210-521693d9d5d7
x-amz-meta-codebuild-content-md5
9cec9a15b660da7393081e2fc6c34731
x-amz-meta-codebuild-content-sha256
8e6d48a695640d90e0623cd4e573f94721be8c1becd249758c7df42fcffde7be
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
usync.html
u.4dex.io/ Frame 004C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
date
Fri, 21 Apr 2023 02:23:18 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
isyn
prebid.a-mo.net/ Frame 56FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Fri, 21 Apr 2023 02:23:17 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
iframe
cs.admanmedia.com/ Frame 3BB8 		9 B
175 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
nginx
Transfer-Encoding
chunked
prebid
b1h-euc1.zemanta.com/usersync/ Frame EC78 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
13926
g2.gumgum.com/usync/ Frame 1632 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.131.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-131-240.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7068e85fcc443aaec462de592bb3ec8df53c1c5cd62c9ffba5a28f7aa9a373cb

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 21 Apr 2023 02:23:18 GMT
etag
W/"0594040d650a958fed71d6c8fc3d90c21"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 31C1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame EA4C 		908 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
840d3b712b57fb87993f169ca4208bb83203bbedb0279af6e2fe82e7af22fcfc

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
908
content-type
text/html
date
Fri, 21 Apr 2023 02:23:17 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3331 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
520e481c9bd3ff897feadd712223ec8ea40f04f9df315875326b85f4b8e919a6

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1633
Content-Type
text/html
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame AE95
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Apr 2023 02:23:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 21 Apr 2023 02:23:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B500 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=109058
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 21 Apr 2023 02:23:18 GMT
expires
Sat, 22 Apr 2023 08:40:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame B483 		0
486 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Fri, 21 Apr 2023 02:23:18 GMT
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-id
bIxOSxbJG7ZILrEvDBaTz9omNvExFMKykfO0GOS1UWHALxSloZTgdQ==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame 8AFD 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Fri, 21 Apr 2023 02:23:18 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame D352 		0
328 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.232.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-232-227.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Fri, 21 Apr 2023 02:23:18 GMT
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame CDBF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=8050298250324130712
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=8050298250324130712
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c179e379-c14d-40c9-90ca-a53459080787
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=8050298250324130712
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame CDBF
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=Gg_PBRZHWFoMXVVeRg6IaUXq
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=Gg_PBRZHWFoMXVVeRg6IaUXq
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:19 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
pod
X-Sovrn-Pod: ad_ap1sfo1
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ads.servenobid.com/sync?pid=310&uid=Gg_PBRZHWFoMXVVeRg6IaUXq
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame CDBF 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.210 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 21 Apr 2023 02:23:18 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame CDBF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1682043798231
  • https://ad.turn.com/r/cs?pid=45&rndcb=1326383954
  • https://sync.1rx.io/usersync/turn/8220005729464306150?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-75d26934-3ab2-4de3-99fe-6acff3930063-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-75d26934-3ab2-4de3-99fe-6acff3930063-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-75d26934-3ab2-4de3-99fe-6acff3930063-003
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-75d26934-3ab2-4de3-99fe-6acff3930063-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-75d26934-3ab2-4de3-99fe-6acff3930063-003
date
Fri, 21 Apr 2023 02:23:18 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX75d269343ab24de399fe6acff3930063003
content-type
text/html
sync
ads.servenobid.com/ Frame CDBF
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5141210824615635945
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5141210824615635945
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5141210824615635945
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame CDBF 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-122
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame CDBF
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=ad22211f-4d5d-409f-b9ce-cde2f910b27e&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=ad22211f-4d5d-409f-b9ce-cde2f910b27e&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=ad22211f-4d5d-409f-b9ce-cde2f910b27e&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Fri, 21 Apr 2023 02:23:17 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame CDBF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
date
Fri, 21 Apr 2023 02:23:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame CDBF
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-46cf9b49-311b-3ac6-a4bd-3551c1aeedf9
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-46cf9b49-311b-3ac6-a4bd-3551c1aeedf9
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-46cf9b49-311b-3ac6-a4bd-3551c1aeedf9
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame CDBF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
date
Fri, 21 Apr 2023 02:23:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame CDBF 		0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.204.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-204-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
sync
ads.servenobid.com/ Frame CDBF
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 21 Apr 2023 02:23:18 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Fri, 21 Apr 2023 02:23:18 GMT
13926
g2.gumgum.com/usync/ Frame CE12 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.131.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-131-240.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
394123c1a846663576ee5a567ad87b9b244e114e88e48142554978e50d27276f

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 21 Apr 2023 02:23:18 GMT
etag
W/"0b20ba3ce1ab557126048ae50f7e42e8f"
server
nginx
timing-allow-origin
*
sync
ads.servenobid.com/ Frame 832D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=8050298250324130712
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=8050298250324130712
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
08dad55e-85c5-41fe-94ae-151c69341662
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=8050298250324130712
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 832D
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=Gg_PBRZHWFoMXVVeRg6IaUXq
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=Gg_PBRZHWFoMXVVeRg6IaUXq
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:19 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
pod
X-Sovrn-Pod: ad_ap1sfo1
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ads.servenobid.com/sync?pid=310&uid=Gg_PBRZHWFoMXVVeRg6IaUXq
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 832D 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.210 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 21 Apr 2023 02:23:18 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
onetag-sys.com/usync/ Frame EAB7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 9E02 		927 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
0b53212d372536f9884e925b7c39b857c66354fdb0d8a147c0d074d6caba85de

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
927
content-type
text/html
date
Fri, 21 Apr 2023 02:23:17 GMT
sync
ads.servenobid.com/ Frame 832D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1682043798231
  • https://ad.turn.com/r/cs?pid=45&rndcb=5125017084
  • https://sync.1rx.io/usersync/turn/8147948135426378214?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-75d26934-3ab2-4de3-99fe-6acff3930063-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-75d26934-3ab2-4de3-99fe-6acff3930063-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-75d26934-3ab2-4de3-99fe-6acff3930063-003
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-75d26934-3ab2-4de3-99fe-6acff3930063-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-75d26934-3ab2-4de3-99fe-6acff3930063-003
date
Fri, 21 Apr 2023 02:23:18 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX75d269343ab24de399fe6acff3930063003
content-type
text/html
sync
ads.servenobid.com/ Frame 832D
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5108559727352024827
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5108559727352024827
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5108559727352024827
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 832D 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-60
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 832D
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=6d97e152-fa54-4135-ae29-15cdec4c8a7a&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=6d97e152-fa54-4135-ae29-15cdec4c8a7a&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=6d97e152-fa54-4135-ae29-15cdec4c8a7a&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Fri, 21 Apr 2023 02:23:17 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame F3FA 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
155b08bca07a71772adbb6450b4262ba1bc3a96557c10a489f86c6ef288106a2

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1839
Content-Type
text/html
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sync
ads.servenobid.com/ Frame 832D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
date
Fri, 21 Apr 2023 02:23:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 832D
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-46cf9b49-311b-3ac6-a4bd-3551c1aeedf9
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-46cf9b49-311b-3ac6-a4bd-3551c1aeedf9
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-46cf9b49-311b-3ac6-a4bd-3551c1aeedf9
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 832D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
date
Fri, 21 Apr 2023 02:23:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.html
eus.rubiconproject.com/ Frame FA1B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Apr 2023 02:23:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 21 Apr 2023 02:23:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 91C8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=109058
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 21 Apr 2023 02:23:18 GMT
expires
Sat, 22 Apr 2023 08:40:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 7439 		0
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Fri, 21 Apr 2023 02:23:18 GMT
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-id
o4XLT7mlkT3ALTV7CEeeHAGZKMZOeSR6exxxDPJi7XnbLLd6Ed-i7w==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
v1
match.sharethrough.com/universal/ Frame 832D 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.204.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-204-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
user-sync
sync.adkernel.com/ Frame 417C 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Fri, 21 Apr 2023 02:23:18 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 9E15 		0
329 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.232.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-232-227.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Fri, 21 Apr 2023 02:23:18 GMT
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame 832D
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 21 Apr 2023 02:23:18 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Fri, 21 Apr 2023 02:23:18 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 91C8 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60373221&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8878534410f0f7228783159c419aba71d3cb2d5f6c7434df102b41c1623ca1b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 02:23:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
casale
match.adsrvr.org/track/cmf/ Frame 3331 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 3331
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0ZGPG8M3R6YA954GCTDC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BRVTXT1J7B54VRST5P1V
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 3331
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKMkE5kfFAnDUkHiFiQJjEM&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKMkE5kfFAnDUkHiFiQJjEM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKMkE5kfFAnDUkHiFiQJjEM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3331
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8050298250324130712
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8050298250324130712
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
51caa333-a23c-4339-932f-c5ffb42f711b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8050298250324130712
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 3331 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 3331
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FchxLFIcWfpANv6Kax1VXLnVm7g
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FchxLFIcWfpANv6Kax1VXLnVm7g
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=FchxLFIcWfpANv6Kax1VXLnVm7g
Date
Fri, 21 Apr 2023 02:23:18 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 3331
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAJyU7Ig-cAACBhh8JlWA&expiration=1683253398
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAJyU7Ig-cAACBhh8JlWA&expiration=1683253398
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAJyU7Ig-cAACBhh8JlWA&expiration=1683253398
Date
Fri, 21 Apr 2023 02:23:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 3331
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5a37ae79-79de-4c28-ae67-cf65837b5ac6&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5a37ae79-79de-4c28-ae67-cf65837b5ac6&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=5a37ae79-79de-4c28-ae67-cf65837b5ac6&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 21 Apr 2023 02:23:18 GMT
server
_
content-length
0
sync
ads.servenobid.com/ Frame 3331 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
casale
match.adsrvr.org/track/cmf/ Frame F3FA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame F3FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKMkE5kfFAnDUkHiFiQJjEM&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKMkE5kfFAnDUkHiFiQJjEM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKMkE5kfFAnDUkHiFiQJjEM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F3FA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2HX9487SP8H7JNZ7TY61
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
531P6E5KMFYQAZEAFDMX
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F3FA
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8050298250324130712
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8050298250324130712
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
22abd9f9-e23c-4b3a-a43f-95aff3ef1c5c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8050298250324130712
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame F3FA
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZEHzkhMcP3YRf1lKMzVnVgAA%263379?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZEHzkhMcP3YRf1lKMzVnVgAA%263379
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZEHzkhMcP3YRf1lKMzVnVgAA%263379
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v047-0dae74ffb.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3gpfpVKUR8M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v047-04acc5c01.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
C5a/iafjT8Q=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZEHzkhMcP3YRf1lKMzVnVgAA%263379
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame F3FA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Fx34wybq1PPGqG5
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Fx34wybq1PPGqG5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-05e7e34dc077f730b@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Fx34wybq1PPGqG5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F3FA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=806a6441-f396-4e00-9c23-98884f7ad3b2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=806a6441-f396-4e00-9c23-98884f7ad3b2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
MT3 830 785530e master zrh-pixel-x4 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=806a6441-f396-4e00-9c23-98884f7ad3b2
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 21 Apr 2023 02:23:17 GMT
crum
dsum.casalemedia.com/ Frame F3FA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8050298250324130712
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8050298250324130712
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
988dda24-456b-46d4-b5ff-51f28b94d4b9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8050298250324130712
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame F3FA 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame AE95 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ea45750e48aca6928fa67bea991b9628d34d526f124a9eb15886e2404fe4b310

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2023 02:16:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85970
Connection
keep-alive
Content-Length
10019
Expires
Sat, 22 Apr 2023 02:16:08 GMT
usync.js
eus.rubiconproject.com/ Frame FA1B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ea45750e48aca6928fa67bea991b9628d34d526f124a9eb15886e2404fe4b310

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2023 02:16:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85970
Connection
keep-alive
Content-Length
10019
Expires
Sat, 22 Apr 2023 02:16:08 GMT
usersync
usersync.gumgum.com/ Frame 1632
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=8050298250324130712
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=8050298250324130712
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
87d8d7a4-a996-4c07-b48c-3f66086fc4a0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=8050298250324130712
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 1632
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_f1445ce8-5926-49a7-8384-c4e8704c240b&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_f1445ce8-5926-49a7-8384-c4e8704c240b&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=d7f22cd6-9814-41d6-9ec2-3d0cd10c51d2&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=&gdpr_consent=&us_privacy=
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 1632
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28ChmkBvZq_hQCCaZZIlrkm3N2-y3EFlE4Si9SaXtDXZSsUiG1_zdFPs3HI98ADltH%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&obuid=ENC(ChmkBvZq_hQCCaZZIlrkm3N2-y3EFlE4Si9SaXtDXZSsUiG1_zdFPs3HI98ADltH)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D...
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DTDSROIna5PfB6OpPFFm_-k5aPO-2kn86g76X6FB2Da4OG2tHn4fRMe7DBYb-QKbi%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:19 GMT
content-length
0

Redirect headers

Location
https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DTDSROIna5PfB6OpPFFm_-k5aPO-2kn86g76X6FB2Da4OG2tHn4fRMe7DBYb-QKbi%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform
Date
Fri, 21 Apr 2023 02:23:19 GMT
X-TraceId
f4b9f1b2635365175a93bf6e9df4ee04
Content-Length
0
usersync
usersync.gumgum.com/ Frame 1632
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=e2b92dbc-78b0-4d07-b7f0-70bae5c3c462
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=e2b92dbc-78b0-4d07-b7f0-70bae5c3c462
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 21 Apr 2023 02:23:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=e2b92dbc-78b0-4d07-b7f0-70bae5c3c462
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 1632
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-15c8712c-521c-59fa-4036-fe8a6b1d555c$ip$185.213.155.184
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-15c8712c-521c-59fa-4036-fe8a6b1d555c$ip$185.213.155.184
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-15c8712c-521c-59fa-4036-fe8a6b1d555c$ip$185.213.155.184
Date
Fri, 21 Apr 2023 02:23:18 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 1632
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3jxmcfdE2pfrEun_axt8CowMBw997m0RyvFl~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-3jxmcfdE2pfrEun_axt8CowMBw997m0RyvFl~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 21 Apr 2023 02:23:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-3jxmcfdE2pfrEun_axt8CowMBw997m0RyvFl~A
content-length
0
usersync
usersync.gumgum.com/ Frame 1632
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=1ed1eed5-623b-42b9-9f5c-2c94b9f915ec
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=1ed1eed5-623b-42b9-9f5c-2c94b9f915ec
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=1ed1eed5-623b-42b9-9f5c-2c94b9f915ec
Date
Fri, 21 Apr 2023 02:23:18 GMT
Connection
keep-alive
X-CI-RTID
86837876-a720-4ddf-975f-dcd596a86914
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 1632
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 21 Apr 2023 02:23:18 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
451763929
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 1632 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 1632
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_f1445ce8-5926-49a7-8384-c4e8704c240b&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=kUmZ31Wc7t3oHpHZhQLB&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT222VNVNDGMKXMM3XIM3PJBYEQWTIKFGEE...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=kUmZ31Wc7t3oHpHZhQLB&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=kUmZ31Wc7t3oHpHZhQLB&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:19 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=kUmZ31Wc7t3oHpHZhQLB&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 1632
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=6db3963f-2762-462b-9e82-b5275b1b6926
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=6db3963f-2762-462b-9e82-b5275b1b6926
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=6db3963f-2762-462b-9e82-b5275b1b6926
access-control-allow-origin
*
date
Fri, 21 Apr 2023 02:23:18 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 1632
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=OxtghIpmzn0n&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=OxtghIpmzn0n&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=OxtghIpmzn0n&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6995c68ccb-2j8gr
expires
-1
usersync
usersync.gumgum.com/ Frame 1632
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1825744723428527998
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1825744723428527998
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1825744723428527998
date
Fri, 21 Apr 2023 02:23:18 GMT
content-length
0
sync
ads.servenobid.com/ Frame 1632 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_f1445ce8-5926-49a7-8384-c4e8704c240b
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame CE12
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=8050298250324130712
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=8050298250324130712
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
14ec8626-6837-43f9-98cb-094f40956e0c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=8050298250324130712
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame CE12
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=58885f39-e114-4f78-ae07-39f2995a2990&ssp=gumgum2&expires=30&user_group=5&bsw_param=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9
  • https://usersync.gumgum.com/usersync?b=bsw&i=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=&gdpr_consent=&us_privacy=
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame CE12
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28TDSROIna5PfB6OpPFFm_-k5aPO-2kn86g76X6FB2Da4OG2tHn4fRMe7DBYb-QKbi%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&obuid=ENC(TDSROIna5PfB6OpPFFm_-k5aPO-2kn86g76X6FB2Da4OG2tHn4fRMe7DBYb-QKbi)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7Bus...
0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DTDSROIna5PfB6OpPFFm_-k5aPO-2kn86g76X6FB2Da4OG2tHn4fRMe7DBYb-QKbi%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:19 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

Location
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DTDSROIna5PfB6OpPFFm_-k5aPO-2kn86g76X6FB2Da4OG2tHn4fRMe7DBYb-QKbi%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform
Date
Fri, 21 Apr 2023 02:23:19 GMT
X-TraceId
818b9c74bf1b30a1d7be3efa3355968b
Content-Length
0
usersync
usersync.gumgum.com/ Frame CE12
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=e2b92dbc-78b0-4d07-b7f0-70bae5c3c462
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=e2b92dbc-78b0-4d07-b7f0-70bae5c3c462
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 21 Apr 2023 02:23:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=e2b92dbc-78b0-4d07-b7f0-70bae5c3c462
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame CE12
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-15c8712c-521c-59fa-4036-fe8a6b1d555c$ip$185.213.155.184
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-15c8712c-521c-59fa-4036-fe8a6b1d555c$ip$185.213.155.184
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-15c8712c-521c-59fa-4036-fe8a6b1d555c$ip$185.213.155.184
Date
Fri, 21 Apr 2023 02:23:18 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame CE12
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3jxmcfdE2pfrEun_axt8CowMBw997m0RyvFl~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-3jxmcfdE2pfrEun_axt8CowMBw997m0RyvFl~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 21 Apr 2023 02:23:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-3jxmcfdE2pfrEun_axt8CowMBw997m0RyvFl~A
content-length
0
usersync
usersync.gumgum.com/ Frame CE12
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=5425a9c2-7753-4571-ad6a-8f6fec240734
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=5425a9c2-7753-4571-ad6a-8f6fec240734
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=5425a9c2-7753-4571-ad6a-8f6fec240734
Date
Fri, 21 Apr 2023 02:23:18 GMT
Connection
keep-alive
X-CI-RTID
555a0670-f80e-4787-864b-4b02b6804d4d
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame CE12
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 21 Apr 2023 02:23:18 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
463195733
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame CE12 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame CE12
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=F5161mGf8nZuxdWTJdxn&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2RRVGE3DC3KHMY4G4WTVPBSFOVCKMR4G4...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=F5161mGf8nZuxdWTJdxn&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=F5161mGf8nZuxdWTJdxn&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:19 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=F5161mGf8nZuxdWTJdxn&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame CE12
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=6db3963f-2762-462b-9e82-b5275b1b6926
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=6db3963f-2762-462b-9e82-b5275b1b6926
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=6db3963f-2762-462b-9e82-b5275b1b6926
access-control-allow-origin
*
date
Fri, 21 Apr 2023 02:23:18 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame CE12
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=zHvRyfj5tqkw&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=zHvRyfj5tqkw&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=zHvRyfj5tqkw&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6995c68ccb-kfzkn
expires
-1
usersync
usersync.gumgum.com/ Frame CE12
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1825744723428527998
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1825744723428527998
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1825744723428527998
date
Fri, 21 Apr 2023 02:23:17 GMT
content-length
0
sync
ads.servenobid.com/ Frame CE12 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_5cc19cf7-95fc-4985-99eb-577c3c740df7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame EA4C 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1660074670747045778&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync.php
demand.trafficroots.com/ Frame EA4C 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame EA4C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=806a6441-f396-4e00-9c23-98884f7ad3b2&gdpr=0&gdpr_consent=
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=806a6441-f396-4e00-9c23-98884f7ad3b2&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
MT3 830 785530e master zrh-pixel-x24 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=806a6441-f396-4e00-9c23-98884f7ad3b2&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 21 Apr 2023 02:23:17 GMT
v1
match.sharethrough.com/universal/ Frame EA4C 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.204.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-204-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
/
rtb-csync.smartadserver.com/redir/ Frame EA4C
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03010003_6441f3966f264&gdpr=0&gdpr_consent=
43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03010003_6441f3966f264&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Fri, 21 Apr 2023 02:23:18 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=03010003_6441f3966f264&gdpr=0&gdpr_consent=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
sync
ads.servenobid.com/ Frame 9E02 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1825744723428527998&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
gjIEMT18
sync-tm.everesttech.net/ct/upi/pid/ Frame 9E02
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...
85 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZEHzlgAAAO_epwBL
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230137-FRA
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
382
x-timer
S1682043799.601196,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
321

Redirect headers

x-served-by
cache-fra-eddf8230137-FRA
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1682043798.394762,VS0,VE91
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZEHzlgAAAO_epwBL
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
generic
match.adsrvr.org/track/cmf/ Frame 9E02 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
bsync
visitor.omnitagjs.com/visitor/ Frame 9E02 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
711890.gif
id.rlcdn.com/ Frame 9E02 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame B200
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=d9e16441-f397-4a00-b666-d38e19f9614b&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=d9e16441-f397-4a00-b666-d38e19f9614b&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
Fri, 21 Apr 2023 02:23:17 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master zrh-pixel-x31 config_version:"unknown"
location
https://usersync.gumgum.com/usersync?b=mmh&i=d9e16441-f397-4a00-b666-d38e19f9614b&gdpr=0&gdpr_consent=
user-sync
sync.adkernel.com/ Frame 5817 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Fri, 21 Apr 2023 02:23:18 GMT
Pragma
no-cache
Server
nginx
usersync
usersync.gumgum.com/ Frame AD13
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZEHzlgAAAROepgBL
  • https://usersync.gumgum.com/usersync?b=atm&i=ZEHzlgAAAROepgBL&gdpr=0&gdpr_consent=&_test=ZEHzlgAAAROepgBL
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZEHzlgAAAROepgBL&gdpr=0&gdpr_consent=&_test=ZEHzlgAAAROepgBL
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 21 Apr 2023 02:23:18 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZEHzlgAAAROepgBL&gdpr=0&gdpr_consent=&_test=ZEHzlgAAAROepgBL
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230137-FRA
x-timer
S1682043798.498355,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame EFC7 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9mMTQ0NWNlOC01OTI2LTQ5YTctODM4NC1jNGU4NzA0YzI0MGI=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 02:23:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EAE6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=109058
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 21 Apr 2023 02:23:18 GMT
expires
Sat, 22 Apr 2023 08:40:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 6227 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 21 Apr 2023 02:23:18 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 6B8E
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZEHzlsCo8X4AAKp-4ZEAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZEHzlsCo8X4AAKp-4ZEAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:19 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 21 Apr 2023 02:23:19 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZEHzlsCo8X4AAKp-4ZEAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40228.dc2p.scaleout.jp
X-SO-IP
185.213.155.184
X-SO-Key
ZEHzlsCo8X4AAKp-4ZEAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZEHzlsCo8X4AAKp-4ZEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40228"}
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40228
usersync
usersync.gumgum.com/ Frame A24C
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=e_f1445ce8-5926-49a7-8384-c4e8704c240b&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=fc0d78bf-6a7c-4a19-8456-c7d214dd6ae1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=fc0d78bf-6a7c-4a19-8456-c7d214dd6ae1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=fc0d78bf-6a7c-4a19-8456-c7d214dd6ae1
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usermatchredir
ssum-sec.casalemedia.com/ Frame 8E6C 		43 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame C313
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=NQcgFqs44zjLRAHyLbxv&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=NQcgFqs44zjLRAHyLbxv&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 21 Apr 2023 02:23:18 GMT Fri, 21 Apr 2023 02:23:18 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=NQcgFqs44zjLRAHyLbxv&pi=gumgum&tc=1
pragma
no-cache
sync.html
public.servenobid.com/ Frame 1C31 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-73.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35937
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 20 Apr 2023 16:24:22 GMT
etag
W/"fd0102e5847015626666169917857ba8"
last-modified
Wed, 12 Apr 2023 16:16:50 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-id
95h6o3fASV58-IE1Ly9ENJ_zpvOu4UdaYWNrMWD6yTvff4yxmBXchA==
x-amz-cf-pop
FRA60-P4
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:b4af218c-2bc9-4531-9210-521693d9d5d7
x-amz-meta-codebuild-content-md5
9cec9a15b660da7393081e2fc6c34731
x-amz-meta-codebuild-content-sha256
8e6d48a695640d90e0623cd4e573f94721be8c1becd249758c7df42fcffde7be
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
usync.html
u.4dex.io/ Frame 2C18 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
date
Fri, 21 Apr 2023 02:23:18 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
iframe
cs.admanmedia.com/ Frame 18D0 		9 B
175 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
nginx
Transfer-Encoding
chunked
isyn
prebid.a-mo.net/ Frame 86AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://w1.areturnersmagic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Fri, 21 Apr 2023 02:23:17 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
prebid
b1h-euc1.zemanta.com/usersync/ Frame EF4E 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Requested by
Host: cdn.prplads.com
URL: https://cdn.prplads.com/prebid-2023-03-22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w1.areturnersmagic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
usersync
usersync.gumgum.com/ Frame D533
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=806a6441-f396-4e00-9c23-98884f7ad3b2&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=806a6441-f396-4e00-9c23-98884f7ad3b2&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
Fri, 21 Apr 2023 02:23:17 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master zrh-pixel-x26 config_version:"unknown"
location
https://usersync.gumgum.com/usersync?b=mmh&i=806a6441-f396-4e00-9c23-98884f7ad3b2&gdpr=0&gdpr_consent=
user-sync
sync.adkernel.com/ Frame 712A 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Fri, 21 Apr 2023 02:23:18 GMT
Pragma
no-cache
Server
nginx
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame FD57
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZEHzlgAEUvdIggBa
85 B
169 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZEHzlgAEUvdIggBa
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
382
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 21 Apr 2023 02:23:18 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
320
x-served-by
cache-fra-eddf8230137-FRA
x-timer
S1682043798.498351,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 21 Apr 2023 02:23:18 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZEHzlgAEUvdIggBa
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230137-FRA
x-timer
S1682043798.394775,VS0,VE95
pixel
cm.g.doubleclick.net/ Frame DC75 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81Y2MxOWNmNy05NWZjLTQ5ODUtOTllYi01NzdjM2M3NDBkZjc=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 02:23:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3B5C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=109058
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 21 Apr 2023 02:23:18 GMT
expires
Sat, 22 Apr 2023 08:40:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame C2B7 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 21 Apr 2023 02:23:18 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 1683
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZEHzl8Co8XsAAG6fMSsAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZEHzl8Co8XsAAG6fMSsAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:19 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 21 Apr 2023 02:23:19 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZEHzl8Co8XsAAG6fMSsAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
4
X-SO-Cluster-ID
0
X-SO-HostName
m-ad400.dc4p.scaleout.jp
X-SO-IP
185.213.155.184
X-SO-Key
ZEHzl8Co8XsAAG6fMSsAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZEHzl8Co8XsAAG6fMSsAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad400"}
X-SO-LB-Hostname
m-tgng23.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad400
usersync
usersync.gumgum.com/ Frame 9F6B
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=e1e255bb-195a-4589-8b22-10d1e9311f7a
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=e1e255bb-195a-4589-8b22-10d1e9311f7a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=e1e255bb-195a-4589-8b22-10d1e9311f7a
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
khaos.jpg
token.rubiconproject.com/ Frame AE95 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame FA1B 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.html
eus.rubiconproject.com/ Frame CC2B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Apr 2023 02:23:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 21 Apr 2023 02:23:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usermatchredir
ssum-sec.casalemedia.com/ Frame 30AD 		43 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Keep-Alive
timeout=1, max=496
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 3626
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=NQcgFqs44zjLRAHyLbxv&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=NQcgFqs44zjLRAHyLbxv&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 21 Apr 2023 02:23:18 GMT Fri, 21 Apr 2023 02:23:18 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=NQcgFqs44zjLRAHyLbxv&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame B679
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Apr 2023 02:23:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 21 Apr 2023 02:23:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
Pug
simage2.pubmatic.com/AdServer/ Frame 17E6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d9e16441-f397-4a00-b666-d38e19f9614b&gdpr=0&gdpr_consent=
42 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d9e16441-f397-4a00-b666-d38e19f9614b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 02:23:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
Fri, 21 Apr 2023 02:23:17 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master zrh-pixel-x3 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d9e16441-f397-4a00-b666-d38e19f9614b&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 1E1A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5266934095289477906
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5266934095289477906
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 02:23:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5266934095289477906
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame F43B 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 02:23:17 GMT
expires
Fri, 21 Apr 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
294462
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 10C3
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727352024827
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727352024827
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 02:23:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 21 Apr 2023 02:23:18 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559727352024827
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
Pug
image2.pubmatic.com/AdServer/ Frame 7966
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hUoKT9VNB0ieRlpJ0E8TToAbD0ueGFhGgk-2vyox
42 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hUoKT9VNB0ieRlpJ0E8TToAbD0ueGFhGgk-2vyox
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 02:23:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 21 Apr 2023 02:23:18 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hUoKT9VNB0ieRlpJ0E8TToAbD0ueGFhGgk-2vyox
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
sync
ads.servenobid.com/ Frame 3D7D 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=39769EB3-17F5-4488-9DA9-64C705BB25C7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Fri, 21 Apr 2023 02:23:18 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 91C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OXaesxf1RIidqWTHBbslxw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=109058
accept-ranges
bytes
content-length
5554
expires
Sat, 22 Apr 2023 08:40:56 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 91C8 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=39769EB3-17F5-4488-9DA9-64C705BB25C7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.3.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-3-113.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.23.137
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 91C8
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=554784862
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=39769EB3-17F5-4488-9DA9-64C705BB25C7
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=39769EB3-17F5-4488-9DA9-64C705BB25C7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
via
1.1 google
last-modified
Fri, 21 Apr 2023 02:23:18 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=39769EB3-17F5-4488-9DA9-64C705BB25C7
date
Fri, 21 Apr 2023 02:23:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 91C8
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=39769EB3-17F5-4488-9DA9-64C705BB25C7
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWxsaHB6b2NnQ0hSQzJnU2JoaXpJVEJ3UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3010125798383854513&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
52.5.106.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-106-217.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:19 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 21 Apr 2023 02:23:19 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 91C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzk3NjlFQjMtMTdGNS00NDg4LTlEQTktNjRDNzA1QkIyNUM3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 02:23:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 91C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIvwVGojOFeZx-LfIS4CK_8&google_cver=1
42 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIvwVGojOFeZx-LfIS4CK_8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIvwVGojOFeZx-LfIS4CK_8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 91C8 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 20 Apr 2023 02:23:18 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 91C8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3010125798383854513
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3010125798383854513
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 02:23:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3010125798383854513
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 91C8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.js
eus.rubiconproject.com/ Frame CC2B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ea45750e48aca6928fa67bea991b9628d34d526f124a9eb15886e2404fe4b310

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2023 02:16:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85970
Connection
keep-alive
Content-Length
10019
Expires
Sat, 22 Apr 2023 02:16:08 GMT
13926
g2.gumgum.com/usync/ Frame 3AB1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.131.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-131-240.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
394123c1a846663576ee5a567ad87b9b244e114e88e48142554978e50d27276f

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 21 Apr 2023 02:23:18 GMT
etag
W/"0b20ba3ce1ab557126048ae50f7e42e8f"
server
nginx
timing-allow-origin
*
sync
ads.servenobid.com/ Frame 1C31
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=Gg_PBRZHWFoMXVVeRg6IaUXq
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=Gg_PBRZHWFoMXVVeRg6IaUXq
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:19 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:19 GMT
pod
X-Sovrn-Pod: ad_ap1sfo1
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ads.servenobid.com/sync?pid=310&uid=Gg_PBRZHWFoMXVVeRg6IaUXq
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 1C31 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.191.163.210 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 21 Apr 2023 02:23:18 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
/
onetag-sys.com/usync/ Frame 022C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 65E8 		865 B
967 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
3b2a28afe7c5cd2de981b4f9bc99186e69aa022b08bac96d9f519b4db3eb386d

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
865
content-type
text/html
date
Fri, 21 Apr 2023 02:23:18 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1C31
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3080608435
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3080608435
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
etag
RX75d269343ab24de399fe6acff3930063003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3080608435
cache-control
no-store, no-cache, must-revalidate
expires
0
usa
sync.go.sonobi.com/ Frame 1C31 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-179
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E1A2 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
d9fffaaf85156d4fc12ce06f524f3b9984b1509d63eac220c8434f11f63e0f02

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1630
Content-Type
text/html
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Keep-Alive
timeout=1, max=495
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sync
ads.servenobid.com/ Frame 1C31
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-46cf9b49-311b-3ac6-a4bd-3551c1aeedf9
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-46cf9b49-311b-3ac6-a4bd-3551c1aeedf9
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-46cf9b49-311b-3ac6-a4bd-3551c1aeedf9
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
no-store
content-length
0
expires
0
usync.html
eus.rubiconproject.com/ Frame DF21
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Apr 2023 02:23:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 21 Apr 2023 02:23:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7611 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=109058
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 21 Apr 2023 02:23:18 GMT
expires
Sat, 22 Apr 2023 08:40:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 6A8F 		0
483 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4200:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Fri, 21 Apr 2023 02:23:18 GMT
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-id
CdWqX3l6xW3kZ4D6J8cpHSIk_jaYsQu6dvAE3Q8LkC-s5MTM_oB3fg==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame 3704 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Fri, 21 Apr 2023 02:23:18 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 9F6C 		0
328 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.232.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-232-227.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Fri, 21 Apr 2023 02:23:18 GMT
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame 1C31
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=8050298250324130712
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=8050298250324130712
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cb9aa6b9-8b22-42a1-bf60-b00b76b2f73e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.servenobid.com/sync?pid=312&uid=8050298250324130712
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 1C31
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5108559727352024827
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5108559727352024827
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5108559727352024827
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 1C31
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=589bd4d7-552c-424a-a3c5-2d4b589e9e10&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=589bd4d7-552c-424a-a3c5-2d4b589e9e10&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=589bd4d7-552c-424a-a3c5-2d4b589e9e10&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Fri, 21 Apr 2023 02:23:17 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 1C31
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
date
Fri, 21 Apr 2023 02:23:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 1C31
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
date
Fri, 21 Apr 2023 02:23:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 1C31 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.204.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-204-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
sync
ads.servenobid.com/ Frame 1C31
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 21 Apr 2023 02:23:18 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Fri, 21 Apr 2023 02:23:18 GMT
usync.js
eus.rubiconproject.com/ Frame B679 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ea45750e48aca6928fa67bea991b9628d34d526f124a9eb15886e2404fe4b310

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2023 02:16:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85970
Connection
keep-alive
Content-Length
10019
Expires
Sat, 22 Apr 2023 02:16:08 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame AE95 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usermatchredir
ssum-sec.casalemedia.com/ Frame E1A2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKMkE5kfFAnDUkHiFiQJjEM&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKMkE5kfFAnDUkHiFiQJjEM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKMkE5kfFAnDUkHiFiQJjEM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E1A2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame E1A2 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H29Q2NEFJJXQ368M3HC3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E1A2 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:321a:b7de:60de:298b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum.casalemedia.com/ Frame E1A2
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=8a07cabf-2de7-218f-a37fed27
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=8a07cabf-2de7-218f-a37fed27
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Fri, 21 Apr 2023 02:23:18 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=8a07cabf-2de7-218f-a37fed27
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
sync
ssbsync.smartadserver.com/api/ Frame E1A2 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame E1A2 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame E1A2
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559727352024827
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559727352024827
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559727352024827
Date
Fri, 21 Apr 2023 02:23:18 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame E1A2 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame 65E8 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1825744723428527998&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 65E8
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=5mGhPtknD6Xs&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=5mGhPtknD6Xs&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=5mGhPtknD6Xs&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6995c68ccb-q2rgh
expires
-1
9.gif
id5-sync.com/i/102/ Frame 65E8 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 21 Apr 2023 02:23:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
/
rtb-csync.smartadserver.com/redir/ Frame 65E8
Redirect Chain
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=e1e255bb-195a-4589-8b22-10d1e9311f7a&gdpr=0&gdpr_consent=[GDPR_CONSENT]
43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=e1e255bb-195a-4589-8b22-10d1e9311f7a&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=e1e255bb-195a-4589-8b22-10d1e9311f7a&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
s.ad.smaato.net/c/ Frame 65E8 		0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
cache-control
no-cache, must-revalidate
via
1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
TH_r3F4UWLFh4OgJ8wfqB-aaddsTI-s7E5LI66UvVX_fd0a4hUmEMw==
x-cache
FunctionGeneratedResponse from cloudfront
usersync
usersync.gumgum.com/ Frame 3AB1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=8050298250324130712
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=8050298250324130712
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b29d0129-752f-4501-bd9f-54ebc9a5b2d1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=8050298250324130712
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3AB1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=57906be5-d218-45b1-b093-3d719f64187b&user_group=1&ssp=gumgum2&bsw_param=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9
  • https://usersync.gumgum.com/usersync?b=bsw&i=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=&gdpr_consent=&us_privacy=
date
Fri, 21 Apr 2023 02:23:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
t.adx.opera.com/pub/ Frame 3AB1
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28TDSROIna5PfB6OpPFFm_-k5aPO-2kn86g76X6FB2Da4OG2tHn4fRMe7DBYb-QKbi%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&obuid=ENC(TDSROIna5PfB6OpPFFm_-k5aPO-2kn86g76X6FB2Da4OG2tHn4fRMe7DBYb-QKbi)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://t.adx.opera.com/pub/sync?pubid=pub8006743166848&initiator=$initiator
0
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/pub/sync?pubid=pub8006743166848&initiator=$initiator
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:19 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://t.adx.opera.com/pub/sync?pubid=pub8006743166848&initiator=$initiator
Date
Fri, 21 Apr 2023 02:23:19 GMT
X-TraceId
4191ea0f17b5cb1bff825c4c6d5c32bf
Content-Length
0
usersync
usersync.gumgum.com/ Frame 3AB1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=e2b92dbc-78b0-4d07-b7f0-70bae5c3c462
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=e2b92dbc-78b0-4d07-b7f0-70bae5c3c462
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 21 Apr 2023 02:23:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=e2b92dbc-78b0-4d07-b7f0-70bae5c3c462
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 3AB1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-15c8712c-521c-59fa-4036-fe8a6b1d555c$ip$185.213.155.184
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-15c8712c-521c-59fa-4036-fe8a6b1d555c$ip$185.213.155.184
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-15c8712c-521c-59fa-4036-fe8a6b1d555c$ip$185.213.155.184
Date
Fri, 21 Apr 2023 02:23:18 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 3AB1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3jxmcfdE2pfrEun_axt8CowMBw997m0RyvFl~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-3jxmcfdE2pfrEun_axt8CowMBw997m0RyvFl~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 21 Apr 2023 02:23:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-3jxmcfdE2pfrEun_axt8CowMBw997m0RyvFl~A
content-length
0
usersync
usersync.gumgum.com/ Frame 3AB1
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=5425a9c2-7753-4571-ad6a-8f6fec240734
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=5425a9c2-7753-4571-ad6a-8f6fec240734
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=5425a9c2-7753-4571-ad6a-8f6fec240734
Date
Fri, 21 Apr 2023 02:23:18 GMT
Connection
keep-alive
X-CI-RTID
f2eb865a-7f5d-441a-819a-0d24d44f4d41
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 3AB1
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 21 Apr 2023 02:23:18 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
444231350
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 3AB1 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 3AB1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=F5161mGf8nZuxdWTJdxn&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2RRVGE3DC3KHMY4G4WTVPBSFOVCKMR4G4...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=F5161mGf8nZuxdWTJdxn&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=F5161mGf8nZuxdWTJdxn&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:19 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=F5161mGf8nZuxdWTJdxn&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 3AB1
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=6db3963f-2762-462b-9e82-b5275b1b6926
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=6db3963f-2762-462b-9e82-b5275b1b6926
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=6db3963f-2762-462b-9e82-b5275b1b6926
access-control-allow-origin
*
date
Fri, 21 Apr 2023 02:23:18 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 3AB1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=suQwETcCeCuQ&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=suQwETcCeCuQ&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=suQwETcCeCuQ&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6995c68ccb-mlbl5
expires
-1
usersync
usersync.gumgum.com/ Frame 3AB1
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1825744723428527998
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1825744723428527998
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1825744723428527998
date
Fri, 21 Apr 2023 02:23:17 GMT
content-length
0
sync
ads.servenobid.com/ Frame 3AB1 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_5cc19cf7-95fc-4985-99eb-577c3c740df7
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:18 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame DF21 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ea45750e48aca6928fa67bea991b9628d34d526f124a9eb15886e2404fe4b310

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2023 02:16:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85970
Connection
keep-alive
Content-Length
10019
Expires
Sat, 22 Apr 2023 02:16:08 GMT
khaos.jpg
token.rubiconproject.com/ Frame CC2B 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame B679 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
usersync.gumgum.com/ Frame 619D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=d9e16441-f397-4a00-b666-d38e19f9614b&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=d9e16441-f397-4a00-b666-d38e19f9614b&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
Fri, 21 Apr 2023 02:23:17 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master zrh-pixel-x9 config_version:"unknown"
location
https://usersync.gumgum.com/usersync?b=mmh&i=d9e16441-f397-4a00-b666-d38e19f9614b&gdpr=0&gdpr_consent=
user-sync
sync.adkernel.com/ Frame 2709 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Fri, 21 Apr 2023 02:23:18 GMT
Pragma
no-cache
Server
nginx
usersync
usersync.gumgum.com/ Frame 6D59
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZEHzlgAAAROepgBL&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZEHzlgAAAROepgBL&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 21 Apr 2023 02:23:18 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZEHzlgAAAROepgBL&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230137-FRA
x-timer
S1682043799.823690,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame F43C 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81Y2MxOWNmNy05NWZjLTQ5ODUtOTllYi01NzdjM2M3NDBkZjc=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 21 Apr 2023 02:23:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 36DE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.228.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-228-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=109058
content-encoding
gzip
content-length
5554
content-type
text/html
date
Fri, 21 Apr 2023 02:23:18 GMT
expires
Sat, 22 Apr 2023 08:40:56 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 419C 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 21 Apr 2023 02:23:18 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 1145
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZEHzl8Co8XcAAIxMaSwAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZEHzl8Co8XcAAIxMaSwAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:19 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 21 Apr 2023 02:23:19 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZEHzl8Co8XcAAIxMaSwAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40191.dc2p.scaleout.jp
X-SO-IP
185.213.155.184
X-SO-Key
ZEHzl8Co8XcAAIxMaSwAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZEHzl8Co8XcAAIxMaSwAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40191"}
X-SO-LB-Hostname
m-tgng19.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40191
usersync
usersync.gumgum.com/ Frame 4D3B
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=e_5cc19cf7-95fc-4985-99eb-577c3c740df7&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=e1e255bb-195a-4589-8b22-10d1e9311f7a
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=e1e255bb-195a-4589-8b22-10d1e9311f7a
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=e1e255bb-195a-4589-8b22-10d1e9311f7a
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usermatchredir
ssum-sec.casalemedia.com/ Frame 6D4D 		43 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Keep-Alive
timeout=1, max=494
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 51ED
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=NQcgFqs44zjLRAHyLbxv&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=NQcgFqs44zjLRAHyLbxv&pi=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Apr 2023 02:23:18 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 21 Apr 2023 02:23:18 GMT Fri, 21 Apr 2023 02:23:18 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=NQcgFqs44zjLRAHyLbxv&pi=gumgum
pragma
no-cache
token
token.rubiconproject.com/ Frame AE95 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame AE95 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=25470
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame AE95
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=p-GVSJ41Semc2g1ZwOschA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=p-GVSJ41Semc2g1ZwOschA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=p-GVSJ41Semc2g1ZwOschA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Apr 2023 02:23:19 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XWPH24D6APBWH9032ZF0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=p-GVSJ41Semc2g1ZwOschA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame AE95 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AE95
Redirect Chain
  • https://tg.socdm.com/rtb/sync?proto=rubicon
  • https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=ZEHzl8Co8X4AAKp-4Z0AAAAA
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=ZEHzl8Co8X4AAKp-4Z0AAAAA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

X-SO-Cluster-ID
0
Date
Fri, 21 Apr 2023 02:23:19 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=rubicon","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZEHzl8Co8X4AAKp-4Z0AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad75"}
X-SO-Key
ZEHzl8Co8X4AAKp-4Z0AAAAA
Server
nginx
X-SO-Upstream-ID
m-ad75
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://pixel.rubiconproject.com/tap.php?v=71722&nid=3668&expires=30&put=ZEHzl8Co8X4AAKp-4Z0AAAAA
Cache-Control
private
X-SO-HostName
m-ad75.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
m-tgng26.dc4p.scaleout.jp
X-SO-IP
185.213.155.184
tap.php
pixel.rubiconproject.com/ Frame AE95
Redirect Chain
  • https://ib.adnxs.com/getuid?https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=$UID
  • https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=8050298250324130712
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=8050298250324130712
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b0a3c3a9-2841-4ff9-b5c9-5149a0b5c538
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel.rubiconproject.com/tap.php?v=564534&nid=5466&put=8050298250324130712
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame AE95
Redirect Chain
  • https://dmp.brand-display.com/cm/api/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=9085ec00-1457-7c30-efe12612
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=9085ec00-1457-7c30-efe12612
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 21 Apr 2023 02:23:18 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=9085ec00-1457-7c30-efe12612
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
CookieSyncRubicon
rtb.adentifi.com/ Frame AE95 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncRubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.183.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-183-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:19 GMT
usync.html
eus.rubiconproject.com/ Frame 5D64
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Apr 2023 02:23:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 21 Apr 2023 02:23:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
khaos.jpg
token.rubiconproject.com/ Frame DF21 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame CC2B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.js
eus.rubiconproject.com/ Frame 5D64 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
ea45750e48aca6928fa67bea991b9628d34d526f124a9eb15886e2404fe4b310

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Fri, 21 Apr 2023 02:23:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2023 02:16:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85970
Connection
keep-alive
Content-Length
10019
Expires
Sat, 22 Apr 2023 02:16:08 GMT
khaos.jpg
token.rubiconproject.com/ Frame 5D64 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
SPug
simage4.pubmatic.com/AdServer/ Frame 91C8 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
track.adform.net/serving/unload/ Frame 8136 		35 B
598 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=0@@49726912,391725796971997891,100|4700|0|0|0|0|0|0|0||39|1|||||1|0|0|H6i54mbqb07i5nP9TebYOumn3tQYot-A0|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ams3-ib.adnxs-simple.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 21 Apr 2023 02:23:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://ams3-ib.adnxs-simple.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
PugMaster
image6.pubmatic.com/AdServer/ Frame B500 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=340491&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d4c1dfed6e3f5810fb958a16dbb76512ee3439c26b026f6b3436935013e33a70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 21 Apr 2023 02:23:21 GMT
content-length
2002
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 85B8 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=39769EB3-17F5-4488-9DA9-64C705BB25C7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 21 Apr 2023 02:23:21 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
dcm
aax-eu.amazon-adsystem.com/s/ Frame BC3B 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame E6EB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8050298250324130712&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8050298250324130712&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 02:23:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
f7beafaf-72ee-48ee-8b1a-df25432c51cd
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 21 Apr 2023 02:23:21 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8050298250324130712&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.184; 185.213.155.184; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4C4A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7224323115738921100&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7224323115738921100&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Apr 2023 02:23:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Fri, 21 Apr 2023 02:23:21 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7224323115738921100&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
sync.srv.stackadapt.com/ Frame 1CBD 		0
0
adx
match.prod.bidr.io/cookie-sync/ Frame BC64
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBSnlVN0lnLWNBQUNCaGg4SmxXQQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
0
0
sync
ads.servenobid.com/ Frame 9BFB 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=39769EB3-17F5-4488-9DA9-64C705BB25C7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.255.71 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-255-71.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Fri, 21 Apr 2023 02:23:21 GMT
mw
mwzeom.zeotap.com/ Frame B500 		95 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=39769EB3-17F5-4488-9DA9-64C705BB25C7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:21 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7bb22a1e59dc9125-FRA
access-control-allow-headers
*
content-length
95
info
uipglob.semasio.net/pubmatic/1/ Frame B500 		0
0
/
pixel.onaudience.com/ Frame B500 		0
0
SPug
image4.pubmatic.com/AdServer/ Frame B500
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=39769EB3-17F5-4488-9DA9-64C705BB25C7&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0E9TVSZE2uUVOpwiXEdWqAQ2CtOezQc-~A&gdpr=0
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0E9TVSZE2uUVOpwiXEdWqAQ2CtOezQc-~A&gdpr=0
Protocol
H2
Server
198.47.127.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0E9TVSZE2uUVOpwiXEdWqAQ2CtOezQc-~A&gdpr=0
date
Fri, 21 Apr 2023 02:23:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
39769EB3-17F5-4488-9DA9-64C705BB25C7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B500 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/39769EB3-17F5-4488-9DA9-64C705BB25C7?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:321a:b7de:60de:298b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:23:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame B500
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=6300ba32-ec83-4942-a2cb-7117272f5131&expires=1&user_group=5&ssp=pubmatic&bsw_param=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=0&gdpr_consent=&gdpr_pd=
0
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame B500 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 21 Apr 2023 02:23:21 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame B500 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
demand.trafficroots.com
URL
https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent=
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=39769EB3-17F5-4488-9DA9-64C705BB25C7&redir=true&gdpr=0&gdpr_consent=
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=39769EB3-17F5-4488-9DA9-64C705BB25C7&sInitiator=external&gdpr=0&gdpr_consent=
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=214&mapped=39769EB3-17F5-4488-9DA9-64C705BB25C7&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=283&user_id=6300ba32-ec83-4942-a2cb-7117272f5131&expires=1&user_group=5&ssp=pubmatic&bsw_param=9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9&gdpr=0&gdpr_consent=&gdpr_pd=
Domain
pubmatic-match.dotomi.com
URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=39769EB3-17F5-4488-9DA9-64C705BB25C7&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 boolean| credentialless function| $ function| jQuery object| DarkMode string| GoogleAnalyticsObject function| ga object| wpDarkMode function| checkOsDarkMode object| essb_settings function| documentInitOneSignal function| OneSignal function| loadCSS function| _0x4b2d function| _0x3e53 boolean| _purpleadsWasLoaded object| _purpleads string| purpleadsInstanceId function| _storage number| amountScrolled object| jQuery111308510831546386759 object| atOptions object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| _0x56a7 function| _0x5441 boolean| _purpleAdsDisplayInit object| globalSlots object| purpleadsAgent string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| dataLayer function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_manager object| google_llp number| google_lpabyc function| _ object| _wpUtilSettings object| wp function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| SUShortcodesL10n object| SUImageCarousel object| lazyLoadOptions object| essb function| essb_open_mailform function| essb_close_mailform function| essb_mailform_send function| essbasc_popup_show function| essbasc_popup_close function| LazyLoad object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| googletag number| height object| ADAGIO number| __oneSignalSdkLoadCount object| _oneSignalInitOptions object| _ADAGIO object| GoogleGcLKhOms object| nbRefreshed

121 Cookies

Domain/Path Name / Value
.onesignal.com/ Name: __cf_bm
Value: kLpPxGqGxYtSUahcK2Ono5WE7HRuTfkcm6SpJmc7hyQ-1682043792-0-ATCWujOuuVifKuJADoQB6WObT/DjkanXBcRL/AFpu0PzKykn1LXx4tkDjmDWiMoi4weOLnKcp7D3TCcVPSdYI1s=
.areturnersmagic.com/ Name: _gid
Value: GA1.2.1967916159.1682043793
.areturnersmagic.com/ Name: _gat
Value: 1
.areturnersmagic.com/ Name: __gads
Value: ID=42f4ef6a455d0857-221f16baa3dd00c2:T=1682043793:RT=1682043793:S=ALNI_MYJDruMCG2-Y3CGtvPs7pOSg53etg
.areturnersmagic.com/ Name: __gpi
Value: UID=00000bedf0780f0f:T=1682043793:RT=1682043793:S=ALNI_MaQeaqUhFG1CP_iDEHM0BnmfV9rGQ
.areturnersmagic.com/ Name: _ga_0YRP7Y1G4K
Value: GS1.1.1682043793.1.0.1682043793.0.0.0
.areturnersmagic.com/ Name: _ga
Value: GA1.1.245917242.1682043793
.doubleclick.net/ Name: IDE
Value: AHWqTUnoPcGvgYMchd8-Sx0gZefwvnE3LY78oPZyOaI4SDBnylmfmQMEn9ELg36W
.casalemedia.com/ Name: CMID
Value: ZEHzkhMcP3YRf1lKMzVnVgAA
.casalemedia.com/ Name: CMPS
Value: 3379
.casalemedia.com/ Name: CMPRO
Value: 3379
.adnxs.com/ Name: uuid2
Value: 8050298250324130712
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVKBqTF[!@wnfH8K6pQK`!5=E<*L5?%M<cs@vShX@A$1SH*<30mvol!Zm$9AE:8u0ni4%nugO%v4VB%nmA0)o>W?
.prebid.a-mo.net/ Name: __amc
Value: 3_1682043794_1682043795
.servenobid.com/ Name: pid_312
Value: 8050298250324130712
.ads.pubmatic.com/ Name: KCCH
Value: YES
.yahoo.com/ Name: A3
Value: d=AQABBJbzQWQCELBeO6sxPiuKY3kbgUmxUlUFEgEBAQFFQ2RLZAAAAAAA_eMAAA&S=AQAAAsr2yPpTWYXlRTOtrXM3bmw
.gumgum.com/ Name: vst
Value: e_5cc19cf7-95fc-4985-99eb-577c3c740df7
.smartadserver.com/ Name: pid
Value: 1825744723428527998
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 39769EB3-17F5-4488-9DA9-64C705BB25C7
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 162412:2
.pubmatic.com/ Name: DPSync3
Value: 1683244800%3A241_235_201_245
.pubmatic.com/ Name: SyncRTB3
Value: 1683244800%3A46_56_8_161_21_13_7_54_220%7C1683331200%3A35
.servenobid.com/ Name: pid_333
Value: ZEHzkhMcP3YRf1lKMzVnVgAADTMAAAAB
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3Mjc2NTIwMrEwMhfiM9R1KSwKD9UtjAg3yPIDAI0OJfwlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3Mjc2NTIwMrEwMhfiM9R1KSwKD9UtjAg3yPIDAI0OJfwlAAAA
.w55c.net/ Name: wfivefivec
Value: Fx34wybq1PPGqG5
.servenobid.com/ Name: pid_317
Value: 1825744723428527998
.csync.loopme.me/ Name: viewer_token
Value: 5a37ae79-79de-4c28-ae67-cf65837b5ac6
.mathtag.com/ Name: uuid
Value: d9e16441-f397-4a00-b666-d38e19f9614b
.turn.com/ Name: uid
Value: 8220005729464306150
.servenobid.com/ Name: pid_309
Value: e_5cc19cf7-95fc-4985-99eb-577c3c740df7
.servenobid.com/ Name: pid_337
Value: y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
.servenobid.com/ Name: pid_339
Value: y-AwbEdZ1E2uGObJab7ogXkkrdVjucCTx37QEdG3Q-~A
.creativecdn.com/ Name: u
Value: NQcgFqs44zjLRAHyLbxv
.creativecdn.com/ Name: ts
Value: 1682043798
.openx.net/ Name: i
Value: c628b695-f922-4aa6-8a5d-a8bf49b4f6d9|1682043798
.bidswitch.net/ Name: c
Value: 1682043798
.bidswitch.net/ Name: tuuid_lu
Value: 1682043798
.bidswitch.net/ Name: tuuid
Value: 9b0cac8a-ea91-4bdb-84c4-f1cff0e8bea9
.servenobid.com/ Name: pid_353
Value: 0000EEA
.servenobid.com/ Name: pid_324
Value: 5108559727352024827
.w55c.net/ Name: matchcasale
Value: 5
.demdex.net/ Name: demdex
Value: 08427657703699419031489354469130280537
.dyntrk.com/ Name: dyn_u
Value: 03010003_6441f3966f264
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZEHzlgAAAROepgBL
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-46cf9b49-311b-3ac6-a4bd-3551c1aeedf9
.admanmedia.com/ Name: admtr
Value: e1e255bb-195a-4589-8b22-10d1e9311f7a
.bidr.io/ Name: bito
Value: AAAJyU7Ig-cAACBhh8JlWA
.bidr.io/ Name: bitoIsSecure
Value: ok
.servenobid.com/ Name: pid_316
Value: 39769EB3-17F5-4488-9DA9-64C705BB25C7
.quantserve.com/ Name: d
Value: EI8BCwHnKPijAA
.quantserve.com/ Name: mc
Value: 6441f396-8d7c1-03e15-ff811
match.sharethrough.com/ Name: AWSALBCORS
Value: zZ3jQfzFwy2cCE0JfmVhngMLK2xudTp6ryrFyXvETRIrmcQisQP5CUQbmT0Ls8nU5745RYwaaW4aDkFYKrGkVT6oXtO7qUF1c1rnV2hrZpASH/Jl/2IPyENpMCTn
.analytics.yahoo.com/ Name: IDSYNC
Value: 196n~2b7e
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-75d26934-3ab2-4de3-99fe-6acff3930063-003%22%2C%22zdxidn%22%3A%222069.26%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:d9e16441-f397-4a00-b666-d38e19f9614b&KRTB&16736-uid:d9e16441-f397-4a00-b666-d38e19f9614b&KRTB&23019-uid:d9e16441-f397-4a00-b666-d38e19f9614b&KRTB&23114-uid:d9e16441-f397-4a00-b666-d38e19f9614b
.simpli.fi/ Name: suid
Value: 2264DCC66942450E8A86947FDC5D89F0
.weborama.fr/ Name: AFFICHE_W
Value: esLMr-JHY7x641
.de17a.com/ Name: guid
Value: 1.5266934095289477906
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-hUoKT9VNB0ieRlpJ0E8TToAbD0ueGFhGgk-2vyox&KRTB&19420-hUoKT9VNB0ieRlpJ0E8TToAbD0ueGFhGgk-2vyox&KRTB&22979-hUoKT9VNB0ieRlpJ0E8TToAbD0ueGFhGgk-2vyox&KRTB&23462-hUoKT9VNB0ieRlpJ0E8TToAbD0ueGFhGgk-2vyox
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5108559727352024827
.dpm.demdex.net/ Name: dpm
Value: 08427657703699419031489354469130280537
.adform.net/ Name: C
Value: 1
.360yield.com/ Name: tuuid_lu
Value: 1682043798
.360yield.com/ Name: tuuid
Value: 6db3963f-2762-462b-9e82-b5275b1b6926
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5266934095289477906
.creative-serving.com/ Name: tuuid
Value: 58885f39-e114-4f78-ae07-39f2995a2990
.creative-serving.com/ Name: c
Value: 1682043798
.creative-serving.com/ Name: tuuid_lu
Value: 1682043798
.servenobid.com/ Name: pid_346
Value: ua-46cf9b49-311b-3ac6-a4bd-3551c1aeedf9
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-75d26934-3ab2-4de3-99fe-6acff3930063-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEIvwVGojOFeZx-LfIS4CK_8&KRTB&22987-CAESEIvwVGojOFeZx-LfIS4CK_8&KRTB&23025-CAESEIvwVGojOFeZx-LfIS4CK_8&KRTB&23386-CAESEIvwVGojOFeZx-LfIS4CK_8
.outbrain.com/ Name: obuid
Value: a9cff63d-a094-4095-9183-ed612344e8c3
.zemanta.com/ Name: zuid
Value: F5161mGf8nZuxdWTJdxn
.go.sonobi.com/ Name: HAPLB8S
Value: s87159|ZEHzm
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-15c8712c-521c-59fa-4036-fe8a6b1d555c.7cFA5ze4Tvpmz1JF%2Bq4oFd6ducCWVUlhqvYXrX1DQts
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AFchxLFIcWfpANv6Kax1VXLnVm7g.M9NfBCJpdD4sqtt%2BnX%2FFSdACQ0%2BVcgRRV3UXLFgAIPY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AFchxLFIcWfpANv6Kax1VXLnVm7g.M9NfBCJpdD4sqtt%2BnX%2FFSdACQ0%2BVcgRRV3UXLFgAIPY
.servenobid.com/ Name: pid_327
Value: 589bd4d7-552c-424a-a3c5-2d4b589e9e10
.ipredictive.com/ Name: cu
Value: 5425a9c2-7753-4571-ad6a-8f6fec240734|1682043798735
.adform.net/ Name: uid
Value: 3010125798383854513
.sportradarserving.com/ Name: zuuid
Value: d7f22cd6-9814-41d6-9ec2-3d0cd10c51d2
.sportradarserving.com/ Name: c
Value: 1682043798
.sportradarserving.com/ Name: zuuid_lu
Value: 1682043798
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFkYGJsbmlhamT-C5lvYWh-ShxZ3sIMAFT0SKYwAAAA
.servenobid.com/ Name: pid_321
Value: RX-75d26934-3ab2-4de3-99fe-6acff3930063-003
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1682043798
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3010125798383854513&KRTB&23263-3010125798383854513&KRTB&23481-3010125798383854513
.pubmatic.com/ Name: PugT
Value: 1682043797
.admanmedia.com/ Name: ac_r
Value: CS71
.amazon-adsystem.com/ Name: ad-id
Value: A5uiq5Dp8kf1pHeIq6To498
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ec88524fb4279087
.audrte.com/ Name: arcki2
Value: 1llhpzocgCHRC2gSbhizITBwQ!20220908!1682043798888!ip#185.213.155.184
.audrte.com/ Name: arcki2_pubmatic
Value: 39769EB3-17F5-4488-9DA9-64C705BB25C7!20220908!1682043798892
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.lijit.com/ Name: ljt_reader
Value: Gg_PBRZHWFoMXVVeRg6IaUXq
.brand-display.com/ Name: _knxq_
Value: 8a07cabf-2de7-218f-a37fed27.1682043798.0.1682043798.1682043798
.smartadserver.com/ Name: csync
Value: 25:806a6441-f396-4e00-9c23-98884f7ad3b2|69:03010003_6441f3966f264|92:5mGhPtknD6Xs
.servenobid.com/ Name: pid_310
Value: Gg_PBRZHWFoMXVVeRg6IaUXq
pool.admedo.com/ Name: tuuid
Value: 57906be5-d218-45b1-b093-3d719f64187b
pool.admedo.com/ Name: c
Value: 1682043799
pool.admedo.com/ Name: tuuid_lu
Value: 1682043799
.bluekai.com/ Name: bkpa
Value: KJhz06aFLM9R9mO4Dtd3hN+9nIunYZlaaC93PuTn+ZyMvM1Da+tFUlqjRKz7p20txp1cfY0VdNLEW1dh7H+2UUqPIeOvhrqHE4gs+clywQhlid9v9Da9pG8257gtN5p3q3C7IrmsQ/0tbKtp6yM/IEGtkfoaxcH2Fj8g44k8ZOiWytxBqmrsAZtwCK2hvz3vDjI7xChobFaWKvY90pehNO243YMM/WoPi/34HcvQs00jmwM32XVui4pWGipKH2POxobUB1nCOrIRmn7DPqn1NQPJ0XNm8Y8NRNZZuUjzrEJm3fti4rpHuOU9+81lzIIe48wHF+pf2gwVpXYjE3449yOWONtV
.audrte.com/ Name: arcki2_ddp2
Value: 1llhpzocgCHRC2gSbhizITBwQ!20220908!1682043799079
.bluekai.com/ Name: bku
Value: ikG99J4pxVEeqE1g
.lijit.com/ Name: ljtrtb
Value: eJyrVjIyNzYzNVeygjFqASoHBDc%3D
.audrte.com/ Name: arcki2_adform
Value: 3010125798383854513!20220908!1682043799216
.socdm.com/ Name: SOSYNC
Value: anNvbjp7InJ1Ymljb24iOjE2ODIwNDM3OTl9
.adx.opera.com/ Name: UID
Value: OPU96425026a1d0425f92b1fbc3a5c74f4a

11 Console Messages

Source Level URL
Text
javascript warning URL: https://w1.areturnersmagic.com/(Line 642)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://w1.areturnersmagic.com/(Line 642)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://warlockstallioniso.com/cc1159a70968e93dafbc8e0c257b1641/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=39769EB3-17F5-4488-9DA9-64C705BB25C7&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://t.adx.opera.com/pub/sync?pubid=pub8006743166848&initiator=$initiator
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
a.audrte.com
a.sportradarserving.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ad4m.at
ads.creative-serving.com
ads.eu.criteo.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ams3-ib.adnxs-simple.com
ap.lijit.com
api.purpleads.io
areturnersmagic.com
assets.a-mo.net
b1h-euc1.zemanta.com
b1sync.zemanta.com
bh.contextweb.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.adnxs-simple.com
cdn.onesignal.com
cdn.prplads.com
cdn.purpleads.io
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csm.eu.criteo.net
csync.loopme.me
d5p.de17a.com
demand.trafficroots.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
events.servenobids.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
hb-api.omnitagjs.com
hbx.media.net
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.admanmedia.com
public.servenobid.com
pubmatic-match.dotomi.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
s1.adform.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.adx.opera.com
tagan.adlightning.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
u.4dex.io
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vengeful-egg.com
visitor.omnitagjs.com
w1.areturnersmagic.com
warlockstallioniso.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
aax-eu.amazon-adsystem.com
demand.trafficroots.com
match.prod.bidr.io
pixel.onaudience.com
pubmatic-match.dotomi.com
sync.srv.stackadapt.com
uipglob.semasio.net
x.bidswitch.net
104.111.217.14
124.146.215.43
13.32.99.31
142.250.186.34
147.75.84.158
151.101.193.108
151.101.66.49
162.19.138.117
162.19.80.91
169.197.150.8
172.217.18.2
178.250.1.6
178.250.7.11
18.194.204.152
18.198.72.223
18.66.147.43
18.66.147.73
185.184.8.90
185.255.84.150
185.255.84.153
185.29.132.245
185.64.189.110
185.64.190.78
185.64.190.80
185.80.39.216
185.86.138.151
185.86.138.154
185.89.211.12
192.243.61.227
193.0.160.131
198.148.27.140
198.47.127.20
2.19.228.187
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
209.191.163.152
209.191.163.210
213.155.156.182
213.19.147.45
213.227.153.221
23.35.228.23
23.37.42.132
23.56.202.187
2600:9000:211e:7400:1b:5138:8a40:93a1
2600:9000:223f:4200:1f:4c18:bd40:93a1
2603:c020:400d:3000:f50:982a:7877:65bd
2606:4700:10::ac43:db6
2606:4700:20::681a:333
2606:4700:20::681a:8a9
2606:4700:20::681a:bd1
2606:4700:3031::ac43:a32c
2606:4700:3033::6815:327b
2606:4700::6811:190e
2606:4700::6812:372
2606:4700::6812:d73b
2606:4700::6813:9e13
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1178:1:4b::1a
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:4001:827::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a02:2638:3::12
2a02:2638:d::11
2a02:2638:d::2
2a05:d018:d29:3605:321a:b7de:60de:298b
3.122.13.213
3.122.49.75
3.212.153.58
3.75.62.37
34.111.129.221
34.111.131.239
34.111.151.213
34.149.40.38
34.195.128.39
34.198.183.31
34.236.207.21
34.247.205.196
35.157.13.156
35.204.74.118
35.210.53.219
35.214.153.92
35.244.159.8
35.244.174.68
35.71.131.137
37.157.2.234
37.157.6.236
37.157.6.247
37.252.171.52
37.252.171.85
51.89.9.254
52.202.232.227
52.211.255.71
52.215.114.201
52.46.151.131
52.5.106.217
54.147.162.32
54.155.103.238
54.156.191.143
54.228.67.66
54.229.131.240
54.72.3.113
69.166.1.12
69.173.144.138
69.173.144.139
70.42.32.127
70.42.32.63
77.245.57.72
8.2.109.168
8.43.72.97
80.77.87.162
82.145.213.8
85.114.159.93
98.98.134.241
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
0196a384e9013a062ab67b48e6db4ea7ae6d4bc35c30e499f91b3f4c608bb0ae
03550257f08a2c2d490bec7fd42d6758f27803b123b4297e2bf75eb4d75c8af0
0359faff623bdf7d6cc2335c648947e2f808b6093c1a5b0780971ef4c67516d0
089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0aaa0f6f2544a36e015cd3af2a59d1b9c37a16ec90607f8f1ef32bc579260619
0b53212d372536f9884e925b7c39b857c66354fdb0d8a147c0d074d6caba85de
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc7bfdeceed61eaa7b0966c5dc56e42e4045d8b331f0fdaff977d23c2e5af4b
0e95983c7e24ca259f53f088590ff63b69121d5d41d002b52f6c3035ad9d49c1
10fd68a075f02280cfe674fbfbf5bf51d07989d1cc01bc79d74c458a21896603
110c7932b78e1f27d049f7a3718b9099a8aba3fba09a65e7e22d771661c58022
126f667cd69d9efeaba800d2c0056c0af8f6af1341d6dcf2826a9c14bb462a84
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
155b08bca07a71772adbb6450b4262ba1bc3a96557c10a489f86c6ef288106a2
1690266a4def354da2feda545468781eefe065dab28c28e115ef23160308206b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
1a0f006ff1a71d7f51be0015ffb7098aadd66cb43e024c173ec0cda543ed6426
1f7f5efabc4ce4f4f4f6769dd11d53e20c31753222d8dd4fc9319df10a4cedf9
265ae921bd2141deb192d83ab5748b4e373853c4b96429a217aba361538ba64e
287cfccc2b3c2f1184c1b4254b9d2bacddd2b7323765443f4974407f95e43c13
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cc531bc67e8ca523e9184528973e8e6d709c2cb14f3229b8d3d00ad09243403
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3254a778cd4704cb1fc6bc0be2b737fd0bbbf64eabd5f22124aaad7f09ed9e01
32bd00dfaa165754d48447d568a5e2c5d51523324f586f6d262f2edd066100eb
33384660a45967e30803da7640ddd67aa3ce0906807b575a8d2de315d630f95b
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35a38464bc2a2d43f91b6cb7317c9db593aec20a89ad9753436e3d52522b0ffe
3823b27c053072320e706f5fe60a6265104a7d43f1ae9efcbad2246a00e9232f
394123c1a846663576ee5a567ad87b9b244e114e88e48142554978e50d27276f
3b2a28afe7c5cd2de981b4f9bc99186e69aa022b08bac96d9f519b4db3eb386d
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b8c82e1a32337e150164886ef2dd2761fc41c86ee4f6f98b6b3bc408623fc81
3bf204c2d3d25a2ce7cced9fc181bbdedb36a6f8d57419d75172993bb153efcb
3bfa49ee4e1a2fba0b7d35cddf9560f1be07546565cebb86d47d1fcc6ee2cc69
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
415976471a7f5e1b6100f6758067c4b666a7d4bbcab5e57439ca63474df5e3c4
45b77d332cb64026f6eb848cafa32d02df0835e7a7f22b90622fdad6ed5ae64f
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b25859886bf5c0f68dfffd6fd6388e1d882f3473e86b9ca6386401151800335
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cd5d9b9721d6b1bfc18d8c81562508902e01c61e2d2058485cc31fad4222c7d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
520e481c9bd3ff897feadd712223ec8ea40f04f9df315875326b85f4b8e919a6
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
55474c95c9ef6d07da210e0306e84276e464f434461f1ece2a4eb77fe0221652
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
589287787f8805dedb24cde98bfecc87405aec4af8668301ba671b5b530ef3be
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59f7b8d3ba894219a49703e461f8fadff367c2f34e371a500bb1fb990f0e11d4
5acb17616ffbd91876355147e8f9f5e3381791692b3417bef4e884cf688249dd
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
5ff48f51a8c1d7cc52656ee07a6ce5cd608cc58a6b8b6d90ac0a02c762407791
6146e850afd9ba2175c55d58300dd7412223a95c7987cdbad5eee5060a6b3adf
61b06a7b51f006191748869ece49d1f5020715bf9a4a2a6c1cf195e38edf6394
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69428e37364c874e9b333c3d09bc6e7b98d64aabc34e8f953735b25d550c1b0f
69f64f1e6bb256561b8012c88bebb2472dd7429da6087bf6f0d9590cd3360b64
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bb93f650a13e14e178c84a6ff2a14ce58456b94c587733b41c7aee6ce61c64d
6c66f2f3a7c4d1fd62b2003edfcf8411a6039bf667caf5a110973605454b15c5
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
7068e85fcc443aaec462de592bb3ec8df53c1c5cd62c9ffba5a28f7aa9a373cb
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a1ab231e485d9bfd9288e2fe9b3602ba8998004d9a65fc3db7036eef75ba05
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
77a44f65bb6894c92e3c7ccab98de0fc357172221cc1dd45949ab938c0c7756a
784631f4bb25d6da9ebb43bd821b756c06fadcd59afc90a11f97c16679e59523
80021c87ebc1c7954850407b7cde8d5c496cc61be604dd94f21433e571a9767e
8126a786b178c58984fe63249ce3fabaa0236797990fe6f75082bc49c9dcb0d2
8277612008fbd4b33ad1ad2f5d357517be701fee46e184bb283c5f42c5a02cb6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835f79262dd6633b91d8bbfeb62f78afa60dbd0a40072b402c1d3ed2a6d4a410
83e4b2ee16bd0cc38efd27d6887c1ec9058788497ca870997c22049c11752bb1
840d3b712b57fb87993f169ca4208bb83203bbedb0279af6e2fe82e7af22fcfc
85651f9563a36aec7d188d222ec08b7fe8c90f982bd29fe69451f0494656f0ac
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49
8878534410f0f7228783159c419aba71d3cb2d5f6c7434df102b41c1623ca1b1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a78b66026ecd874302cae87aecf97e39146e1536fa29e3de50ad0bd30158a4b
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e16ad2005bc4c19f8560189ef6e7b7475f2b3def2c60a57f9041fac5b4f94cf
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91731f1d018fb6b5566bbab5d3c7447509b83f543046f2361767cc1f35b02628
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94c02bbc2fc665542c76bb6ae230199c614b8177c46d9ab57794cf27870b8bc9
959351a0eabbef2a2491332f85b98d5fc0db7c5a8dac61053f7803066185aa86
96eed42e394f5b00f1e02a12d1ce9557aae7cd751e4a9ae2b3e8fc392b1db945
973e13c21682c0e79991ec0e786a9088c8f1db6aaeb577fab32e9837884d0dd9
97de67c1aaa24d3b3d4b5db344494bc0706612d2366526ffd646b6274ceff213
9dd3a1326f714eee263d0cf46a7d3e04da82774573de40c6a2ff9094654e7dbd
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3439d490cc4b79611478432d79052a419e6dde49e28e59e11084712c85b7607
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
aa4f613dfd3cc3d4b373f6b76270f06be23304b070646a64d740888ed151776c
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae684e653cf5edc8bec110ff0669b6daa58f690d550735f98954697799f963da
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b177393bb52a27d045184e12b1bde8a164ebf8d12319003fe72cc36a2325f5fe
b24b19152e92ee2240cdf53444b33a1b8ec286e9a44072890c5490c9d8ddfa3d
b2a515095950979160ea466edd49eeec2a9dcb219216c00eada5ac5e9a72c944
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5
b3741904813692e927151411f744ca2198a9d466be62477c293aed6405617452
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
ba56cd020246afe10f0e6e03a8612b3f054ed5961894fa3d901c1e470e287e6a
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf0850e3e549015b2804a27c8deb6e6a19186e7d711d920457d1f6f640520621
bf5a32878407b7e1f4fae574fdd255f300dd3002c7cc3561b4d5b03df1edb5b3
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1c57474d88bc77066cc29ddbaaa5e853c3dc5e4892ab6cfe64ec36be3058389
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5761dafe6ae213e252af719930969ad90e23be2e30a9c54d49e94e98bdbd372
c62493c612f9c1e47024f8cdf592884e21c4ebe774359383f0670bd5a995b68f
c661376fd6275029eba6e35e45ab10a8f70b857fb53dcf442781ab3937231b7f
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbc47837dbf7f0710160cdbd5b341399533253c5bc048e52e059561422d60009
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3ec65c33cf33da4584a7875fa73aa47db39b05163c891600fefd3dd635a4c15
d4c1dfed6e3f5810fb958a16dbb76512ee3439c26b026f6b3436935013e33a70
d9353b2b548608565fbdaf8b98cd1b5fdd0dd4c711a7c9a49243b65d9581ebf8
d9fffaaf85156d4fc12ce06f524f3b9984b1509d63eac220c8434f11f63e0f02
db345883b20676c2cba35420a4a0aa209de295947784747e70aa602838652364
de9107a36d1390e69af6871e220560b1c883557f8fd86f2dcc1a24ed07b0ab80
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e7d7d916b7239c63396df3f758d766f2f186687af57b02d9af7b05bdcd1ffbbf
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea45750e48aca6928fa67bea991b9628d34d526f124a9eb15886e2404fe4b310
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2bf6b49cd225ae4e1850eb803edc24cd1da6f41fa9905e75f36edab042d43b8
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6c2504210b13ce09150097b821b620266fce1efb578a2146b1ee6e8859958e9
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3