urlscan.io logo urlscan.io
SecurityTrails logo

testadvertiser008.com Open in urlscan Pro
2001:4b99:1:253::10  Public Scan

Go To Rescan Add Verdict Report
URL: http://testadvertiser008.com/
Submission: On November 08 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 8 countries across 31 domains to perform 35 HTTP transactions. The main IP is 2001:4b99:1:253::10, located in France and belongs to GANDI-AS-2 Domain name registrar - www.gandi.net, FR. The main domain is testadvertiser008.com.
This is the only time testadvertiser008.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2001:4b99:1:2... 203476 (GANDI-AS-...)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
4 5 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
1 178.250.0.163 44788 (ASN-CRITE...)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
1 2 18.194.110.242 16509 (AMAZON-02)
2 2 142.250.186.34 15169 (GOOGLE)
2 178.250.2.151 44788 (ASN-CRITE...)
2 2 37.252.173.38 29990 (ASN-APPNEX)
1 2 104.18.19.126 13335 (CLOUDFLAR...)
1 2 34.252.9.30 16509 (AMAZON-02)
1 2.18.235.93 16625 (AKAMAI-AS)
1 70.42.32.127 13789 (INTERNAP-...)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 69.173.144.139 26667 (RUBICONPR...)
1 18.159.205.223 16509 (AMAZON-02)
1 185.86.137.133 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 2.18.232.7 16625 (AKAMAI-AS)
1 13.248.245.213 16509 (AMAZON-02)
1 2 18.156.0.31 16509 (AMAZON-02)
1 37.157.4.23 198622 (ADFORM)
1 185.255.84.153 200271 (IGUANE-)
1 2 34.242.116.160 16509 (AMAZON-02)
1 162.19.138.117 16276 (OVH)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 52.29.95.123 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 96.16.132.239 16625 (AKAMAI-AS)
1 54.229.162.197 16509 (AMAZON-02)
1 52.214.159.83 16509 (AMAZON-02)
1 3.23.184.187 16509 (AMAZON-02)
35 32
3    2001:4b99:1:253::10 (France)

ASN203476 (GANDI-AS-2 Domain name registrar - www.gandi.net, FR)
testadvertiser008.com
1    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
1    2620:0:862:ed1a::1 (United States)

ASN14907 (WIKIMEDIA, US)
www.wikipedia.org
1    2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
2    18.194.110.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-110-242.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
2    34.252.9.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-9-30.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
1    70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    18.159.205.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-205-223.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    34.242.116.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-116-160.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    52.29.95.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-95-123.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    2600:1f18:612b:4216:f6:411e:ff52:dd4b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    54.229.162.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-162-197.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    52.214.159.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-159-83.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    3.23.184.187 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-184-187.us-east-2.compute.amazonaws.com
s.thebrighttag.com
Apex Domain
Subdomains		 Transfer
9 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 481
mug.criteo.com — Cisco Umbrella Rank: 1946
sslwidget.criteo.com — Cisco Umbrella Rank: 1993
dis.criteo.com — Cisco Umbrella Rank: 941
13 KB
3 testadvertiser008.com
testadvertiser008.com
3 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 285
2 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 407
505 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 825
851 B
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1766
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 313
2 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 320
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 415
1 KB
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2672
268 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 774
338 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2577
220 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 3726
360 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2415
183 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1575
884 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2954
274 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 678
1 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1240
235 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 2023
163 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 571
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2260
172 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1438
99 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 805
163 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 756
35 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 483
239 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 979
576 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 1062
145 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 809
799 B
1 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 3033
51 KB
1 wikipedia.org
www.wikipedia.org — Cisco Umbrella Rank: 7664
17 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 782
14 KB
35 31

This site contains no links.

Subject Issuer Validity Valid
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-27 -
2023-11-17		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2021-10-24 -
2022-11-24		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
itm.ivitrack.com
R3		 2022-10-06 -
2023-01-04		 3 months crt.sh
exchange.mediavine.com
Amazon		 2022-07-06 -
2023-08-04		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA		 2022-01-14 -
2023-01-13		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh

This page contains 3 frames:

Primary Page: http://testadvertiser008.com/
Frame ID: 0BEA5D411B68280D7D486A04B48C50AD
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=testadvertiser008.com&origin=onetag
Frame ID: DE1AFE051046D74C4B9D52BCE2D8E696
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-seoP0lix1pQsIEF623e0Zgm93uVGnUe0gXlfVw&expires=30
Frame ID: 6385AB5FBCBF1E6C2C2FE255446AA3C0
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

advertiser008

Detected technologies

Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

35
Requests

60 %
HTTPS

18 %
IPv6

31
Domains

34
Subdomains

32
IPs

8
Countries

105 kB
Transfer

135 kB
Size

38
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://gum.criteo.com/sid/json?origin=onetag&domain=testadvertiser008.com&sn=ChromeSyncframe&so=0&topUrl=testadvertiser008.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=APIK5HxpanAzRW0rQ3FmRVc4VTZNelN2U1haQnZTcjZXQnU2aVR1SGVuY1pwSTNzU0JTRXV0WmFqNmRFNFJ4Q0pXMmFGRCtnRU1YNmJNdmIzTTNBWGNLVmVUQlZPRDFUdTAreFZwZTVtdUU1eEs5ZEp5ZVU4ZlF6WWRWMlNFQWF5MlI2T2Y3YjduZWloTmlyQ1BQd3ZoOXVFUUVrNVh3TjZyMzlWQkJ5VWVqdHRrTFROdml4MnNOUWNuVHZKM09GY09Dc2p1TEs2VmdhME1pd1VaTDgvTWtxQlYrdm5kSE1vb1VFcG1lakNsenZ4WEpUclRLYyt1SVJIQnNwNnp1L2tqaE1mdU5YcVZ6LzNuaWpJZFV3UEhHWFFYWWZJdUIyeHppK1E4TTZXSXFESHB2OD18&cppv=2
Request Chain 8
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-seoP0lix1pQsIEF623e0Zgm93uVGnUe0gXlfVw&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-seoP0lix1pQsIEF623e0Zgm93uVGnUe0gXlfVw&expires=30
Request Chain 9
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-5KPL6lix1pQsIEF623e0Zgm93uUZ7tiNwLxNkg&google_cm&google_hm=ay01S1BMNmxpeDFwUXNJRUY2MjNlMFpnbTkzdVVaN3RpTndMeE5rZw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-5KPL6lix1pQsIEF623e0Zgm93uUZ7tiNwLxNkg&google_cm=&google_hm=ay01S1BMNmxpeDFwUXNJRUY2MjNlMFpnbTkzdVVaN3RpTndMeE5rZw&google_tc= HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5KPL6lix1pQsIEF623e0Zgm93uUZ7tiNwLxNkg&google_gid=CAESEIqZPPl-5vNsmjWZv5qVCHk&google_cver=1&google_ula=913071,0
Request Chain 10
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6649518807211516494
Request Chain 11
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_6tMnVix1pQsIEF623e0Zgm93uUaTyIzjOMfZg HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_6tMnVix1pQsIEF623e0Zgm93uUaTyIzjOMfZg&C=1
Request Chain 12
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-1qSupFix1pQsIEF623e0Zgm93uVIhbmvlTG-Ag HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1qSupFix1pQsIEF623e0Zgm93uVIhbmvlTG-Ag
Request Chain 22
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-YM02ilix1pQsIEF623e0Zgm93uU4E-WjmMA84g HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-YM02ilix1pQsIEF623e0Zgm93uU4E-WjmMA84g&verify=true
Request Chain 25
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=3-7qWCW-jMdsonEtq7m2pALkHsQTUZ0_ HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=3-7qWCW-jMdsonEtq7m2pALkHsQTUZ0_
Request Chain 32
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=kqsj5CKCDkwzu18L_Aip8OKG-Ntb2LYE
Request Chain 33
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EwUK_1xNHCnbVCVPcpPJg37fh53rdzZZ

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
testadvertiser008.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://testadvertiser008.com/
Protocol
HTTP/1.1
Server
2001:4b99:1:253::10 , France, ASN203476 (GANDI-AS-2 Domain name registrar - www.gandi.net, FR),
Reverse DNS
Software
Apache / PHP/8.1.0
Resource Hash
5adf14dce3598955ec07ce98f3338646202ff01f9320d2eba788a7848abe9f42

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Accept-Ranges
bytes
Age
0
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
699
Content-Type
text/html; charset=UTF-8
Date
Tue, 08 Nov 2022 17:33:28 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Via
1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
X-Cache
MISS
X-Cache-Hits
0
X-Powered-By
PHP/8.1.0
style.php
testadvertiser008.com/ 		915 B
711 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://testadvertiser008.com/style.php
Requested by
Host: testadvertiser008.com
URL: http://testadvertiser008.com/
Protocol
HTTP/1.1
Server
2001:4b99:1:253::10 , France, ASN203476 (GANDI-AS-2 Domain name registrar - www.gandi.net, FR),
Reverse DNS
Software
Apache / PHP/8.1.0
Resource Hash
3b4ea6ffcecb10ca443fd3ab2ec667c9efc6968639e476bb51223e31423a0aa6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://testadvertiser008.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 08 Nov 2022 17:33:28 GMT
Content-Encoding
gzip
Via
1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
Server
Apache
Age
0
X-Powered-By
PHP/8.1.0
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
text/css;charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
363
X-Cache-Hits
0
logo.php
testadvertiser008.com/ 		461 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://testadvertiser008.com/logo.php
Requested by
Host: testadvertiser008.com
URL: http://testadvertiser008.com/
Protocol
HTTP/1.1
Server
2001:4b99:1:253::10 , France, ASN203476 (GANDI-AS-2 Domain name registrar - www.gandi.net, FR),
Reverse DNS
Software
Apache / PHP/8.1.0
Resource Hash
8948ffdaf2ad48fc608980b6b28aa226dda1c37fbd65d8fb955b1cef8b310217

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://testadvertiser008.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Date
Tue, 08 Nov 2022 17:33:28 GMT
Via
1.1 varnish (Varnish/6.3), 1.1 varnish (Varnish/6.3)
Server
Apache
Age
0
X-Powered-By
PHP/8.1.0
X-Cache
MISS
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
461
X-Cache-Hits
0
ld.js
static.criteo.net/js/ld/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.criteo.net/js/ld/ld.js
Requested by
Host: testadvertiser008.com
URL: http://testadvertiser008.com/
Protocol
HTTP/1.1
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://testadvertiser008.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 17:33:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 25 Aug 2022 11:02:07 GMT
server
nginx
etag
W/"630756af-a8d9"
transfer-encoding
chunked
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 09 Nov 2022 17:33:28 GMT
syncframe
gum.criteo.com/ Frame DE1A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=testadvertiser008.com&origin=onetag
Requested by
Host: static.criteo.net
URL: http://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://testadvertiser008.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 08 Nov 2022 17:33:28 GMT
server
Kestrel
server-processing-duration-in-ticks
705001
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame DE1A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=testadvertiser008.com&sn=ChromeSyncframe&so=0&topUrl=testadvertiser008.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=APIK5HxpanAzRW0rQ3FmRVc4VTZNelN2U1haQnZTcjZXQnU2aVR1SGVuY1pwSTNzU0JTRXV0WmFqNmRFNFJ4Q0pXMmFGRCtnRU1YNmJNdmIzTTNBWGNLVmVUQlZPRDFUdTAreFZwZTVtdUU1eEs5ZEp5ZVU4ZlF6WWRWMl...
457 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=APIK5HxpanAzRW0rQ3FmRVc4VTZNelN2U1haQnZTcjZXQnU2aVR1SGVuY1pwSTNzU0JTRXV0WmFqNmRFNFJ4Q0pXMmFGRCtnRU1YNmJNdmIzTTNBWGNLVmVUQlZPRDFUdTAreFZwZTVtdUU1eEs5ZEp5ZVU4ZlF6WWRWMlNFQWF5MlI2T2Y3YjduZWloTmlyQ1BQd3ZoOXVFUUVrNVh3TjZyMzlWQkJ5VWVqdHRrTFROdml4MnNOUWNuVHZKM09GY09Dc2p1TEs2VmdhME1pd1VaTDgvTWtxQlYrdm5kSE1vb1VFcG1lakNsenZ4WEpUclRLYyt1SVJIQnNwNnp1L2tqaE1mdU5YcVZ6LzNuaWpJZFV3UEhHWFFYWWZJdUIyeHppK1E4TTZXSXFESHB2OD18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ce242b29aa867b371910b4381ce6dc475eb51ca6bfdf6165c6fd4a5ac8c2aa45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Nov 2022 17:33:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2349085
expires
0

Redirect headers

pragma
no-cache
date
Tue, 08 Nov 2022 17:33:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=APIK5HxpanAzRW0rQ3FmRVc4VTZNelN2U1haQnZTcjZXQnU2aVR1SGVuY1pwSTNzU0JTRXV0WmFqNmRFNFJ4Q0pXMmFGRCtnRU1YNmJNdmIzTTNBWGNLVmVUQlZPRDFUdTAreFZwZTVtdUU1eEs5ZEp5ZVU4ZlF6WWRWMlNFQWF5MlI2T2Y3YjduZWloTmlyQ1BQd3ZoOXVFUUVrNVh3TjZyMzlWQkJ5VWVqdHRrTFROdml4MnNOUWNuVHZKM09GY09Dc2p1TEs2VmdhME1pd1VaTDgvTWtxQlYrdm5kSE1vb1VFcG1lakNsenZ4WEpUclRLYyt1SVJIQnNwNnp1L2tqaE1mdU5YcVZ6LzNuaWpJZFV3UEhHWFFYWWZJdUIyeHppK1E4TTZXSXFESHB2OD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
800959
content-length
0
expires
0
event
sslwidget.criteo.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=5857&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=J1Wj7V9ndW5DZEV0UkFJQjBqS1pXeHBKZ0t5NGpIV0hzJTJCVXRucGJyNSUyQlNEU0VsSGM0Y3lkd3E3cmhVT1NjNXlBWWlUM0RNQmpyTzZpcFJzN29WYzRLVWo2Y0VhS2NNNENvUUJMTXdUZ3ZRUkczRktiJTJCdlNPWlpyZHhGTWdJcFpPNUxnN09BT1RRQ2ZzY3FlYUxLMk9RJTJGJTJGdGFyNCUyQkszT3JYVjdPTmF5ekc3bzRtYUklM0Q&tld=testadvertiser008.com&fu=http%253A%252F%252Ftestadvertiser008.com%252F&dtycbr=1196
Requested by
Host: static.criteo.net
URL: http://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c92a7792f214c7bbc1da96e73dddafa57bb3848977d28473a1cfd2f0b2f120bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://testadvertiser008.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Nov 2022 17:33:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
16944817
timing-allow-origin
*
expires
0
Wikipedia-logo-v2.png
www.wikipedia.org/portal/wikipedia.org/assets/img/ 		15 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wikipedia.org/portal/wikipedia.org/assets/img/Wikipedia-logo-v2.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::1 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/9.1.3 /
Resource Hash
75038605ff9e35cc393e0ed8200069601c889100607cde67d2af68b9eb88e5d4
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://testadvertiser008.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 10:26:46 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
25602
x-cache-status
hit-front
x-cache
cp3054 hit, cp3058 hit/40305
server-timing
cache;desc="hit-front", host;desc="cp3058"
content-length
15829
x-client-ip
2001:41d0:8:d154::7
last-modified
Mon, 19 Mar 2018 11:07:26 GMT
server
ATS/9.1.3
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
etag
"3dd5-567c1f68d7393"
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=86400
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ranges
bytes
expires
Wed, 08 Nov 2023 09:39:25 GMT
330px-Evariste_galois.jpg
upload.wikimedia.org/wikipedia/commons/thumb/5/53/Evariste_galois.jpg/ 		49 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/5/53/Evariste_galois.jpg/330px-Evariste_galois.jpg?axid=&optout=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/9.1.3 /
Resource Hash
c0dfe65f5a6c1d4f73e786be162d62b77a9dabce8d8fd0772b486e7d441ff85e
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://testadvertiser008.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 05:54:38 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
41931
x-cache-status
hit-front
x-cache
cp3057 hit, cp3063 hit/1
content-disposition
inline;filename*=UTF-8''Evariste_galois.jpg
server-timing
cache;desc="hit-front", host;desc="cp3063"
content-length
50529
x-client-ip
2001:41d0:8:d154::7
x-object-meta-sha1base36
7kt326sjpx0cg4s94j8oq9v04s1c937
last-modified
Sun, 23 Nov 2014 18:12:23 GMT
server
ATS/9.1.3
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
etag
8b6fab3b5e9d69f692ac9a66d1a0e4c5
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ranges
bytes
timing-allow-origin
*
sync
x.bidswitch.net/ul_cb/ Frame 6385
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-seoP0lix1pQsIEF623e0Zgm93uVGnUe0gXlfVw&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-seoP0lix1pQsIEF623e0Zgm93uVGnUe0gXlfVw&expires=30
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-seoP0lix1pQsIEF623e0Zgm93uVGnUe0gXlfVw&expires=30
Protocol
HTTP/1.1
Server
18.194.110.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-110-242.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 08 Nov 2022 17:33:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-seoP0lix1pQsIEF623e0Zgm93uVGnUe0gXlfVw&expires=30
Date
Tue, 08 Nov 2022 17:33:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 6385
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-5KPL6lix1pQsIEF623e0Zgm93uUZ7tiNwLxNkg&google_cm&google_hm=ay01S1BMNmxpeDFwUXNJRUY2MjNlMFpnbTkzdVVaN3RpT...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-5KPL6lix1pQsIEF623e0Zgm93uUZ7tiNwLxNkg&google_cm=&google_hm=ay01S1BMNmxpeDFwUXNJRUY2MjNlMFpnbTkzdVVaN3R...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5KPL6lix1pQsIEF623e0Zgm93uUZ7tiNwLxNkg&google_gid=CAESEIqZPPl-5vNsmjWZv5qVCHk&google_cver=1&google_ula=913071,0
43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5KPL6lix1pQsIEF623e0Zgm93uUZ7tiNwLxNkg&google_gid=CAESEIqZPPl-5vNsmjWZv5qVCHk&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Nov 2022 17:33:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1964257
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 08 Nov 2022 17:33:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5KPL6lix1pQsIEF623e0Zgm93uUZ7tiNwLxNkg&google_gid=CAESEIqZPPl-5vNsmjWZv5qVCHk&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 6385
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6649518807211516494
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6649518807211516494
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Nov 2022 17:33:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2497889
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 08 Nov 2022 17:33:29 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.59.164.108; 37.59.164.108; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f269290d-495a-4b69-bd5a-ab3ad1b41a3f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6649518807211516494
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
r.casalemedia.com/ Frame 6385
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_6tMnVix1pQsIEF623e0Zgm93uUaTyIzjOMfZg
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_6tMnVix1pQsIEF623e0Zgm93uUaTyIzjOMfZg&C=1
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-_6tMnVix1pQsIEF623e0Zgm93uUaTyIzjOMfZg&C=1
Protocol
H2
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Nov 2022 17:33:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLwMhGHNpHxQS6hcytJpkQpUZz06hulHbLGN3yqdw7wiqp2ujJzD3rDRDnQQ2IVXmnIZr1Xdv%2BObdnEVgX9jZat3Qt2ZTgsPRQMr0Cn2xGY5LN1CmqIa0zPzvt8u6mO5ZflJ"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76700dd2fcdcd5b8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 08 Nov 2022 17:33:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FV4tKn8TfI895hZBV6MmdhnjZ%2FEjpHFTZo6ceLpAqzytj4%2BRK%2B4xDCNYb%2B2ZU5khzou3bgATHFm5gvYVOF6ROE5Mv1u43acDoD4jxalhhpYeIdwV%2FsTp9dbT8QLQbNpu2EAC"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-_6tMnVix1pQsIEF623e0Zgm93uUaTyIzjOMfZg&C=1
cache-control
no-cache
cf-ray
76700dd28c24d5b8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
match
ad.360yield.com/ul_cb/ Frame 6385
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-1qSupFix1pQsIEF623e0Zgm93uVIhbmvlTG-Ag
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1qSupFix1pQsIEF623e0Zgm93uVIhbmvlTG-Ag
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1qSupFix1pQsIEF623e0Zgm93uVIhbmvlTG-Ag
Protocol
H2
Server
34.252.9.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-9-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 08 Nov 2022 17:33:29 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1qSupFix1pQsIEF623e0Zgm93uVIhbmvlTG-Ag
date
Tue, 08 Nov 2022 17:33:29 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cksync.php
contextual.media.net/ Frame 6385 		45 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-eZ3YPVix1pQsIEF623e0Zgm93uVbEC5IAAygOQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 08 Nov 2022 17:33:29 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Tue, 08 Nov 2022 17:33:29 GMT
cookie-sync
sync.outbrain.com/ Frame 6385 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-q8UVYVix1pQsIEF623e0Zgm93uXvmTI5qEmomg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Tue, 08 Nov 2022 17:33:29 GMT
Cache-Control
no-cache
X-TraceId
16d20b8d430e1203ea3deebd0ea32501
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6385 		42 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-A8ZKPlix1pQsIEF623e0Zgm93uV_x22l3tWM8w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 08 Nov 2022 17:33:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
tap.php
pixel.rubiconproject.com/ Frame 6385 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-XftmOlix1pQsIEF623e0Zgm93uVr1kWSgVgUww&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame 6385 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-0Pl3BVix1pQsIEF623e0Zgm93uWLTeUgk7nG_A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.205.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-205-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 17:33:29 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 6385 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-tcPgilix1pQsIEF623e0Zgm93uUujHFUY2MKmw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 17:33:29 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 6385 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-PRPDElix1pQsIEF623e0Zgm93uXdtT9T5riLtQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 17:33:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20592
um
criteo-sync.teads.tv/ Frame 6385 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-E8hHTFix1pQsIEF623e0Zgm93uWuMDcU6TK9dQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
Tue, 08 Nov 2022 17:33:29 GMT
pragma
no-cache
date
Tue, 08 Nov 2022 17:33:29 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 6385 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-4J3vrVix1pQsIEF623e0Zgm93uUYSxXXVF9Grw&dongle=013b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 17:33:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 6385
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-YM02ilix1pQsIEF623e0Zgm93uU4E-WjmMA84g
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-YM02ilix1pQsIEF623e0Zgm93uU4E-WjmMA84g&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-YM02ilix1pQsIEF623e0Zgm93uU4E-WjmMA84g&verify=true
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 17:33:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-YM02ilix1pQsIEF623e0Zgm93uU4E-WjmMA84g&verify=true
date
Tue, 08 Nov 2022 17:33:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame 6385 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-LAbdYlix1pQsIEF623e0Zgm93uWOSOT77rIM1A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 17:33:29 GMT
last-modified
Wed, 11 Oct 2017 13:40:08 GMT
server
nginx
accept-ranges
bytes
etag
"59de1f38-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 6385 		49 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-fvwsMlix1pQsIEF623e0Zgm93uUqb5J8gMWUoQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Nov 2022 17:33:29 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0
demconf.jpg
dpm.demdex.net/ Frame 6385
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=3-7qWCW-jMdsonEtq7m2pALkHsQTUZ0_
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=3-7qWCW-jMdsonEtq7m2pALkHsQTUZ0_
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=3-7qWCW-jMdsonEtq7m2pALkHsQTUZ0_
Protocol
HTTP/1.1
Server
34.242.116.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-116-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-0df7a788e.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Nfwu8hQPT+o=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v045-01a6f2a00.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
jV+dPeoAQuU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=3-7qWCW-jMdsonEtq7m2pALkHsQTUZ0_
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame 6385 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-Wym9sFix1pQsIEF623e0Zgm93uWYzouZoGN7pA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 08 Nov 2022 17:33:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
sync
matching.ivitrack.com/ Frame 6385 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-kDE-DVix1pQsIEF623e0Zgm93uU1vLrD5JWEcg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 17:33:28 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 6385 		0
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-4Ni8Xlix1pQsIEF623e0Zgm93uUK4yk9zWnfPQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.95.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-95-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 08 Nov 2022 17:33:29 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
sync
criteo-partners.tremorhub.com/ Frame 6385 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-jM2UI1ix1pQsIEF623e0Zgm93uWrhEOl3B3L0A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:f6:411e:ff52:dd4b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 08 Nov 2022 17:33:29 GMT
server
Apache-Coyote/1.1
content-type
image/gif
m
ad.yieldlab.net/ Frame 6385 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-e5RWfVix1pQsIEF623e0Zgm93uXy_yNDZCgbyg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-132-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Nov 2022 17:33:29 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Mon, 07 Nov 2022 17:33:29 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 6385 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-PRYZx1ix1pQsIEF623e0Zgm93uW8_2MyI_U4ag&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.162.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-162-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 08 Nov 2022 17:33:29 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
usermatch.gif
beacon.krxd.net/ Frame 6385
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=kqsj5CKCDkwzu18L_Aip8OKG-Ntb2LYE
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=kqsj5CKCDkwzu18L_Aip8OKG-Ntb2LYE
Protocol
H2
Server
52.214.159.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-159-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by
beacon-n016-dub-prod.krxd.net
date
Tue, 08 Nov 2022 17:33:29 GMT
cache-control
private, no-cache, no-store
x-request-time
D=36 t=1667928809
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=kqsj5CKCDkwzu18L_Aip8OKG-Ntb2LYE
date
Tue, 08 Nov 2022 17:33:28 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1475383
content-length
0
cs
s.thebrighttag.com/ Frame 6385
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EwUK_1xNHCnbVCVPcpPJg37fh53rdzZZ
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EwUK_1xNHCnbVCVPcpPJg37fh53rdzZZ
Protocol
H2
Server
3.23.184.187 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-184-187.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Nov 2022 17:33:29 GMT
x-bt-requestid
75c9b680-5f8b-11ed-9c6f-0000ac170152
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EwUK_1xNHCnbVCVPcpPJg37fh53rdzZZ
date
Tue, 08 Nov 2022 17:33:29 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1305545
content-length
0

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| criteo_q

38 Cookies

Domain/Path Name / Value
testadvertiser008.com/ Name: PHPSESSID
Value: 7kasav5kfcijm5cb50e05k0o7m
.criteo.com/ Name: uid
Value: e6cbc003-13b4-4490-ae16-03d4ab01108e
.testadvertiser008.com/ Name: cto_bundle
Value: J1Wj7V9ndW5DZEV0UkFJQjBqS1pXeHBKZ0t5NGpIV0hzJTJCVXRucGJyNSUyQlNEU0VsSGM0Y3lkd3E3cmhVT1NjNXlBWWlUM0RNQmpyTzZpcFJzN29WYzRLVWo2Y0VhS2NNNENvUUJMTXdUZ3ZRUkczRktiJTJCdlNPWlpyZHhGTWdJcFpPNUxnN09BT1RRQ2ZzY3FlYUxLMk9RJTJGJTJGdGFyNCUyQkszT3JYVjdPTmF5ekc3bzRtYUklM0Q
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-A8ZKPlix1pQsIEF623e0Zgm93uV_x22l3tWM8w&KRTB&23144-uid:k-A8ZKPlix1pQsIEF623e0Zgm93uV_x22l3tWM8w&KRTB&23286-uid:k-A8ZKPlix1pQsIEF623e0Zgm93uV_x22l3tWM8w&KRTB&23287-uid:k-A8ZKPlix1pQsIEF623e0Zgm93uV_x22l3tWM8w
.pubmatic.com/ Name: PugT
Value: 1667928809
.testadvertiser008.com/ Name: cto_pxsig
Value: aVzKUonAv3peDyHUK7XwcA
.bidswitch.net/ Name: tuuid
Value: 1bbff05b-3e30-4849-9580-b3c78abb04f4
.bidswitch.net/ Name: c
Value: 1667928809
.bidswitch.net/ Name: tuuid_lu
Value: 1667928809
.360yield.com/ Name: tuuid
Value: 7966a8ed-5ca1-447b-bd3e-7194e207301f
.360yield.com/ Name: tuuid_lu
Value: 1667928809
.casalemedia.com/ Name: CMID
Value: Y2qS6SVPy6JyvLHUSj5wygAA
.casalemedia.com/ Name: CMPS
Value: 5131
.casalemedia.com/ Name: CMPRO
Value: 5131
.adnxs.com/ Name: uuid2
Value: 6649518807211516494
.360yield.com/ Name: um
Value: !38,uoTZ.4u2oEHuoLX.QM06d4fa4KeUp.N3sbkH3yIA0-3.O5PmhxB1AHUr0N7MzOLd4Q6lM1.A,1675704809
.360yield.com/ Name: umeh
Value: !38,0,1730136809,-1
.media.net/ Name: visitor-id
Value: 3109304096570819000V10
.media.net/ Name: data-c-ts
Value: 1667928809
.media.net/ Name: data-c
Value: k-eZ3YPVix1pQsIEF623e0Zgm93uVbEC5IAAygOQ~~3
.doubleclick.net/ Name: IDE
Value: AHWqTUkrR1NBPdQTrkW4_uryMjRKdkNcjPOvBGtgQEhyOzVhUkxz5tON7xnFO1KYWDw
.demdex.net/ Name: demdex
Value: 38068178434582319390137892822447024861
.casalemedia.com/ Name: CMTS
Value: 1208
.dpm.demdex.net/ Name: dpm
Value: 38068178434582319390137892822447024861
.yahoo.com/ Name: A3
Value: d=AQABBOmSamMCEIwadmJrELyzS0ijhSC3WPoFEgEBAQHka2N0YwAAAAAA_eMAAA&S=AQAAAq5EhgFnNA1iLg_cFybiZ9A
.analytics.yahoo.com/ Name: IDSYNC
Value: 18zh~286h
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.krxd.net/ Name: _kuid_
Value: PL9t8X34
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22759b2c70-5f8b-11ed-89d4-3151eaaf01f8%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22759b2c70-5f8b-11ed-89d4-3151eaaf01f8%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22759b2c70-5f8b-11ed-89d4-3151eaaf01f8%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22759b2c70-5f8b-11ed-89d4-3151eaaf01f8%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-4Ni8Xlix1pQsIEF623e0Zgm93uUK4yk9zWnfPQ%22%2C%22version%22%3A%22criteo%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.yieldlab.net
beacon.krxd.net
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.thebrighttag.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
testadvertiser008.com
upload.wikimedia.org
ups.analytics.yahoo.com
visitor.omnitagjs.com
www.wikipedia.org
x.bidswitch.net
104.18.19.126
13.248.245.213
141.226.228.48
142.250.186.34
162.19.138.117
178.250.0.157
178.250.0.163
178.250.2.151
18.156.0.31
18.159.205.223
18.194.110.242
185.255.84.153
185.64.190.80
185.86.137.133
2.18.232.7
2.18.235.93
2001:4b99:1:253::10
2600:1f18:612b:4216:f6:411e:ff52:dd4b
2620:0:862:ed1a::1
2620:0:862:ed1a::2:b
2a02:2638:1::3
2a02:2638::1c
3.23.184.187
34.117.157.22
34.242.116.160
34.252.9.30
37.157.4.23
37.252.173.38
52.214.159.83
52.29.95.123
54.229.162.197
69.173.144.139
70.42.32.127
96.16.132.239
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3b4ea6ffcecb10ca443fd3ab2ec667c9efc6968639e476bb51223e31423a0aa6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712
5adf14dce3598955ec07ce98f3338646202ff01f9320d2eba788a7848abe9f42
75038605ff9e35cc393e0ed8200069601c889100607cde67d2af68b9eb88e5d4
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8948ffdaf2ad48fc608980b6b28aa226dda1c37fbd65d8fb955b1cef8b310217
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0dfe65f5a6c1d4f73e786be162d62b77a9dabce8d8fd0772b486e7d441ff85e
c92a7792f214c7bbc1da96e73dddafa57bb3848977d28473a1cfd2f0b2f120bf
ce242b29aa867b371910b4381ce6dc475eb51ca6bfdf6165c6fd4a5ac8c2aa45
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629