hyperurl.co Open in urlscan Pro
52.202.79.76 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hyperurl.co/ifoodappsign
Submission: On November 27 via manual (November 27th 2022, 3:33:23 pm UTC) from IL — Scanned from DE

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 17 domains to perform 49 HTTP transactions. The main IP is 52.202.79.76, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is hyperurl.co. The Cisco Umbrella rank of the primary domain is 895194.

This is the only time hyperurl.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	52.202.79.76 52.202.79.76	14618 (AMAZON-AES) (AMAZON-AES)
9	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	96.16.141.156 96.16.141.156	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	88.221.169.78 88.221.169.78	16625 (AKAMAI-AS) (AKAMAI-AS)
1	213.227.153.222 213.227.153.222	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	213.227.153.220 213.227.153.220	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2602:803:c003... 2602:803:c003:200::27	26667 (RUBICONPR...) (RUBICONPROJECT)
1	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
2	23.203.77.3 23.203.77.3	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
6 8	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:2256:d6d3:539d:24e0	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.95.115.196 52.95.115.196	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
49	27

2 52.202.79.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-79-76.compute-1.amazonaws.com

hyperurl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a5b117aa310ae7ed589a904f0bcd9315.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.141.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

smarttag.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.169.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-78.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.153.222 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.227.153.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce13.ams-01.nl.leaseweb.net

b1t-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::27 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.77.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-77-3.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.165 (Frankfurt am Main, Germany) 6 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:2256:d6d3:539d:24e0 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.115.196 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	rubiconproject.com 6 redirects ads.rubiconproject.com — Cisco Umbrella Rank: 3807 smarttag.rubiconproject.com — Cisco Umbrella Rank: 12966 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 6320 eus.rubiconproject.com — Cisco Umbrella Rank: 735 token.rubiconproject.com — Cisco Umbrella Rank: 732 pixel.rubiconproject.com — Cisco Umbrella Rank: 411	26 KB
12	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248 cm.g.doubleclick.net — Cisco Umbrella Rank: 271	206 KB
10	googlesyndication.com a5b117aa310ae7ed589a904f0bcd9315.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 182	42 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 914 s.amazon-adsystem.com — Cisco Umbrella Rank: 396	4 KB
3	zemanta.com b1-eudc1.zemanta.com — Cisco Umbrella Rank: 18177 b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 12898	250 B
2	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1441	12 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	95 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 121 www.google.com — Cisco Umbrella Rank: 16	2 KB
2	hyperurl.co hyperurl.co — Cisco Umbrella Rank: 895194	93 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 454	265 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 563	708 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 576	598 B
1	outbrainimg.com zem.outbrainimg.com — Cisco Umbrella Rank: 2810	18 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 467	104 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5200	792 B
49	17

	Domain	Requested by
9	securepubads.g.doubleclick.net	hyperurl.co securepubads.g.doubleclick.net www.googletagservices.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	pixel.rubiconproject.com	2 redirects
4	token.rubiconproject.com	4 redirects
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	s.amazon-adsystem.com	2 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	cm.g.doubleclick.net	1 redirects
2	eus.rubiconproject.com	hyperurl.co eus.rubiconproject.com
2	b1t-eudc1.zemanta.com	hyperurl.co widgets.outbrain.com
2	widgets.outbrain.com	smarttag.rubiconproject.com hyperurl.co
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	hyperurl.co	hyperurl.co
1	www.google.com	tpc.googlesyndication.com
1	match.adsrvr.org
1	px.ads.linkedin.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	zem.outbrainimg.com	hyperurl.co
1	beacon-ams3.rubiconproject.com	hyperurl.co
1	b1-eudc1.zemanta.com	hyperurl.co
1	fonts.gstatic.com	fonts.googleapis.com
1	smarttag.rubiconproject.com	ads.rubiconproject.com
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	ads.rubiconproject.com	securepubads.g.doubleclick.net
1	a5b117aa310ae7ed589a904f0bcd9315.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
49	28

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.zemanta.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-09-06`	a year	crt.sh
*.outbrainimg.com R3	`2022-10-04` - `2023-01-02`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://hyperurl.co/ifoodappsign
Frame ID: BB94C9D40EE8F46912B5504EFB1D0876
Requests: 12 HTTP requests in this frame

Frame: https://a5b117aa310ae7ed589a904f0bcd9315.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 524E8739AF90A3266CDF57A78EB9C1D8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszkrvI1egWjUhSDNCc9rKEmwvev21FPatYpHY-mjW4LDhN3CQj0ZlppPMlBQQaTMmi7sGABECGgEc6e0buJSBUoBJTB1zxshe0jYTg5WNx1YpztGB2AGyK3yFNw6ioD51MxHRVpBvGk1HNtBALmlJ2CESZtXrWReBREFkV5vkmQPL23cTOMnEAolUo5JSW0Br3dUjhXMMAaJpJXR5sLFS1O2CKd-7s_TJ3WoBkDP33wCmtzAYsg7vJWTZPGu8p_ihXi0upnKmLLAc0730j5gbdoLt9oCjh7hR3NYzrdnwNRQDG3WBTB8dBHMXdcF2lzLzoUlWc8ejXqh1WUjzA&sai=AMfl-YTXC7Y8KGZMUYiF50a6SEN9plR8T87iYrRGi4f9h8OzXqN2TFwcrMK2yGLmt_rQ5OOxtHFhutKE7NCnmamivuaCs2ZkR5oVC7tyWNiAPBn14oETpo59oaiVFyRR2zaTFZPpS9VHrEJlEWfjaB5Pow&sig=Cg0ArKJSzFuUXEKftT_rEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F41B9FD6C1C7FA8A83CCCCC0E22F75C1
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuttjkuKNvheXlkdE6hNCOLOA8tFXYNR3SNhqY6zBxOVINOBTDulrDOGLwVGWBpCrsv-DgU-BWLvkn5wGNGpUywcb9WP1y4eoA8QRzcGyqzkqzPLXz_LknsezObMHTfPTqnQCJrm2_V1Io75GVVTQN6ghOm2uCkNWMljcOyULyPNwXxoNGyInJgwdTpim_dLE0XdfzmX6GWR0FEYDIPOw7qiK6zQp0AARH1195FqWzFgNxIBvaRF4Z6k2s6Zg-HfOiwkuDgoJL3JqzCPVpQA-CQejcDRMEAI5FNOdkViJoc25sXwh6VCvLZRB2P1LLA8gwgJoTp4dM&sai=AMfl-YTLPJWku_YslLdulzccGt9AORdaUm8CVMWVAP7gL_4IgtEWz7z5HzsFc4nOQSTJGYPht43Q71Cfssv0rRjP5nE5NwzqrReWVewm8NB6gsYRG5_O6YIuBeUujMvD5RK94d11Fm00Tc3zXNoocnsccw&sig=Cg0ArKJSzJKq3ASgCybSEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2D055B67459EB38F9A7AF8BE3041BA69
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: AB548EE05A5CE17FFEAD5CC7DC86C394
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D107EB506C39E4953E7E1FE68120244C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 53248C8EBEE69D36BF54DBA3BEAE9B0D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LinkTitle

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

49
Requests

80 %
HTTPS

56 %
IPv6

17
Domains

28
Subdomains

27
IPs

4
Countries

645 kB
Transfer

1775 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmI1ZTI5MTZlZGZmZDY2ZTBiMjdjMzU3OTNhNDliMmEzYjlmZTY5OA

Request Chain 32

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/-GPNtDRL2Hli5UqRXkjUSsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5832658933844557280

Request Chain 33

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFaSVRMSVItMjgtTFZYUw==

Request Chain 34

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAHkVN2SPw81bsq7zKxsU-4&google_cver=1

Request Chain 35

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAZITLIR-28-LVXS

Request Chain 36

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZdSExK0aSpGQ9RQVNi94OA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZdSExK0aSpGQ9RQVNi94OA

Request Chain 38

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Puch1vJ4Ss-N6FFDHo__Kw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Puch1vJ4Ss-N6FFDHo__Kw

49 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request ifoodappsign Show response
hyperurl.co/ 92 KB
92 KB 329ms
209ms Document
text/html 52.202.79.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hyperurl.co/ifoodappsign
Protocol: HTTP/1.1
Server: 52.202.79.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-79-76.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 46cf04d3368486af5e62de592b137a31bc085d2e03293e47225a5fd5509c2099

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 27 Nov 2022 15:33:18 GMT
server: nginx
transfer-encoding: chunked
x-redirector-version: redirector-v3

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 191ms
33ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hyperurl.co
URL: http://hyperurl.co/ifoodappsign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27210
x-xss-protection: 0
server: sffe
etag: "1404 / 119 of 1000 / last-modified: 1669244741"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Nov 2022 15:33:19 GMT

GET
H2 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Nov 2023 15:03:23 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 33 B
61 B 102ms
57ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hyperurl.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76bab137e329053d4f9df7ad1685aede938d3db43ab6baf0b463b98be7d7e045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37
x-xss-protection: 0
expires: Sun, 27 Nov 2022 15:33:19 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 81ms
30ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hyperurl.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 78ms
29ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hyperurl.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 203 KB
38 KB 76ms
75ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1562316385138007&correlator=4245440986057902&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=22051246401%2CInterstitial_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=3211608428&sfv=1-0-40&cust_params=explicit%3Dno%26linkid%3D7fd33082-bf2e-40f1-a25d-60c306082ec6%26boardid%3D91a0ce14-018c-4eeb-a9a3-78747015356c%26toplevelboardid%3D5817b55d-314c-422f-a09e-840b0ca6a4e4%26organizationid%3D5817b55d-314c-422f-a09e-840b0ca6a4e4%26countrycode%3DDE%26city%3DUnknown%26days%3D%26planid%3D2235c21b-7da1-4131-a1ad-11d1ceacf0c2&sc=0&cookie_enabled=1&abxe=1&dt=1669563199193&lmt=1669563199&dlt=1669563198845&idt=294&adxs=8&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fhyperurl.co%2Fifoodappsign&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=710443489.1669563199&ga_sid=1669563199&ga_hid=144380444&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

279e7aad24589c508428f65a452f75998b30ee1856a797e8aa062260f4eb9a99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39032
x-xss-protection: 0
google-lineitem-id: 6047369944
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138392874836
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://hyperurl.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 70ms
70ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1562316385138007&correlator=4245440986057902&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=22051246401%2CInterstitial_Footer_Client&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=2627475421&sfv=1-0-40&cust_params=explicit%3Dno%26linkid%3D7fd33082-bf2e-40f1-a25d-60c306082ec6%26boardid%3D91a0ce14-018c-4eeb-a9a3-78747015356c%26toplevelboardid%3D5817b55d-314c-422f-a09e-840b0ca6a4e4%26organizationid%3D5817b55d-314c-422f-a09e-840b0ca6a4e4%26countrycode%3DDE%26city%3DUnknown%26days%3D%26planid%3D2235c21b-7da1-4131-a1ad-11d1ceacf0c2&sc=0&cookie_enabled=1&abxe=1&dt=1669563199200&lmt=1669563199&dlt=1669563198845&idt=294&adxs=658&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fhyperurl.co%2Fifoodappsign&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=710443489.1669563199&ga_sid=1669563199&ga_hid=144380444&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

292d02e287528a905805e9bb371807aa695e80b3a57a888d811c71b29939ffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10198
x-xss-protection: 0
google-lineitem-id: 5858414340
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138375767575
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://hyperurl.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a5b117aa310ae7ed589a904f0bcd9315.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 524E 6 KB
3 KB 135ms
29ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a5b117aa310ae7ed589a904f0bcd9315.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hyperurl.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 15:33:19 GMT
expires: Mon, 27 Nov 2023 15:33:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK / Show response
hyperurl.co/~/tr/pageview/ 70 B
264 B 176ms
176ms XHR
application/json 52.202.79.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://hyperurl.co/~/tr/pageview/
Requested by: Host: hyperurl.co
URL: http://hyperurl.co/ifoodappsign
Protocol: HTTP/1.1
Server: 52.202.79.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-79-76.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4f95593a939aef19feb01273d1c63d98f2e3e7222662550d28689940b883a5a1

Request headers

Referer: http://hyperurl.co/ifoodappsign
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
x-redirector-version: redirector-v3
server: nginx
transfer-encoding: chunked
content-type: application/json; charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F41B 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszkrvI1egWjUhSDNCc9rKEmwvev21FPatYpHY-mjW4LDhN3CQj0ZlppPMlBQQaTMmi7sGABECGgEc6e0buJSBUoBJTB1zxshe0jYTg5WNx1YpztGB2AGyK3yFNw6ioD51MxHRVpBvGk1HNtBALmlJ2CESZtXrWReBREFkV5vkmQPL23cTOMnEAolUo5JSW0Br3dUjhXMMAaJpJXR5sLFS1O2CKd-7s_TJ3WoBkDP33wCmtzAYsg7vJWTZPGu8p_ihXi0upnKmLLAc0730j5gbdoLt9oCjh7hR3NYzrdnwNRQDG3WBTB8dBHMXdcF2lzLzoUlWc8ejXqh1WUjzA&sai=AMfl-YTXC7Y8KGZMUYiF50a6SEN9plR8T87iYrRGi4f9h8OzXqN2TFwcrMK2yGLmt_rQ5OOxtHFhutKE7NCnmamivuaCs2ZkR5oVC7tyWNiAPBn14oETpo59oaiVFyRR2zaTFZPpS9VHrEJlEWfjaB5Pow&sig=Cg0ArKJSzFuUXEKftT_rEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: hyperurl.co
URL: http://hyperurl.co/ifoodappsign

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 15:33:19 GMT

GET
H2 200 23872.js Show response
ads.rubiconproject.com/ad/ Frame F41B 30 KB
9 KB 107ms
19ms Script
text/javascript 96.16.141.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/23872.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.141.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-141-156.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: 1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
content-encoding: gzip
server: Apache
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=12785
access-control-allow-credentials: true
content-length: 8916
expires: Sun, 27 Nov 2022 19:06:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F41B 154 KB
48 KB 88ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 15:33:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D05 0
0 60ms
59ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuttjkuKNvheXlkdE6hNCOLOA8tFXYNR3SNhqY6zBxOVINOBTDulrDOGLwVGWBpCrsv-DgU-BWLvkn5wGNGpUywcb9WP1y4eoA8QRzcGyqzkqzPLXz_LknsezObMHTfPTqnQCJrm2_V1Io75GVVTQN6ghOm2uCkNWMljcOyULyPNwXxoNGyInJgwdTpim_dLE0XdfzmX6GWR0FEYDIPOw7qiK6zQp0AARH1195FqWzFgNxIBvaRF4Z6k2s6Zg-HfOiwkuDgoJL3JqzCPVpQA-CQejcDRMEAI5FNOdkViJoc25sXwh6VCvLZRB2P1LLA8gwgJoTp4dM&sai=AMfl-YTLPJWku_YslLdulzccGt9AORdaUm8CVMWVAP7gL_4IgtEWz7z5HzsFc4nOQSTJGYPht43Q71Cfssv0rRjP5nE5NwzqrReWVewm8NB6gsYRG5_O6YIuBeUujMvD5RK94d11Fm00Tc3zXNoocnsccw&sig=Cg0ArKJSzJKq3ASgCybSEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: hyperurl.co
URL: http://hyperurl.co/ifoodappsign

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 15:33:19 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2D05 5 KB
1 KB 83ms
34ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@200;400;700&display=swap

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08ed954dc4ba27b5c312348ad2a35bf323a93cbe6b04653af06e03ecd7993f72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 27 Nov 2022 15:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 15:33:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 27 Nov 2022 15:33:19 GMT

GET
H2 200 vue.js Show response
cdn.jsdelivr.net/npm/vue/dist/ Frame 2D05 424 KB
104 KB 120ms
76ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue/dist/vue.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2029697010cdf442eea110b24c9735fdacfa9219860ad6ed888b320d102e609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 25926
x-jsd-version: 2.7.14
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230121-FRA, cache-yyz4580-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"69e4a-BKrau4AkkDJGeiJbm9fIy8gIwGA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQWSKoDIoZ2szPQGelBOCsNEIX5t1YOpkdso61vzRpQxVRmRfLsmerqcQz0hOJC1S0e%2BdHMSG0fk3mR3MgdfQ0PM9SQXs1Lvd7wRz3eaVXG27nUWcnGVng79Y0%2FxjkzgGOXDW57vjIOdosPoutI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 770bebec0a8e5b74-FRA

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D05 154 KB
47 KB 88ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 15:33:19 GMT

GET
H2 200 2256236-15.js Show response
smarttag.rubiconproject.com/a/23872/403064/ Frame F41B 6 KB
4 KB 244ms
120ms Script
text/javascript 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://smarttag.rubiconproject.com/a/23872/403064/2256236-15.js?&cb=0.6775255091487533&tk_st=1&rf=http%3A//hyperurl.co/ifoodappsign&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=403064_15&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/23872.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4913cf1e1ccd8ca904460844fbb168432af5472130d16e1aec78bcce3171fa22

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 15:33:19 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: text/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
DATA 200
OK truncated
/ Frame 2D05 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91f29899ba4b9f403bf893dac5e0aa1faabb0f911b1abd9f9f8d8f5aa19a3e7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 2D05 45 KB
46 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@200;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://hyperurl.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 22:05:34 GMT
x-content-type-options: nosniff
age: 235665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 22:05:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D05 0
0 58ms
57ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssX94j_qvBSB-Vfd42sS8r0hLfMvDYOFpuK8K0HoS3pLqEobxBWF8rMF6FMG-YUf33Yl9KJ6Ack4QPuVf728rVP0gCR1K44Bv7OUUoNfO-KMS5DJM-mVc01WVQu0ray2EY8d-NA9bRjlECTrJJRTXRDSYd6BbOvcxnw5dqVggrSI_Twx0hVQpLKK6CU4S-8eTdsy44hLV_SAVHzQgT7Vfyyzqi32U_jW1xvqGXoXsGV1K1brBdzKu9_6mFwE9HiCuU5XAG0HUpdZaBfAw_fx6c0v6BVQxVYQV5XAlTSfZpWpRrbtLpRq8XABQ3lPQjzrNYoRHahLoLnRQ&sai=AMfl-YRNGGJktoX24NunwER3K4X0oAaMcJuw-dEa-nvK5a7JyKdOj9vri_2MAmiY9oXK6Efjh4uzKBhKzEqdoIpTVmFa4E_2nILo5-elwUXMxmGM9gFkcRZfTlGI6mRbBnKc6UNvY1uCB8g-O6KYFlavsA&sig=Cg0ArKJSzK_JRn7Dl9RrEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 15:33:19 GMT

GET
H2 200 widget.js Show response
widgets.outbrain.com/n2d/widget/ Frame F41B 40 KB
9 KB 106ms
23ms Script
application/x-javascript 88.221.169.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/n2d/widget/widget.js
Requested by: Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/23872/403064/2256236-15.js?&cb=0.6775255091487533&tk_st=1&rf=http%3A//hyperurl.co/ifoodappsign&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=403064_15&rp_secure=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 495ce95900218d6f0f4f7c83954be72af7ef4e5de512c6b34981fcee70af6bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
content-encoding: gzip
last-modified: Thu, 24 Nov 2022 09:14:54 GMT
server: AkamaiNetStorage
etag: "82848afc3acfd24ed056746837f75a7e:1669281694.361718"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 9003
expires: Sun, 27 Nov 2022 19:33:19 GMT

GET
H/1.1 200
OK /
b1-eudc1.zemanta.com/bidder/win/rubicon_display/d1e52880-6e68-11ed-859a-625695f49249/FAC097EC2DFBDA0D/PZBW6Y4SEK3JW55QMPSTRSEW7GE33OR7YAPLDCXQDMMQ6WXA2D3LQPNH6X7ABH7NL4HJOM7PND7EIT5K3PG6R5D22NG6BTJ... Frame F41B 0
99 B 93ms
29ms Image
text/plain 213.227.153.222
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-eudc1.zemanta.com/bidder/win/rubicon_display/d1e52880-6e68-11ed-859a-625695f49249/FAC097EC2DFBDA0D/PZBW6Y4SEK3JW55QMPSTRSEW7GE33OR7YAPLDCXQDMMQ6WXA2D3LQPNH6X7ABH7NL4HJOM7PND7EIT5K3PG6R5D22NG6BTJCK56P4H456UAFGHWDICU2KZRVFYMRSTE77ZQPT3RDK4EHVZTKQ3RLRJJFD23HGL46UZT7E5UTAALY2OGPTJAJLU5AA6WDK7363543EZIMGDMDS77PRCLRM7LUESQFI2ZI5OD77OKRCM4HFYAT6KGSH2576KCIDWJUUA7RQZAJNJWQU6AJHLDKW47IJ2QPTKDDVDXA2Y6YHAS32AV7XECBAEKO34RT3WK3YHMN3TYWRK426IU4ZIN3WJKH46DYYAPNCOCVVA776CG2RYKOAEB6MVU76XHJ2WHAIBA5D4B2UGO7KGKYX5A5NZL2VR3RVIBNQ6ULXOIJ5CA62AZCQB257HUGXX5TIEWKWZMGTGPHGFQD37WEOATKKJ6T6LRKLJP776EVNGA/?
Requested by: Host: hyperurl.co
URL: http://hyperurl.co/ifoodappsign
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 27 Nov 2022 15:33:19 GMT
Content-Length: 0

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/QOEY3SXYT3R5NFSA4MMO5EZI6BIFT5QDYQFYJYZZQ3KE63BFVIG4SPJ4NE4EVXNYQYDVAEE6QELYVTH474BVQZXANNDJNN3TE3MZBADIF2NHKGKVTCXSR5XTUJ7KJCO7YQ7GR6CWGOZEKRS2LIQ324HFNAGNLZ... Frame F41B 26 B
151 B 103ms
30ms Image
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/QOEY3SXYT3R5NFSA4MMO5EZI6BIFT5QDYQFYJYZZQ3KE63BFVIG4SPJ4NE4EVXNYQYDVAEE6QELYVTH474BVQZXANNDJNN3TE3MZBADIF2NHKGKVTCXSR5XTUJ7KJCO7YQ7GR6CWGOZEKRS2LIQ324HFNAGNLZLGXPXHL5LOKGQDUMLMR2OMGKMA64JJOD2XQKGU3JEXZDMDHEHUJMVI7ZZHSCMREERLR3T3MXBVWT5OHHD4ZKJZ44I2NTEGUYE52PYVN3UYKUKM6YKHMTEFDNHLFAXTNUKPHVVDRYKN4OMAGIB2KBSQUUSYG66VEQN7VG7UZZUZZZ74V66WPNGJE6GFTNUB5BKW55XIKRQ/?
Requested by: Host: hyperurl.co
URL: http://hyperurl.co/ifoodappsign
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 15:33:19 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200 49205680-1048-4bd2-aeda-da7e839effbb
beacon-ams3.rubiconproject.com/beacon/d/ Frame F41B 43 B
378 B 237ms
38ms Image
image/avif 2602:803:c003:200::27
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/49205680-1048-4bd2-aeda-da7e839effbb?oo=0&accountId=23872&siteId=403064&zoneId=2256236&sizeId=15&e=6A1E40E384DA563B0D405EDC502F3BD06A424E9F171BB1B70FE2F05555B59DD471E4C2BAFC9BD8C994B2426BD4C1A5C2683D50851BF2EEDF053899F08B1928D09BDEFD8D32BF71EC3105EF7913D1CD3D1F4D2F39B37668BCBD59B50FB3B84CA31C8C015C01757F79F20FB9AC28B0030DEB575F0AFFADE2F545245F86D4C1611709486FA62D86CD0DE65AA3F57BF7EB48A31D30FF48DD9706BBBB00E38FC1660BB2BD6BE1E6A5E20C1FDE44B2E4CD50B1AAF98B1B87BB1221

Requested by

Host: hyperurl.co
URL: http://hyperurl.co/ifoodappsign

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 15:33:19 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame F41B 3 KB
3 KB 23ms
22ms Image
image/svg+xml 88.221.169.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: hyperurl.co
URL: http://hyperurl.co/ifoodappsign
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Tue, 27 Dec 2022 15:33:19 GMT

GET
H2 200 cc8f436dbba5f34dc5f7f95bdab5dafb4b.png
zem.outbrainimg.com/p/srv/sha/1a/a1/45/ Frame F41B 17 KB
18 KB 129ms
22ms Image
image/jpeg 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/1a/a1/45/cc8f436dbba5f34dc5f7f95bdab5dafb4b.png?w=0&h=250&fit=crop&crop=center&fm=jpg

Requested by

Host: hyperurl.co
URL: http://hyperurl.co/ifoodappsign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

b2074b96e20b22ae9cdf41cd0158ef8fd1fee2f550d583c66f31c0a35641eea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 1056091
x-cache: HIT, MISS, HIT
x-imgix-id: 00e8f0d5ccccf85f0e559bb3ca6941bcaaf13b8b
cross-origin-resource-policy: cross-origin
content-length: 17825
x-served-by: cache-sjc10055-SJC, cache-fra-eddf8230094-FRA, cache-fra-eddf8230106-FRA
x-imgix-render-farm: 01.584
last-modified: Tue, 15 Nov 2022 10:11:48 GMT
server: imgix
x-timer: S1669563200.881262,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame AB54 281 B
554 B 85ms
21ms Document
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: hyperurl.co
URL: http://hyperurl.co/ifoodappsign
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: http://hyperurl.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 27 Nov 2022 15:33:19 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AB54 34 KB
10 KB 21ms
21ms Script
text/html 23.203.77.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.77.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-77-3.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b8f85017bf0124869dbebd96f4c38db15cd36242abe380147dd0bea4f4f085a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 15:33:19 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Nov 2022 08:07:43 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59599
Connection: keep-alive
Content-Length: 10065
Expires: Mon, 28 Nov 2022 08:06:38 GMT

GET
DATA 200
OK truncated
/ Frame F41B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f90e3edadd794891272b450dd3a22d9de03db498c9adb3a053fac6303e19ee85

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F41B 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1qP6bIGqYa66-paZ03Ket9T4V4mzxBuXbk8EbicAM22KCeUlhdlw72BkLmUP3laEOz4ZiGjjVk8Ur51ycCQ6FIe4gVlyeNfhBwaeiwdZLucoG-TkzxYMGfao9kQKYmc7p4y5PbucEMuFpAFRQEV6ogOwLedv7GLIe6uN-XlX5hVwEiOL7fH_R2vbwrc2wijAGr85S3L9wj_iHCjTdEpmHgS8O4VW3h7lgzPpyrRS54j-4d3qommRQgwMcScV6TzEFKNFzSNgB3f82CbI-tcjspcLAKv_BvFLtMR5NBcUgotr2obnJVLEaM_ldSP0vZl_8TNSdU1QNprV5D6dX8tQ&sai=AMfl-YTbXCEauWRMWD6dUPfV8-RUdzHUBe-LXbZwM7AdJNqHuHMy1Nt5CqCDCD_MxgYe2brLYTolepP-tg_6xd3oEnF0u6s4kgr0MgNnJpAqmHo5EtNN-j-xN_HHayU1zAJDeUjxVAJFbhCEYPFVn-qYfA&sig=Cg0ArKJSzAxyEhpDVtYiEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 15:33:19 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 129ms
71ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d31c43b9d6fb31a485d4dee34963307c3ad79eaa46a69b1dddb65eb342658a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11090
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB54
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmI1ZTI5MTZlZGZmZDY2ZTBiMjdjMzU3OTNhNDliMmEzYjlmZTY5OA

170 B
188 B

75ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmI1ZTI5MTZlZGZmZDY2ZTBiMjdjMzU3OTNhNDliMmEzYjlmZTY5OA

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 15:33:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZmI1ZTI5MTZlZGZmZDY2ZTBiMjdjMzU3OTNhNDliMmEzYjlmZTY5OA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame AB54
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/-GPNtDRL2Hli5UqRXkjUSsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5832658933844557280

0
239 B

22ms
22ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5832658933844557280
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 27 Nov 2022 15:33:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5832658933844557280
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB54
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFaSVRMSVItMjgtTFZYUw==

170 B
188 B

72ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFaSVRMSVItMjgtTFZYUw==

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 15:33:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFaSVRMSVItMjgtTFZYUw==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame AB54
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAHkVN2SPw81bsq7zKxsU-4&google_cver=1

0
239 B

84ms
21ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAHkVN2SPw81bsq7zKxsU-4&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 15:33:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAHkVN2SPw81bsq7zKxsU-4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame AB54
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAZITLIR-28-LVXS

0
708 B

278ms
204ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAZITLIR-28-LVXS
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:20 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 14B1AE8CC0A64C6F96471DFFAEC11A02 Ref B: FRAEDGE1307 Ref C: 2022-11-27T15:33:20Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXudXl7TJOqSrwEm16k2g==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LAZITLIR-28-LVXS
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame AB54
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZdSExK0aSpGQ9RQVNi94OA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZdSExK0aSpGQ9RQVNi94OA

43 B
479 B

51ms
50ms

Image
image/gif

52.95.115.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZdSExK0aSpGQ9RQVNi94OA

Protocol

HTTP/1.1

Server

52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 15:33:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 77ADB6R8BBDS0E5RJEVV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZdSExK0aSpGQ9RQVNi94OA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame AB54 70 B
265 B 152ms
48ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 27 Nov 2022 15:33:20 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AB54
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Puch1vJ4Ss-N6FFDHo__Kw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Puch1vJ4Ss-N6FFDHo__Kw

43 B
479 B

112ms
112ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Puch1vJ4Ss-N6FFDHo__Kw

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 15:33:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T28JRW3S10T3YVR56E54
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Puch1vJ4Ss-N6FFDHo__Kw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 102ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 15:33:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D107 13 KB
5 KB 65ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hyperurl.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 131
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 15:31:09 GMT
expires: Mon, 27 Nov 2023 15:31:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5324 783 B
1 KB 80ms
29ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a016f3a562cc2a6625b688f1e83907dcb30e920d4149531c89e71686919bc94

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-of7EFH_dbPZUbSxjviahCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hyperurl.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-of7EFH_dbPZUbSxjviahCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 15:33:20 GMT
expires: Sun, 27 Nov 2022 15:33:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame D107 36 KB
16 KB 61ms
19ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 14:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 14:51:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5324 0
0 78ms
54ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=1562316385138007&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D107 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VHObTw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:33:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET /
b1t-eudc1.zemanta.com/t/imp/view/QOEY3SXYT3R5NFSA4MMO5EZI6BIFT5QDYQFYJYZZQ3KE63BFVIG4SPJ4NE4EVXNYQYDVAEE6QELYVTH474BVQZXANNDJNN3TE3MZBADIF2NHKGKVTCXSR5XTUJ7KJCO7YQ7GR6CWGOZEKRS2LIQ324HFNAGNLZLGXPXH... Frame F41B 0
0

OPTIONS
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/view/QOEY3SXYT3R5NFSA4MMO5EZI6BIFT5QDYQFYJYZZQ3KE63BFVIG4SPJ4NE4EVXNYQYDVAEE6QELYVTH474BVQZXANNDJNN3TE3MZBADIF2NHKGKVTCXSR5XTUJ7KJCO7YQ7GR6CWGOZEKRS2LIQ324HFNAGNLZLGXPXH... Frame 0
0 82ms
27ms Preflight 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/QOEY3SXYT3R5NFSA4MMO5EZI6BIFT5QDYQFYJYZZQ3KE63BFVIG4SPJ4NE4EVXNYQYDVAEE6QELYVTH474BVQZXANNDJNN3TE3MZBADIF2NHKGKVTCXSR5XTUJ7KJCO7YQ7GR6CWGOZEKRS2LIQ324HFNAGNLZLGXPXHL5LOKGQDUMLMR2OMGKMA64JJOD2XQKGU3JEXZDMDHEHUJMVI7ZZHSCMREERLR3T3MXBVWT5OHHD4ZKJZ44I2NTEGUYE52PYVN3UYKUKM6YKHMTEFDNHLFAXTNUKPHVVDRYKN4OMAGIB2KBSQUUSYG66VEQN7VG7UZZUZZZ74V66WPNGJE6GFTNUB5BKW55XIKRQ/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://hyperurl.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Allow: GET, HEAD, OPTIONS
Connection: keep-alive
Content-Length: 0
Date: Sun, 27 Nov 2022 15:33:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2D05 42 B
64 B 102ms
58ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFQM6CA5_Ij_Ff3fQTlHeH_6wJQ47dGSq52aV6ohFB2sTRRyS1-RpYttjuQgbXDTMejTEvqNQ4aLlw-gTeK5kHoGiBvqlpx0_hv-g0DbUI7m3WQPT5&sig=Cg0ArKJSzHPxKQz0AnT8EAE&id=lidar2&mcvt=1000&p=0,8,1200,1608&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3211608428&rs=4&la=1&cr=0&vs=4&r=v&rst=1669563199312&rpt=315&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 15:33:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=1562316385138007&bg=!zM-lz4vNAAbvMpMzzzI7ACkAdvg8WigpCK45poWH17pX5hqhdsDOPsOhNlcbzzOubnxsZus6DW2jLAIAAAA8UgAAAANoAQcKAFHbbNLRaQUo0h_zpbW7StGSsUXU3V4eONatCP7L0-iqTD3uSSB1aRUwTyUxnRXtLaFwT-JV-5jtmnaXYFvPZb9afVr2Ad7Je-4CGWCdctDGwL6ZAo-aQHKeZBzvc-DWPc3KljHoMzNc3fxfTeViITyDSILbbp4OCVYEqn86H0Ose9P5qrD0dZBjgli0Hp0Ds-L9XqBZJ81AZFUYSqV13b8bfCamGch3jHldKUKya8whImLtmVbMQxrSNfApzfUjCmNoiEYMwTOhA-7Yz3BA3ZefFqB5A-CoYL-r-XlCQGYVA5pklXCfPk7KIMtreGDCm5IgCfWxKJZi0I3GSGYh2JxKwEuGYQGdR-wW6VBeBtuiTHKElIWyDCAjsXQzZPQwC8IJ1Jf2_YOylhSTiRuBfdyDAlzPpyN-YL5dtP4WBqHvpbqkJ22BxQv_xKf5LDnJJTpUoCvlxzn1v5KwRFK1_s-Z0jXsHLYG_R4VuWVZVbzMRLV1yZVqJ_0o9dHr8DWPEARlNtkdVBTF6ybYB_MNc2bxBsn9biyZShpfuIO6IewB5Wo6Pq28-x501hNfg1zL2UKlx8-WElgIyvlD_v_aQ9K7hfBfZG-bK7KMKWvpMa7J6GyaK2bECfW8QtuvZwEKseNxeHe61hyYIawEgQbQ6u4851CYq5W8m4ov3uwkQ6ZU1SMgcIPWmhGPVpT_22uppzD_5hG4thXTHkV-CgCH6SNe8Q_GO_hu_TcnYcJYhOlG_G0ZpBn9PASSVt8km0AVcoJ4ron5j_TFgwR_f4lVDJEEJfT5jkhwo40b1XLCmxOXVVrLtEiM6zIG6Zjh-hRlAK16hYIb1xEBpc_TZrjKwwT3WewFGClY_pkncl3JyL5YqZd_NdD0yAgWSyXgvNCp2Lu2R5P0q6Ur1h53VNvtXisl4XYCq92o8DWUKZwKP6zBoK7lI2b2BXuGDoCxYA8joNE018Bx_0VGR5Wk-SjJkVAi-0fh
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F41B 42 B
64 B 60ms
59ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEpDBRIziQ02pmppeRcXLHpdA5RJ2k2VI2387A2G270rbiCBlbzwKG1VFxM8e4H9S1Y_fQfr7iAlR3nFY_h9AjzLCyxPcDid5e7E6IW085_RLUKqCCgW1weEcdfA97wZWcDQ2x8jTN2my_w3FlWaNvVSeDHot9yv6IhPH3i16HzIvmokJfNNXDlsRUz-VMq06JgW1p8p4Wue5-iQtIshmo4oK0weeIVvdchQxApyQ3m540wxfJxIATX042Geb5x3KKshDH6yy9_DFPqUtdUMmVwT8tT2sxZOhgQ-euW-b76vW3deTNh_3KoTZScMl737UmfbnvF3SbcbJRUigpXfRSJmzkJw4&sai=AMfl-YRJV15gaYWug4cWcAyMYDkcLqpXqAMLv9m6bBveGHiYAp58cGAStKMWMhDuScWdzgl2unCOk3h1iA9F6BscBtQ-RsZp-nZKzP_hKauKVbZjvm-x1ncZzcMcqpQy8KKqSRzyZeMbyxJYTkN1HB2dDw&sig=Cg0ArKJSzMRU09PsdF4oEAE&id=lidar2&mcvt=1000&p=587,658,837,958&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2627475421&rs=4&la=0&cr=0&vs=4&r=v&rst=1669563199282&rpt=618&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hyperurl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 15:33:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b1t-eudc1.zemanta.com
URL: https://b1t-eudc1.zemanta.com/t/imp/view/QOEY3SXYT3R5NFSA4MMO5EZI6BIFT5QDYQFYJYZZQ3KE63BFVIG4SPJ4NE4EVXNYQYDVAEE6QELYVTH474BVQZXANNDJNN3TE3MZBADIF2NHKGKVTCXSR5XTUJ7KJCO7YQ7GR6CWGOZEKRS2LIQ324HFNAGNLZLGXPXHL5LOKGQDUMLMR2OMGKMA64JJOD2XQKGU3JEXZDMDHEHUJMVI7ZZHSCMREERLR3T3MXBVWT5OHHD4ZKJZ44I2NTEGUYE52PYVN3UYKUKM6YKHMTEFDNHLFAXTNUKPHVVDRYKN4OMAGIB2KBSQUUSYG66VEQN7VG7UZZUZZZ74V66WPNGJE6GFTNUB5BKW55XIKRQ/?

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hyperurl.co/	1970-01-20 07:46:03	Name: LF_session_a476f659a11ddd6e192179e4b824ad9d Value: 1
.hyperurl.co/	1970-01-20 17:07:39	Name: __gads Value: ID=559accef5260f9d6:T=1669563199:S=ALNI_MZqrMtoP3AO7hls5jNMAU3tBUVT_g
.hyperurl.co/	1970-01-20 17:07:39	Name: __gpi Value: UID=00000b890b7d294b:T=1669563199:RT=1669563199:S=ALNI_MZuFd2wHgceiq9dWSiXsH6t63WlYw
.doubleclick.net/	1970-01-20 17:07:39	Name: IDE Value: AHWqTUnyOLXrG9oMU2LRDgvPm5JLA_wZ_6GZ3pQjXeB87PNooNjJO_dcy0CDVJd-HJY
.rubiconproject.com/	1970-01-20 16:31:39	Name: khaos Value: LAZITLIR-28-LVXS
.rubiconproject.com/	1970-01-20 16:31:39	Name: audit Value: 1\|naVuGyos1qq2ZVVePQdL4LU1ZxogGjlwOA+xFj1I9sd0zdRXVxf6zJhz8VlhRLkgnDkamKrCKHvQQOZk5IWUHZOTKvnsirSQUN+/nvRkaHE=
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:31:39	Name: bcookie Value: "v=2&9412e2a7-1a28-467a-84b6-285736b87935"
.linkedin.com/	1970-01-20 12:05:15	Name: li_gc Value: MTswOzE2Njk1NjMyMDA7MjswMjHRsmQ2ERv/boK2RmwXEW2brJfxKLUWd3Tw4PjdtvK1Fw==
.linkedin.com/	1970-01-20 07:47:29	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2794:u=1:x=1:i=1669563200:t=1669649600:v=2:sig=AQGDFO056M5iWSOm9Giy7XZkLQK9AwVy"
.amazon-adsystem.com/	1970-01-20 17:22:03	Name: ad-privacy Value: 0
.yahoo.com/	1970-01-20 16:32:00	Name: A3 Value: d=AQABBECDg2MCENlgr2X-Ib9V_KlB8T8f3MQFEgEBAQHUhGONYwAAAAAA_eMAAA&S=AQAAApS7HfS9lHbnLKXfgp3JWwk
.amazon-adsystem.com/	1970-01-20 12:57:05	Name: ad-id Value: AzF9Tf0lZ0kGtu8VrIYnI1A

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://hyperurl.co/ifoodappsign Message: Access to fetch at 'https://b1t-eudc1.zemanta.com/t/imp/view/QOEY3SXYT3R5NFSA4MMO5EZI6BIFT5QDYQFYJYZZQ3KE63BFVIG4SPJ4NE4EVXNYQYDVAEE6QELYVTH474BVQZXANNDJNN3TE3MZBADIF2NHKGKVTCXSR5XTUJ7KJCO7YQ7GR6CWGOZEKRS2LIQ324HFNAGNLZLGXPXHL5LOKGQDUMLMR2OMGKMA64JJOD2XQKGU3JEXZDMDHEHUJMVI7ZZHSCMREERLR3T3MXBVWT5OHHD4ZKJZ44I2NTEGUYE52PYVN3UYKUKM6YKHMTEFDNHLFAXTNUKPHVVDRYKN4OMAGIB2KBSQUUSYG66VEQN7VG7UZZUZZZ74V66WPNGJE6GFTNUB5BKW55XIKRQ/?' from origin 'http://hyperurl.co' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://b1t-eudc1.zemanta.com/t/imp/view/QOEY3SXYT3R5NFSA4MMO5EZI6BIFT5QDYQFYJYZZQ3KE63BFVIG4SPJ4NE4EVXNYQYDVAEE6QELYVTH474BVQZXANNDJNN3TE3MZBADIF2NHKGKVTCXSR5XTUJ7KJCO7YQ7GR6CWGOZEKRS2LIQ324HFNAGNLZLGXPXHL5LOKGQDUMLMR2OMGKMA64JJOD2XQKGU3JEXZDMDHEHUJMVI7ZZHSCMREERLR3T3MXBVWT5OHHD4ZKJZ44I2NTEGUYE52PYVN3UYKUKM6YKHMTEFDNHLFAXTNUKPHVVDRYKN4OMAGIB2KBSQUUSYG66VEQN7VG7UZZUZZZ74V66WPNGJE6GFTNUB5BKW55XIKRQ/? Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a5b117aa310ae7ed589a904f0bcd9315.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ads.rubiconproject.com
adservice.google.com
adservice.google.de
b1-eudc1.zemanta.com
b1t-eudc1.zemanta.com
beacon-ams3.rubiconproject.com
cdn.jsdelivr.net
cm.g.doubleclick.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
hyperurl.co
match.adsrvr.org
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
smarttag.rubiconproject.com
token.rubiconproject.com
tpc.googlesyndication.com
widgets.outbrain.com
www.google.com
www.googletagservices.com
zem.outbrainimg.com
b1t-eudc1.zemanta.com
142.250.184.194
146.75.118.132
15.197.193.217
213.227.153.220
213.227.153.222
23.203.77.3
2602:803:c003:200::27
2602:803:c003:200::51
2606:4700::6810:5914
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2001
2a00:1450:4001:813::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2002
2a05:d018:d29:3605:2256:d6d3:539d:24e0
52.202.79.76
52.46.155.104
52.95.115.196
69.173.144.165
88.221.169.78
96.16.141.156
08ed954dc4ba27b5c312348ad2a35bf323a93cbe6b04653af06e03ecd7993f72
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
279e7aad24589c508428f65a452f75998b30ee1856a797e8aa062260f4eb9a99
292d02e287528a905805e9bb371807aa695e80b3a57a888d811c71b29939ffc5
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46cf04d3368486af5e62de592b137a31bc085d2e03293e47225a5fd5509c2099
4913cf1e1ccd8ca904460844fbb168432af5472130d16e1aec78bcce3171fa22
495ce95900218d6f0f4f7c83954be72af7ef4e5de512c6b34981fcee70af6bcd
4f95593a939aef19feb01273d1c63d98f2e3e7222662550d28689940b883a5a1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
76bab137e329053d4f9df7ad1685aede938d3db43ab6baf0b463b98be7d7e045
7d31c43b9d6fb31a485d4dee34963307c3ad79eaa46a69b1dddb65eb342658a7
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91f29899ba4b9f403bf893dac5e0aa1faabb0f911b1abd9f9f8d8f5aa19a3e7c
9a016f3a562cc2a6625b688f1e83907dcb30e920d4149531c89e71686919bc94
a2029697010cdf442eea110b24c9735fdacfa9219860ad6ed888b320d102e609
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2074b96e20b22ae9cdf41cd0158ef8fd1fee2f550d583c66f31c0a35641eea7
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
b8f85017bf0124869dbebd96f4c38db15cd36242abe380147dd0bea4f4f085a8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f90e3edadd794891272b450dd3a22d9de03db498c9adb3a053fac6303e19ee85

hyperurl.co Open in urlscan Pro 52.202.79.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

80 %HTTPS

56 %IPv6

17 Domains

28 Subdomains

27 IPs

4 Countries

645 kBTransfer

1775 kBSize

13 Cookies

0 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hyperurl.co Open in urlscan Pro
52.202.79.76 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

80 %
HTTPS

56 %
IPv6

17
Domains

28
Subdomains

27
IPs

4
Countries

645 kB
Transfer

1775 kB
Size

13
Cookies

49 HTTP transactions
2 data transactions