www.ducumon.click Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ducumon.click/
Effective URL:
https://www.ducumon.click/
Submission: On August 05 via manual (August 5th 2023, 2:18:40 am UTC) from CA — Scanned from NL

Summary HTTP 869 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 58 IPs in 7 countries across 44 domains to perform 869 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ducumon.click.
TLS certificate: Issued by GTS CA 1P5 on July 19th 2023. Valid for: 3 months.

This is the only time www.ducumon.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
22	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
20	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	2.16.107.153 2.16.107.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1	52.208.148.0 52.208.148.0	16509 (AMAZON-02) (AMAZON-02)
1	65.9.7.64 65.9.7.64	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:c800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	52.209.73.195 52.209.73.195	16509 (AMAZON-02) (AMAZON-02)
8	108.138.17.37 108.138.17.37	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
32	2606:4700:20:... 2606:4700:20::681a:a19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	162.55.101.208 162.55.101.208	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:401... 2607:f8b0:4012:81e::2003	15169 (GOOGLE) (GOOGLE)
64	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
16	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
40	185.86.139.116 185.86.139.116	201081 (SMARTADSE...) (SMARTADSERVER)
32	2602:803:c003... 2602:803:c003:200::45	26667 (RUBICONPR...) (RUBICONPROJECT)
213	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
18	18.194.94.253 18.194.94.253	16509 (AMAZON-02) (AMAZON-02)
32	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	157.90.3.144 157.90.3.144	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
18	2620:1ec:46::63 2620:1ec:46::63	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
77	184.30.16.183 184.30.16.183	16625 (AKAMAI-AS) (AKAMAI-AS)
44 113	2a02:26f0:480... 2a02:26f0:480:22::1726:62f9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	13.32.99.84 13.32.99.84	16509 (AMAZON-02) (AMAZON-02)
26	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	108.138.17.108 108.138.17.108	16509 (AMAZON-02) (AMAZON-02)
6	52.222.214.4 52.222.214.4	16509 (AMAZON-02) (AMAZON-02)
4	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.122.28 18.66.122.28	16509 (AMAZON-02) (AMAZON-02)
64	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
4	162.55.233.29 162.55.233.29	24940 (HETZNER-AS) (HETZNER-AS)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 5	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:c921:7369:53d4:6471	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
2 3	67.220.224.144 67.220.224.144	16509 (AMAZON-02) (AMAZON-02)
869	58

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ducumon.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ducumon.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ducumon.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

f3f6i6e3.stackpathcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.107.153 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-153.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.192.166 (Valence, France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.148.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-148-0.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-64.fra56.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:c800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (Grosse Pointe, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3e937318ce7243d3184050141a4c7d94.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.73.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-73-195.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.138.17.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-37.fra56.r.cloudfront.net

sourserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)

hb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 162.55.101.208 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.208.101.55.162.clients.your-server.de

s.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4012:81e::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 185.86.139.116 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

213 185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 18.194.94.253 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.90.3.144 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.144.3.90.157.clients.your-server.de

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2620:1ec:46::63 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

77 184.30.16.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-183.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dcdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

113 2a02:26f0:480:22::1726:62f9 (Frankfurt am Main, Germany) 44 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.99.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-84.fra60.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-108.fra56.r.cloudfront.net

redcarpat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.222.214.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-4.fra56.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-28.fra60.r.cloudfront.net

img.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:c921:7369:53d4:6471 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.224.144 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
288	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 265 cdn.adnxs.com — Cisco Umbrella Rank: 1691 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6410 dcdn.adnxs.com — Cisco Umbrella Rank: 2948 acdn.adnxs.com — Cisco Umbrella Rank: 594	2 MB
113	bing.com 44 redirects www.bing.com — Cisco Umbrella Rank: 52	499 KB
105	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 584 eus.rubiconproject.com — Cisco Umbrella Rank: 622 token.rubiconproject.com — Cisco Umbrella Rank: 648 pixel.rubiconproject.com — Cisco Umbrella Rank: 393	366 KB
65	yahoo.com 1 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1572 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491	4 KB
49	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 667 ib.3lift.com — Cisco Umbrella Rank: 1585 eb2.3lift.com — Cisco Umbrella Rank: 429 img.3lift.com — Cisco Umbrella Rank: 2658	93 KB
40	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1550	22 KB
40	richaudience.com s.richaudience.com — Cisco Umbrella Rank: 15342 shb.richaudience.com — Cisco Umbrella Rank: 3393 sync.richaudience.com — Cisco Umbrella Rank: 2136	8 KB
35	criteo.com gum.criteo.com — Cisco Umbrella Rank: 431 bidder.criteo.com — Cisco Umbrella Rank: 750	7 KB
32	adpone.com hb.adpone.com — Cisco Umbrella Rank: 23191	4 MB
23	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 stats.g.doubleclick.net — Cisco Umbrella Rank: 115	227 KB
22	stackpathcdn.com f3f6i6e3.stackpathcdn.com	302 KB
18	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 5734	463 KB
16	adform.net adx.adform.net — Cisco Umbrella Rank: 4315	8 KB
10	googlesyndication.com 3e937318ce7243d3184050141a4c7d94.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	41 KB
8	sourserve.com sourserve.com — Cisco Umbrella Rank: 313226	96 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 325 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1114	4 KB
6	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 843	6 KB
5	ducumon.click 2 redirects ducumon.click www.ducumon.click	57 KB
4	clean.gg i.clean.gg — Cisco Umbrella Rank: 1335	119 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	225 KB
4	gstatic.com fonts.gstatic.com csi.gstatic.com	48 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77 ajax.googleapis.com — Cisco Umbrella Rank: 406	33 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2577 www.google.com — Cisco Umbrella Rank: 3	1 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 440	2 KB
3	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 3667 mwzeom.zeotap.com — Cisco Umbrella Rank: 3213	21 KB
3	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 38716	189 KB
2	adnxs-simple.com acdn.adnxs-simple.com — Cisco Umbrella Rank: 2880	89 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1605	24 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1256 pixel.quantserve.com — Cisco Umbrella Rank: 995	10 KB
2	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 40405	6 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 385	265 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 391	652 B
1	redcarpat.com redcarpat.com — Cisco Umbrella Rank: 81710	11 KB
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 40814	923 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1118	404 B
1	google.nl www.google.nl — Cisco Umbrella Rank: 9001	408 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1197	1 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	cpx.to p.cpx.to — Cisco Umbrella Rank: 11823
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 807
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 10438	37 KB
1	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 34928	281 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	77 KB
0	sddan.com Failed kvt.sddan.com Failed
869	44

	Domain	Requested by
122	ib.adnxs.com	hb.adpone.com acdn.adnxs.com
113	www.bing.com	44 redirects www.ducumon.click adsdk.microsoft.com
91	ams3-ib.adnxs.com	hb.adpone.com www.ducumon.click cdn.adnxs.com acdn.adnxs-simple.com
64	eus.rubiconproject.com	hb.adpone.com eus.rubiconproject.com
64	c2shb.pubgw.yahoo.com	hb.adpone.com
45	acdn.adnxs.com	www.ducumon.click hb.adpone.com
40	prg.smartadserver.com	hb.adpone.com
32	bidder.criteo.com	hb.adpone.com
32	fastlane.rubiconproject.com	hb.adpone.com
32	s.richaudience.com	sourserve.com
32	hb.adpone.com	www.ducumon.click
26	eb2.3lift.com	www.ducumon.click ib.3lift.com hb.adpone.com
24	cdn.adnxs.com	hb.adpone.com
22	f3f6i6e3.stackpathcdn.com	www.ducumon.click f3f6i6e3.stackpathcdn.com
18	adsdk.microsoft.com	hb.adpone.com
18	tlx.3lift.com	hb.adpone.com www.ducumon.click
16	adx.adform.net	hb.adpone.com
16	securepubads.g.doubleclick.net	www.ducumon.click securepubads.g.doubleclick.net www.googletagservices.com
8	sourserve.com	www.ducumon.click sourserve.com
6	choices.trustarc.com	www.ducumon.click dcdn.adnxs.com
6	dcdn.adnxs.com	hb.adpone.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
6	cm.g.doubleclick.net	4 redirects
5	pixel.rubiconproject.com	3 redirects
4	token.rubiconproject.com	4 redirects
4	sync.richaudience.com	hb.adpone.com
4	i.clean.gg	acdn.adnxs-simple.com
4	ib.3lift.com	hb.adpone.com ib.3lift.com www.ducumon.click
4	shb.richaudience.com	hb.adpone.com
4	www.googletagservices.com	securepubads.g.doubleclick.net
3	aax-eu.amazon-adsystem.com	2 redirects
3	s.amazon-adsystem.com	2 redirects
3	csi.gstatic.com	securepubads.g.doubleclick.net
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	id5-sync.com	ads.themoneytizer.com ced.sascdn.com
3	gum.criteo.com	ads.themoneytizer.com
3	ads.themoneytizer.com	www.ducumon.click ads.themoneytizer.com
3	fonts.googleapis.com	www.ducumon.click ib.3lift.com
3	www.ducumon.click	www.ducumon.click
2	acdn.adnxs-simple.com	hb.adpone.com
2	region1.analytics.google.com	www.googletagmanager.com
2	script.4dex.io	ads.themoneytizer.com script.4dex.io
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com
2	ducumon.click	2 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsrvr.org
1	px.ads.linkedin.com
1	img.3lift.com	www.ducumon.click
1	redcarpat.com	www.ducumon.click
1	www.google.com	tpc.googlesyndication.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	lb.eu-1-id5-sync.com	ads.themoneytizer.com
1	3e937318ce7243d3184050141a4c7d94.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pixel.quantserve.com	www.ducumon.click
1	www.google.nl	www.ducumon.click
1	stats.g.doubleclick.net	www.googletagmanager.com
1	mwzeom.zeotap.com	www.ducumon.click
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	rules.quantcount.com	secure.quantserve.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	onetag-sys.com	ads.themoneytizer.com
1	ced.sascdn.com	ads.themoneytizer.com
1	c.tmyzer.com	ads.themoneytizer.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	www.ducumon.click
0	kvt.sddan.com Failed	ads.themoneytizer.com
869	69

This site contains links to these domains. Also see Links.

Domain
notetoguide.com
www.xcinsp.com
www.pkgps4.com
play.google.com
reisendergeh.com

Subject Issuer	Validity	Valid
ducumon.click GTS CA 1P5	`2023-07-19` - `2023-10-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.stackpathcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-04` - `2024-05-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
1266287590.rsc.cdn77.org R3	`2023-07-19` - `2023-10-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
c.tmyzer.com R3	`2023-07-24` - `2023-10-22`	3 months	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-14` - `2024-07-17`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2022-09-13` - `2023-09-13`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-13`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.google.nl GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.adleadevent.com Amazon RSA 2048 M01	`2023-06-27` - `2024-07-25`	a year	crt.sh
sourserve.com Amazon RSA 2048 M02	`2023-03-01` - `2023-11-04`	8 months	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-23` - `2023-11-15`	6 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2022-11-15` - `2023-11-15`	a year	crt.sh
redcarpat.com Amazon RSA 2048 M01	`2023-02-22` - `2024-01-24`	a year	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2023-07-21` - `2023-10-19`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 166 frames:

Primary Page: https://www.ducumon.click/
Frame ID: 2C121D02CD58B38EEA62E552EBD2F08A
Requests: 79 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691201912230
Frame ID: 7DF301146E8002A48D1CCD3D3F5AA6B0
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.ducumon.click%2F&id=MTIZ
Frame ID: DCBB2C7344A56DBDD5F03118A00BF59A
Requests: 1 HTTP requests in this frame

Frame: https://3e937318ce7243d3184050141a4c7d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D02E38918F1BFA5EC075D534AA6D1489
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssd-QS-vO4KAGuubev698ZG6BqvF0CztiTL5Xj9HRIaJjQKn5E4GotmVrzARF1XlbC7a85Q8hQeXKssm1ykLhdJCeTSGjtGEt_FvyqJlH7J_0ln15ck_Uv28EzwVwsjOy54stfyJQHbYzKzAca5u0y7FVeibMNVcB5xZveLZS77mc_bT6hdp8qjxhguvfx-CvMhmzDT_KhbxB6zzBj_Y2XkVSzH0Ax9-AqOg9Rno7NDS3FATG19pe1-zpXCVrOSFoIdUl1ezMaaZfMM3HNKii1Xqs4Gagdy6GWAwHcUhhdWC51qRiaXtoFKtSrmsDS7H4LEm_yR4adLn1xO3bl4LsupFZez9j3ZSiTg8gLuMg&sai=AMfl-YS9RtwuIXjoIMkGHzlFhwsmGEy8bVcQ8bYSMyapEwS_dEqLfE8z7LRBVmf2oY1efmgVl3r8zvN9i6IiwqaqcD2ElfdDqkYnPGeB6k7Qnv-liDrkdogo00EixA8Emw&sig=Cg0ArKJSzMlzsQ61Aj2bEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 76A9871ED3B70F72ABECF7ECF03B8225
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvE3OwhEsH3Wgbz3u0mi4k4EvwH_K2FGcWXx-20ah1VsvMMKhVT_w6ofvin8I8G_12_ENcb2YtgvXG7_bti_hQfqva_4wUqFgErARDwMcWp7z9L3zWIuERDWq1zGRNpsJs1Di-lo8u4h5xj78DbM733WSiJCUoH4h0NxGOyD8WQyefHjFVUkRHSsLugsTJMPjAMCLflWHXHnSDJlKKNybhKK0w6Sm3gxddMJdbPqvshDVz4kqs1anYeMTn3AYbQTBPMWDQ91ct3nb4WK5TR204O2A_cFhd_lpTJy7AC6KfABK839QlIE4pJG1-CGRyqZ-FRWkiwSAdrM2jir7k6iYSZTm8UiogjOfUJ8-8z-A&sai=AMfl-YTe7Tvpr2e6V6mfcxCL-GjA8buX0w4SvAA4nUPYsFdcze9SucE1EVlRq-v_pnE1zwDPcSVgPiLyJHIz0ovfHr6RPy1E75D3AjKjp_IAit9G6TOihk30syN2Kv6xkcg&sig=Cg0ArKJSzDoeWNnzGVeBEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7C628115EFFCCAB80E7496D5D2DD714E
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvpUgD3XMhN7ibFnxvUtUqYP6jcdDDqbWxsNBpxgxU_q7OBOytJM9ZfNtZM0A_URidWizfuG3uvGYBYAJwg4TggF2_rBQZxLLfgy3rWlLDmU1XkGDagHzA4N79rog_Sn0rOz1-kRyVr4LE5z5CVCns8GWra_ySQGgoCN_jDEcPoqatAU8dc-_JzItHO4UlYVOIAgCKI9mDo7PDMoGs6MdDM1GS3epfSNaXPJTtJst2Rzyr2Of947x3Bm-ETtYlZiS9EaZNFUuRsPkLDzMxty20k4wLAfu1vkXQqWwvkRUbHWo85WJMPRb28i9qDBiPNxs6Rl8EnNwTXJQNyNZd4TqfCRmrleCaC803UOrPoA9X&sai=AMfl-YTy8bAniNg0gbMJAP2YrQzfEZWBn4Z6xN4nC-6-6ScPbSdSPFIjgTuXjqnKyZkUf8QuXov1IqebTIYaRMW-Zo5q2h51saAgohJYkjLg3VYvgpMcLZcVHJOq_31CeB4&sig=Cg0ArKJSzBu-9A9gbekSEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7859C92D3AF0F6AF4DACA9639C3AA52F
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7GDalz3fQhEJfRH_fpODM4hk3u9bTDzDoU30JyMVntabB8G_OxGganPksGNwC-KvlCeojZt-pIb8yqF5Fm6NLKLJwLyoZjY6kBWGiIQ7ZC2MaFQY7__bYFbybeaDifRJV55UFdfRni2IEvyAiK1cqKWswziVYl-DoCb-OOHKdOZI33oR4xNc0ZK8UaTsvsPvB17YIThb3LG5-LPZcy6AzxVYI6NYdGv9jPgPytY5C7OP-xnBCCqOTKcZQqOhQN6TFiVMEABTKba9WDFS0lQDjFbafI1ov4bkXAJoVQdh0_3BKaR46ezifzB7t0uGJsRy7qLyqCv0wIueSMH2iEA1vKwyA3iINAyJQL7N54reDHg9g&sai=AMfl-YSSeeRGDLQmpCty_sHGpcJ6jlqgdPnP23jNYahNp7m0m7RDI4sZAJ9Ht8mjQCOuRvVJ9OMkDaTvjteO0BGFAPc1ib3oOwueRtzf6VXA3CGiOOiot1ZmCyhHNR-M&sig=Cg0ArKJSzB_Kgaop4s-_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 83F98E95F5D99B7261929F13997E8FA3
Requests: 14 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: D4709A77591F3E8896C1E7F15035597B
Requests: 9 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 8B26D941E894ECF853B6598ADBAA0839
Requests: 8 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 7F65C73570085DEF8A78F1718FEC2904
Requests: 8 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: E638870BD5692C89C6C4A3576A22597D
Requests: 8 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 4D5A19C2A0436A3D8635966C1939878A
Requests: 8 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 3D30454212632B9468289733A3B159AF
Requests: 8 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: EF9030783792AE273661A131CC18DEE5
Requests: 8 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 60ADE3DD1B356083E38B49609DE1E791
Requests: 8 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 6E164BB4352C2D5D69BA9189623D34DB
Requests: 7 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 6992C334C103740106CD80359F64E45D
Requests: 6 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: C2D00979F0E07E32FC35C5AF3F52BC29
Requests: 6 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 40AF07D8218994428D91E4316AFB2FF8
Requests: 6 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 193DE44086879BA819BBFAB4D1815587
Requests: 6 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 104C96EF25CC6BEBEE251B14111CCE77
Requests: 6 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: E44BC27A0FA83604188B352A225584CC
Requests: 6 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: C699A38DA56464AF658DAA1FDDD43270
Requests: 6 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 72D869AA27F2F8E2680A655CBBF08DB9
Requests: 8 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 2630A8C61DA4D676AA0BA957E51B1F51
Requests: 7 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 49FAFC423522473181C4A593904D1B94
Requests: 7 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 4585A9FDD0A16DEBD0867CA0737D1DE7
Requests: 7 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 41C5B1D0000F3E4729B9C71C167B1AA2
Requests: 7 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 31F3DBA04EAF619435E4D4EC22A61A04
Requests: 7 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: DC17259973120796EA80E3B2A1CE6F62
Requests: 7 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: D5C358D02AE32B47E8528AE5B6760BBC
Requests: 7 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: E61F623F8551F803FF7B91ED6B52F186
Requests: 9 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: DBC5399571C6747365E8F9A251C1F73C
Requests: 8 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 3EFB45DC8501ABA4320A39AC0D2349D0
Requests: 8 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 8C02959E3E903268BA0EFA8AD37536E1
Requests: 8 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: E9AE31E9CE8E9097236139C158ACEE49
Requests: 8 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: EF8053DD2478B73D518C4260ECCD47C4
Requests: 8 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 588EDC01C22875429F45348ACEB38D5F
Requests: 8 HTTP requests in this frame

Frame: https://hb.adpone.com/prebid7.19.0.js
Frame ID: 0FF529A2170E83F3CB400050E9CA629E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 49A249EB3E928C036620C1864276E31C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 075C591F21DF1DA6CFA806861871B9CF
Requests: 2 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: A825FAC54A4B191782640EF08CC18EF5
Requests: 7 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: AACB835E47F4FFF0068A9A97CAB7786A
Requests: 7 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 4EB6E68640CB537B048A8E5B559FAB5E
Requests: 7 HTTP requests in this frame

Frame: https://ib.3lift.com/ttj?inv_code=ducumon_me_320x50_472xdefaultx1&tid=206227
Frame ID: 226D657074096352D8EA199414DF13AD
Requests: 15 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: EB011FE702BEACD5B0F6BF82840AF5B3
Requests: 7 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 3DE3B8D5B60BEB5632282D29F86D6409
Requests: 7 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 95A35CCCAC3E85005D235D69A435DCDA
Requests: 9 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Frame ID: 94BCB61CAD8B15E5BB69C9D8AAC96821
Requests: 9 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Frame ID: EFF6D7FD5F6871FAC0B7DF9E6F3AE5CA
Requests: 9 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Frame ID: FC77936E95616D7B30C9AFD0E2708161
Requests: 9 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Frame ID: 1B5B0BA99646520C2ABCB3902B1DFF76
Requests: 9 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Frame ID: B7BF8DEAAA18253B4153F192D64FB617
Requests: 9 HTTP requests in this frame

Frame: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Frame ID: 13179EC2598D64DD67D13236DC8AF7F1
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 560949B21B502DAB50E154710E4F3981
Requests: 11 HTTP requests in this frame

Frame: https://redcarpat.com/a/300x250.png
Frame ID: EEFF10F56B6620E0B737385ED2C11A87
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: CBBAEF4507AF678528D87E2746AABC4C
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 2201167048A3AE491F55AE5020BC3EEB
Requests: 11 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 4CF74A298DCB9829847F79557A0D27E3
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: 4AB3E089DFCD7AAD8DC3D1F0FDC69842
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: 11C4312E3AE024E0E51187B72ACC183D
Requests: 3 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 44278A0AE16602E0D5B91F0A44917FD2
Requests: 9 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 5C8E8B74789A88721FD348FB5C4AB668
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: FBD99A004D64AE3477FF937076352288
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: 8F6F853356BCD899D7F16C6DEEDF4C2D
Requests: 3 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 0CFA860E1CA9B54AB7BCF7BB5BECC7DC
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: B265B8F1BE353F56A1DDE930EF236EC4
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: 061ED59FA4E43B67A22C71F46C2F3846
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: 86A627DB2BAEFCBD6057ADC9FF8ADDAF
Requests: 3 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: CD056CA6AE5C0A2149B0DD274891C64E
Requests: 9 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 80E8132261BB806C051BC26333BEC8A8
Requests: 9 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=68912
Frame ID: CFEF484E61EB6D2237E20B43F7DB9605
Requests: 1 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: F1D3F88805D09C689CDBB739085D4907
Requests: 9 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: FEA28E3B503F852F4ADD61614CD159EE
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: C08BDD9367DB96FF2268D4B8D4E2E4A4
Requests: 3 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: CC8CD99B0F023060808599A14645E17E
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: 87C94347F72573F2D4FB11AC8629D139
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: 5069ABAEAF035D0DF14C920B70BE3095
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: C9382D6A3003A04EA71A31C71AB3D999
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: B9DCC45562D5F552AF262D1793B75209
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Frame ID: 82F1BEFCBAC2ED0BE77B069D95380A16
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 94E4E598864119AF3EB33862B941C64D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 978E6DCC2133E5BA59317DBF612D865E
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E2AA57F4735D3998FC19B4EE61FFB1D8
Requests: 3 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=667932
Frame ID: 790036E45080077EB31BA881140B6E30
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6D12267EB9D27CDA87C59CC312F7378A
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 50EE1A0D6CF5CB0F9E39D3E1E11B6336
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 79DBFD91501AA46335F7D6B7C09DFF99
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6575225DFFE606C98FEBE479EDC29091
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 211BE8954B32C12CF27ADB3768F23835
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A11C7F0AE0F24277F76261189CD4AA4E
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: BC74CE6FDFCE28ACE84B66CE09658940
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7F1AC2955EE7AA9C745078B35B94CF9C
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 25A524EDE5E6939B5A64B696AA973B0B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F960FACD1C5978B594B22B55D4B44903
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: E76D856389F5A8AAC86376F9031B6F2A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3EC6F68EE16AD75A561301D58D683790
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C974C7FC8988D2424DC8865AF4E1B1DC
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 1326D0FEAE37B0086A2E0B0BFC85AC9E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7EE4E998E90E0984CAF19542AEAA2C81
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9CCC74138968CDE28481783D97D98B13
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 1D4D4713ACEA1811E595B77D40805925
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 71558669F03474A9407333755F266FA1
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4AB6940A1014A960A78448D578A79588
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E47032391562077A20C791C0AE10F91A
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 9962194EB6D1D3BE8365E14C23001C0B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DAC005AF625C3B31D15248746453111B
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 02AB603D6F909D5DFBCDAF131D521A3D
Requests: 2 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=7092825113
Frame ID: 6E1DDB90C6A48507CD79D1502E91C2E0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4432F1293C9F79C5931729C248E2AC73
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F4101E3DBB11D7FE904B4E0E10C71C6E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 23202FF3EE75B2F7596EA649EA6DABE8
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2D2178A1A5D7911C701CA7E47F0FA641
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EC3DF8B597365E388D2DE594F1739995
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 98F1DB0A19F66BDFC999C16CB37448A9
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2A99528C262FB2E9A49336350C1896B8
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C880B7FBDA4B8210A94691406BDE1533
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8AB8F7B4FE5E698F7D7ECDFDBBC0614D
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0ACAD37589329D1D59E3E121E6DDB949
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 743580A281BDAB9141ECAC2C3851501E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4D0B81A094D87D723475C5B73FE2F71C
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F5634078FDA4C9AC8860CDD00F20DFC0
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9269F57FB26C7973A9510C6BEB3601E7
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FD1C9FDBAAD916478B25CF37C6332F49
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EB5FDE4B9572D5597FB485B5D8B4CAFD
Requests: 3 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=8589329125
Frame ID: FB96ED8A78A1E664B977DCDF1D6289E5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 84A164E0B6888C92BCCEE586C5667A78
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0D31D36D22C24D6AE037F16201A2827A
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 77A9941C83FAB334635920A29ECB6B65
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5D95E4717CA9D8741847D8C8FC7B9543
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C6E2E43AF13B3ED0732CD794A874B8DF
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0EC96D4F66348EB91289A2C48F2C6D82
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 389F0CA96C7014700CF857322D50BC2B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B84EB36997494694CE0EC41FE1F62839
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 67320C6A0C5EA26EC65D4F7F20414366
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 249D9C3C6DD1CFE8A447A7322DB96A73
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 70E7FC4415FE0947DB3B88547F57B5BB
Requests: 3 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1950916273
Frame ID: 92383E31182A150014C77DD5EBDD892A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 98416A76DE0E272C3C42E8D15C9F5C0A
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AC7AEA731646C9407554873699835801
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 88C55B796B9A10FF058C7D04B2DB0BA3
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: A9559922F7EA0ABB4658C4E822D816B8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C44D0E29AEFACD36AB78DAE9B2093C2F
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CE7881EF5FAAEF055D04E8CD68069BB3
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B2DF9AB7E05B5DEE3D586D73DAE5FE51
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 5E1BD55D4422B3E9E3CBAB65A3A81863
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 03D79ABD4E96CF325C2E685BF1A7D716
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 86656E4B5E32E9D97C61171C38E29B0E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BFFC379A8139176682A1EC4ABD2BC891
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 05A3049E8569F36BB158DC18DEFBF30C
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 931C21774FC7C958E6CEC63357E07A71
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2EA029E7FBA5B05483B55E9F5DAFDC80
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 066D2A689FBAB3FDC2C84AC264150AB0
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6F53BF65640D813B3E4780F7D72BB4BB
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: CC363259FAB77AB3F1C9CEA64ABBE604
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 83C0DF6D21EC20ACF4C1268F03BA6AFE
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 95D465E8203E6A4AFED0AF92C973B021
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: FD09A55171BEF81D7B9F8393E3670EB7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4A3F37201594F36E040366D1D8616E26
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: E73BF1BC826A0DC0114BCF4586AF1D9A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 890FFF2E0F410B7F620C6C671CC3BA61
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2839A495502707EB2967AE85E1F9A6F8
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 648C2252702F8D6A51968D5B3A5AF598
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: D668E64998DABCFAB6A46FAAD427DD5A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5461FBC97742E1EFFEA60AACF2217B1D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ducumon - The Next Gen to Give entertainment that best suits you, all for free!

Page URL History Show full URLs

http://ducumon.click/ HTTP 301
https://ducumon.click/ HTTP 301
https://www.ducumon.click/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

869
Requests

94 %
HTTPS

45 %
IPv6

44
Domains

69
Subdomains

58
IPs

7
Countries

8611 kB
Transfer

25502 kB
Size

24
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://notetoguide.com/
Title: Walkthrough

Search URL Search Domain Scan URL

URL: https://www.xcinsp.com/
Title: Nintendo Switch Rom

Search URL Search Domain Scan URL

URL: https://www.pkgps4.com/
Title: PS4 Rom

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.ducugames.lyingeroffline

Search URL Search Domain Scan URL

URL: https://reisendergeh.com/
Title: Reisender Geh

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ducumon.click/ HTTP 301
https://ducumon.click/ HTTP 301
https://www.ducumon.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=c9aa7be3-c9d4-452f-64d9-85a5685358f1&reqId=4da106ba-9af2-4c61-7e13-e1adac026f7e&zdid=1258 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=c9aa7be3-c9d4-452f-64d9-85a5685358f1&reqId=4da106ba-9af2-4c61-7e13-e1adac026f7e&zdid=1258&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEF4wqT1TJw7RirXRvhPBR9Y&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=c9aa7be3-c9d4-452f-64d9-85a5685358f1&reqId=4da106ba-9af2-4c61-7e13-e1adac026f7e&zdid=1258

Request Chain 401

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=1b2ccdd3-5ce2-4aa8-ab50-6a35df293400&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=666fe4aa-7b15-4c87-8619-8f4b4a7d0278&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_7-1-0%3F%26RG%3D27b99b6c0899484c9d776780fdf096c9%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28274342&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=4325496538773814087 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_7-1-0?&RG=27b99b6c0899484c9d776780fdf096c9&SNR=1&GV=2&med=10

Request Chain 405

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=1b7e4365-9e4b-4ae1-90a1-f0d58d887506&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=e64585c8-af74-43a7-86ae-096783eaa5ef&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dad03955bb5a740e8bcd12be7c21e4fb8%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28274342&trafficGroup=knaqe_3c&trafficSubGroup=ego_ZY_i2&aid=6363870455161381991 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ad03955bb5a740e8bcd12be7c21e4fb8&SNR=1&GV=2&med=10

Request Chain 409

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=6efb2787-ef18-4c86-891e-5183cb15ab7d&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=2a37952d-214a-4894-a811-b16260ef561d&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_2-1-0%3F%26RG%3D5a54d38ec6434e5993059badc089e674%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28274342&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=4501019590311046784 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=5a54d38ec6434e5993059badc089e674&SNR=1&GV=2&med=10

Request Chain 416

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=eea8d73d-8821-4bc8-8409-e22a883cd2bf&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=be7284f6-84a1-4155-880b-0bf511f831bf&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Da23ed69da9bf4f79a7d85132d71b831e%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28274342&trafficGroup=knaqe_3c&trafficSubGroup=yvgzhf&aid=2133732368732584139 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=a23ed69da9bf4f79a7d85132d71b831e&SNR=1&GV=2&med=10

Request Chain 420

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fe574edd-7706-4a4e-a4fc-ffaaeb511fcb&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=74c79fae-f0f5-4045-9051-cf6718fd1129&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_4-1-0%3F%26RG%3D346e98aecdcb4aeba9b5923c7071ce41%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28274342&trafficGroup=knaqe_3c&trafficSubGroup=zhvqfryarj&aid=3250783724169644221 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_4-1-0?&RG=346e98aecdcb4aeba9b5923c7071ce41&SNR=1&GV=2&med=10

Request Chain 424

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=cd37dd7a-efb5-4ea8-ae9c-259d042ea4b1&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=7077f5a0-7f59-4a07-ab98-acca4a9b0e6e&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D2e9ec9bb794d443397203d60975d6d26%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=27724974&trafficGroup=knaqe_3c&trafficSubGroup=ego_ZY_i2_ghar&aid=7304200242833409108 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2e9ec9bb794d443397203d60975d6d26&SNR=1&GV=2&med=10

Request Chain 440

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ffbb3d59-6850-4bfc-9f83-509bee6e1070&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=26f06343-8b24-4031-9e1d-c5ad7e291ac0&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Ded2171c16afe407fa860d1bddd0cc074%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=27724974&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_oenaq_fnsrgl_oybpxvat&aid=1277864788395128985 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ed2171c16afe407fa860d1bddd0cc074&SNR=1&GV=2&med=10

Request Chain 460

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=2f00a8be-b860-4498-b33d-48ce4de905df&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=dcb19040-6428-4704-b376-dd36b8f07f8c&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D87e8b16c072e4fdaa0143b55af287ad9%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=27724974&trafficGroup=knaqe_3c&trafficSubGroup=ego_ZY_i2&aid=202096466122561690 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=87e8b16c072e4fdaa0143b55af287ad9&SNR=1&GV=2&med=10

Request Chain 465

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=a61f54ce-1ed2-4b75-ad78-1fcbaf73327c&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=3eced8d9-1965-44c3-b9cc-2651d41a043f&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3Dfd005494ce304c2db4a4cf2c8e12aad5%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=27724974&trafficGroup=knaqe_3c&trafficSubGroup=fgnoyrvqcnff&aid=4004719371750024420 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=fd005494ce304c2db4a4cf2c8e12aad5&SNR=1&GV=2&med=10

Request Chain 473

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=42b05b5f-d3cc-4c4b-a49a-5b76f73711a2&cmExpId=LV1&oAdUnit=391270&publisherId=162645330&rId=7c9f8e7c-3c97-4ac9-86d3-13c0913bae90&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_3-1-0%3F%26RG%3D4a97222eda484e229472a5cdc6bb0480%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=27724974&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=750696197577265699 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_3-1-0?&RG=4a97222eda484e229472a5cdc6bb0480&SNR=1&GV=2&med=10

Request Chain 479

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=216ebab9-f6e2-4989-b3a0-98780a4d8749&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=cc4328eb-ae5d-433b-aa5a-374d5247f747&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D7aa0029971d0446984bced3893d01061%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=27724973&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_onaare-enaqfvmr&aid=2623773260586635980 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7aa0029971d0446984bced3893d01061&SNR=1&GV=2&med=10

Request Chain 481

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=03add599-8905-4fed-b4f6-4d5a475233ec&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=78c1a5ab-f1ee-47eb-87da-8a90db344b1e&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3D10a49791dcef47bab024376eb74b7f1b%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=27724973&trafficGroup=knaqe_3c&trafficSubGroup=zhvqfrybyq&aid=9129892992104408641 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=10a49791dcef47bab024376eb74b7f1b&SNR=1&GV=2&med=10

Request Chain 488

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5e7dca4f-fda3-4eb4-bdf6-9a3eba29bd98&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=7d3e7973-f74a-4ca8-a35a-4413c89b83ab&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_4-1-0%3F%26RG%3Dff6c989d9d744339912459a5bade9a13%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=27724973&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=2453451138522633808 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_4-1-0?&RG=ff6c989d9d744339912459a5bade9a13&SNR=1&GV=2&med=10

Request Chain 492

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=fe9ebe40-0bab-4536-8338-5f58f789d98f&cmExpId=LV1&oAdUnit=391270&publisherId=162645330&rId=e1060ba1-8b71-4bd3-8bb8-6a6c26d9b0be&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D1d133d8a630e472eb25a8c0662a234be%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=27724974&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=7074517679743141074 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=1d133d8a630e472eb25a8c0662a234be&SNR=1&GV=2&med=10

Request Chain 497

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=0276a8e0-b663-4ad0-802c-c9390fe84cb1&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=72b20002-d4aa-4f80-b4ab-2de8fe61c84e&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dc533beb4ba704659b991c75334775394%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=27724974&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_erdhrfgYriryY1&aid=8782888502479773579 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c533beb4ba704659b991c75334775394&SNR=1&GV=2&med=10

Request Chain 503

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=f1b434c0-6587-47ce-9b26-c9129f148d21&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=5a272a3c-bac4-47b9-9bed-a9205720bef2&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D911fec7e48fe4aa3915e1e9f914d383f%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=27724974&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=3290416427105951726 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=911fec7e48fe4aa3915e1e9f914d383f&SNR=1&GV=2&med=10

Request Chain 517

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=99855c66-fe42-46b2-8bf6-656ea95f52c5&cmExpId=LV3&oAdUnit=11730374&publisherId=250152235&rId=96a27f4b-793c-4c5d-8887-e7ac8b62989e&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Defd9da97228f44ecaae0147708e208e9%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=438546&trafficGroup=gevcyryvsg_pcz&trafficSubGroup=zzf%3Agevcyryvsg_pcz_qrpbhcyr&aid=1083719950296120469270-96&wp=0.122 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=efd9da97228f44ecaae0147708e208e9&SNR=1&GV=2&med=10

Request Chain 528

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=e21a03f4-4ddb-4a42-8fde-4b38a714ddcc&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=81f89e58-8e8f-4176-93f5-05f33624c39f&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D4624b30a0cd44495ade1c6f1f91165dd%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28274338&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=4746992728207792137 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4624b30a0cd44495ade1c6f1f91165dd&SNR=1&GV=2&med=10

Request Chain 532

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=a7d4e25f-a37e-4880-ae6b-8be5a1da81b8&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=f556221a-79c7-47d0-a9e8-361a255575cc&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D8dbd6571dbb14c959cc178533a3aa24e%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28274338&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=7761943388033807995 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=8dbd6571dbb14c959cc178533a3aa24e&SNR=1&GV=2&med=10

Request Chain 543

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=74bc6af1-c0bb-4958-8a94-3349882df400&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=da9b4b0b-e2de-448e-94da-f1cbe2f6a748&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D02589751547c4a7e9b4ef57ac239ae20%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28274338&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_erirefrhzf&aid=8368700587565906299 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=02589751547c4a7e9b4ef57ac239ae20&SNR=1&GV=2&med=10

Request Chain 561

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ab2dab19-eac0-42df-a04a-39d5f66d09c8&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=51e6d41b-b55a-4b51-b18d-f8db2772d972&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dca3a22f67c864722b07f36732d1904dd%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28274338&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=918451254757979019 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ca3a22f67c864722b07f36732d1904dd&SNR=1&GV=2&med=10

Request Chain 566

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=707264a4-77af-4147-a7db-377e95252b61&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=f0460b67-ebc4-4cc8-90aa-5a49cd684597&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D9cc7a556b9f8455eb0e6985ed654380f%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=27724973&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=1196336839664616649 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=9cc7a556b9f8455eb0e6985ed654380f&SNR=1&GV=2&med=10

Request Chain 579

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=dca1484b-7d93-4e0b-bea6-9afec88373ce&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=ff42e5fb-9ac8-42bc-a2ad-fed886cfb0be&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dac317923ed5d4eafa208b0dd429273c6%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28274338&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=7001793148968759330 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ac317923ed5d4eafa208b0dd429273c6&SNR=1&GV=2&med=10

Request Chain 583

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=154c14c7-99ac-4576-8aa3-624fb3338b9e&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=a65a480e-34a4-4ccc-a9a7-a8a269169cb7&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_4-1-0%3F%26RG%3Ddfe8c3d51d8d4f84a757dad32628bbf2%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28274338&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=6577593600055721847 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_4-1-0?&RG=dfe8c3d51d8d4f84a757dad32628bbf2&SNR=1&GV=2&med=10

Request Chain 592

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0f58a400-207f-4d93-9cbb-810527cc82bb&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=69e63ce4-cb58-4b14-8eed-d7771751e47c&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D8d59b3f6e8da4363bdb68f035d880c53%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=28274338&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=3921871365473842086 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=8d59b3f6e8da4363bdb68f035d880c53&SNR=1&GV=2&med=10

Request Chain 631

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=cd37dd7a-efb5-4ea8-ae9c-259d042ea4b1&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=7077f5a0-7f59-4a07-ab98-acca4a9b0e6e&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D2e9ec9bb794d443397203d60975d6d26%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=27724974&trafficGroup=knaqe_3c&trafficSubGroup=ego_ZY_i2_ghar&aid=7304200242833409108 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=2e9ec9bb794d443397203d60975d6d26&tids=15000&med=10

Request Chain 633

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=2f00a8be-b860-4498-b33d-48ce4de905df&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=dcb19040-6428-4704-b376-dd36b8f07f8c&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D87e8b16c072e4fdaa0143b55af287ad9%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=27724974&trafficGroup=knaqe_3c&trafficSubGroup=ego_ZY_i2&aid=202096466122561690 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=87e8b16c072e4fdaa0143b55af287ad9&tids=15000&med=10

Request Chain 635

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ffbb3d59-6850-4bfc-9f83-509bee6e1070&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=26f06343-8b24-4031-9e1d-c5ad7e291ac0&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Ded2171c16afe407fa860d1bddd0cc074%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=27724974&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_oenaq_fnsrgl_oybpxvat&aid=1277864788395128985 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ed2171c16afe407fa860d1bddd0cc074&tids=15000&med=10

Request Chain 637

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=a61f54ce-1ed2-4b75-ad78-1fcbaf73327c&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=3eced8d9-1965-44c3-b9cc-2651d41a043f&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dfd005494ce304c2db4a4cf2c8e12aad5%26tids%3D1%26med%3D10&rtype=mvFeedbackURL&tagId=27724974&trafficGroup=knaqe_3c&trafficSubGroup=fgnoyrvqcnff&aid=4004719371750024420 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=fd005494ce304c2db4a4cf2c8e12aad5&tids=1&med=10

Request Chain 639

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=42b05b5f-d3cc-4c4b-a49a-5b76f73711a2&cmExpId=LV1&oAdUnit=391270&publisherId=162645330&rId=7c9f8e7c-3c97-4ac9-86d3-13c0913bae90&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D4a97222eda484e229472a5cdc6bb0480%26tids%3D3%26med%3D10&rtype=mvFeedbackURL&tagId=27724974&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=750696197577265699 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4a97222eda484e229472a5cdc6bb0480&tids=3&med=10

Request Chain 641

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=e21a03f4-4ddb-4a42-8fde-4b38a714ddcc&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=81f89e58-8e8f-4176-93f5-05f33624c39f&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D4624b30a0cd44495ade1c6f1f91165dd%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=28274338&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=4746992728207792137 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4624b30a0cd44495ade1c6f1f91165dd&tids=15000&med=10

Request Chain 642

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=216ebab9-f6e2-4989-b3a0-98780a4d8749&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=cc4328eb-ae5d-433b-aa5a-374d5247f747&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D7aa0029971d0446984bced3893d01061%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=27724973&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_onaare-enaqfvmr&aid=2623773260586635980 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7aa0029971d0446984bced3893d01061&tids=15000&med=10

Request Chain 643

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5e7dca4f-fda3-4eb4-bdf6-9a3eba29bd98&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=7d3e7973-f74a-4ca8-a35a-4413c89b83ab&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dff6c989d9d744339912459a5bade9a13%26tids%3D4%26med%3D10&rtype=mvFeedbackURL&tagId=27724973&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=2453451138522633808 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ff6c989d9d744339912459a5bade9a13&tids=4&med=10

Request Chain 645

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=fe9ebe40-0bab-4536-8338-5f58f789d98f&cmExpId=LV1&oAdUnit=391270&publisherId=162645330&rId=e1060ba1-8b71-4bd3-8bb8-6a6c26d9b0be&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D1d133d8a630e472eb25a8c0662a234be%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=27724974&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=7074517679743141074 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=1d133d8a630e472eb25a8c0662a234be&tids=15000&med=10

Request Chain 647

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=f1b434c0-6587-47ce-9b26-c9129f148d21&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=5a272a3c-bac4-47b9-9bed-a9205720bef2&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D911fec7e48fe4aa3915e1e9f914d383f%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=27724974&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=3290416427105951726 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=911fec7e48fe4aa3915e1e9f914d383f&tids=15000&med=10

Request Chain 649

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=0276a8e0-b663-4ad0-802c-c9390fe84cb1&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=72b20002-d4aa-4f80-b4ab-2de8fe61c84e&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dc533beb4ba704659b991c75334775394%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=27724974&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_erdhrfgYriryY1&aid=8782888502479773579 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=c533beb4ba704659b991c75334775394&tids=15000&med=10

Request Chain 650

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=03add599-8905-4fed-b4f6-4d5a475233ec&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=78c1a5ab-f1ee-47eb-87da-8a90db344b1e&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D10a49791dcef47bab024376eb74b7f1b%26tids%3D1%26med%3D10&rtype=mvFeedbackURL&tagId=27724973&trafficGroup=knaqe_3c&trafficSubGroup=zhvqfrybyq&aid=9129892992104408641 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=10a49791dcef47bab024376eb74b7f1b&tids=1&med=10

Request Chain 651

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=a7d4e25f-a37e-4880-ae6b-8be5a1da81b8&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=f556221a-79c7-47d0-a9e8-361a255575cc&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D8dbd6571dbb14c959cc178533a3aa24e%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=28274338&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=7761943388033807995 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=8dbd6571dbb14c959cc178533a3aa24e&tids=15000&med=10

Request Chain 661

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=74bc6af1-c0bb-4958-8a94-3349882df400&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=da9b4b0b-e2de-448e-94da-f1cbe2f6a748&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D02589751547c4a7e9b4ef57ac239ae20%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=28274338&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_erirefrhzf&aid=8368700587565906299 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=02589751547c4a7e9b4ef57ac239ae20&tids=15000&med=10

Request Chain 665

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ab2dab19-eac0-42df-a04a-39d5f66d09c8&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=51e6d41b-b55a-4b51-b18d-f8db2772d972&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dca3a22f67c864722b07f36732d1904dd%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=28274338&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=918451254757979019 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ca3a22f67c864722b07f36732d1904dd&tids=15000&med=10

Request Chain 667

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=707264a4-77af-4147-a7db-377e95252b61&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=f0460b67-ebc4-4cc8-90aa-5a49cd684597&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D9cc7a556b9f8455eb0e6985ed654380f%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=27724973&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=1196336839664616649 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=9cc7a556b9f8455eb0e6985ed654380f&tids=15000&med=10

Request Chain 668

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0f58a400-207f-4d93-9cbb-810527cc82bb&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=69e63ce4-cb58-4b14-8eed-d7771751e47c&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D8d59b3f6e8da4363bdb68f035d880c53%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=28274338&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=3921871365473842086 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=8d59b3f6e8da4363bdb68f035d880c53&tids=15000&med=10

Request Chain 670

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=dca1484b-7d93-4e0b-bea6-9afec88373ce&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=ff42e5fb-9ac8-42bc-a2ad-fed886cfb0be&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dac317923ed5d4eafa208b0dd429273c6%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=28274338&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=7001793148968759330 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ac317923ed5d4eafa208b0dd429273c6&tids=15000&med=10

Request Chain 671

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=154c14c7-99ac-4576-8aa3-624fb3338b9e&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=a65a480e-34a4-4ccc-a9a7-a8a269169cb7&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Ddfe8c3d51d8d4f84a757dad32628bbf2%26tids%3D4%26med%3D10&rtype=mvFeedbackURL&tagId=28274338&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=6577593600055721847 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=dfe8c3d51d8d4f84a757dad32628bbf2&tids=4&med=10

Request Chain 739

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKXDYCCE-9-JO9W

Request Chain 740

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEbgkUeLW4DYmYubfPeFeYM&google_cver=1

Request Chain 742

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/aXtnbeCEkZcRPd1D_E4u8w?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NVj.yaBE2oL0X8SewntRbBOtzNO2QPqnSHLyAA--~A

Request Chain 743

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmY4Y2M3ZGEwN2Y0NWMxMjIwNjBmMzU4N2U5MTdmYjJiOTM1MzVjMQ

Request Chain 744

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qgFNBTNKSyeylOTU3U7wng&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qgFNBTNKSyeylOTU3U7wng

Request Chain 745

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtYRFlDQ0UtOS1KTzlX HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEklp6TeBCFPYd_XVI7cFbI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtYRFlDQ0UtOS1KTzlX&google_push=

Request Chain 746

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=L7lScyVeT7eslssFbvyQBA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=L7lScyVeT7eslssFbvyQBA

869 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ducumon.click/
Redirect Chain

http://ducumon.click/
https://ducumon.click/
https://www.ducumon.click/

73 KB
16 KB

270ms
245ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e75799976a8a373241ee5b3f81e70ec1b10faa3f850403c91dc7b4a29db2e114

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7f1b8ccbc9deb742-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 05 Aug 2023 02:18:31 GMT
expires: Sat, 05 Aug 2023 02:18:31 GMT
last-modified: Fri, 04 Aug 2023 19:55:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rISjA1jpEbw1fVS7TnU8hmBa6oO2mHoAEX0RCSF6TdBTovLsX6JjCPWECJBD3fEWengT2m5vSFEP1w9lzDXNkpGEfldZ22AqWKSwY%2F5c0pnUJrK5mKP%2BAVKngaYXEAa9XBMqv0YaxB%2FkM7fRLJFr0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 7f1b8cc02ba3b742-AMS
content-type: text/html; charset=UTF-8
date: Sat, 05 Aug 2023 02:18:31 GMT
expires: Sat, 05 Aug 2023 03:18:31 GMT
location: https://www.ducumon.click/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHpzcmRZdkD2uOwkJ7dd%2BwJFqgk72ks6priyCRvdc0eXCgCwZMdS%2FoMcT4tz3YNJ0ndiKE6g5VFwVhoDd1r4mHJpwvsOT0qGQEmZKKLkthUCxr0knT05rk2tkYd2bTHpzlxL2S%2Fau%2B%2FgUDM2"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-redirect-by: WordPress
x-ua-compatible: IE=edge

GET
H2 200 css
fonts.googleapis.com/ 29 KB
2 KB 210ms
72ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&display=swap

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

61eeaf3752ec4a775d833ab1ffe79787a750f59cb9c2933aad9cc276a36eb5fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 05 Aug 2023 02:18:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Aug 2023 02:18:32 GMT

GET
H2 200 style.min.css
f3f6i6e3.stackpathcdn.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 107ms
31ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:31 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12736
last-modified: Thu, 30 Mar 2023 04:37:47 GMT
server: cloudflare
etag: "1680151067"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7H%2BDAnUiUZPXABeA0d1F7lJkjnCzoFy4pDbRX5GEarGGY6qhUOQyH90pzfMQDbDryO61ylnrNGSdcjwXlRP%2FEG2ns4%2FSy4Rdkp7L5XPK%2BV984c7xj%2FCuQvFk4%2Bwrf3Pn"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201911.cds285.am5.hn,1691201911.cds318.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ca35dc33acb37fd-FRA

GET
H2 200 classic-themes.min.css
f3f6i6e3.stackpathcdn.com/wp-includes/css/ 291 B
530 B 107ms
32ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:31 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 210
last-modified: Thu, 30 Mar 2023 04:37:47 GMT
server: cloudflare
etag: "1680151067"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdsEULB4E97Mkax7w4V9KO4bsqoMJY7zVgbrW16YLTwN3m7E5cjFu2EuD22hq%2Fzws5qqLDmdlEg0ceQrLKbi9nj2h88AjPIpJGdiOGH%2Bg2jHj54Il8XKmgo9fzW1u6Eh"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201911.cds285.am5.hn,1691201911.cds312.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7cc84ff8aab4b969-AMS

GET
H2 200 font-awesome.min.css
f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wp_pro_geo_targeting/assets/fonts/awesome/assets/v4/css/ 18 KB
4 KB 107ms
33ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wp_pro_geo_targeting/assets/fonts/awesome/assets/v4/css/font-awesome.min.css?ver=1687230184
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: 6a04f704f1ff8f018568020f67b9a9a4eb47a0c1029358b195de73feefd36153

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:31 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3990
last-modified: Tue, 20 Jun 2023 03:03:04 GMT
server: cloudflare
etag: "1687230184"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIr8XXmKDOcT278ffTraxR%2B2F63QysrqSsrjTyMwKY6GBBUf8YkI3t1goieFUoe0WPMe3iBV5OQav0Sm55vTTTTCoCX7Of2R6%2FzCik1DQ52LkLTynciXn4t4IlQ2GUOG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201911.cds285.am5.hn,1691201911.cds285.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da0c6fddbb71c8d-AMS

GET
H2 200 animate.min.css
f3f6i6e3.stackpathcdn.com/wp-content/plugins/wp_pro_geo_targeting/includes/extensions/spr_columns/assets/css/ 17 KB
3 KB 119ms
46ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/plugins/wp_pro_geo_targeting/includes/extensions/spr_columns/assets/css/animate.min.css?ver=1.1.3
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: 0add8fcb5a583b1c16238fbe9d0de17c6272726b42be17fdcd9b4686ef5287d1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 03 May 2021 07:35:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1620027326"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmH8vxQjcu3foFbTmuMJpU9l5Nb3ZBmwv7NFpfofkcF8%2BtG2I8mDG%2F%2Fj7VCv2S%2Fy9l1Y3xErBP5Yca%2Fdy3beZNZUJrXvxrUerykOwY2ISNDLNSda28SZWQP3Q6FM%2BSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201911.cds285.am5.hn,1691201911.cds145.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7afdc769ca5f39df-FRA
content-length: 2621

GET
H2 200 spr_columns.css
f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wp_pro_geo_targeting/includes/extensions/spr_columns/assets/css/ 1 KB
716 B 119ms
46ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wp_pro_geo_targeting/includes/extensions/spr_columns/assets/css/spr_columns.css?ver=1687230184
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: cfb829354040f367c2c97ee3716d87f194c6d2a23ecfdd4901d7c22e3b8be3b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:31 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 396
last-modified: Tue, 20 Jun 2023 03:03:04 GMT
server: cloudflare
etag: "1687230184"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1T7kGtYbUg6%2BTyajmjVHtBNOmdqiv605783oixCTC2lZpn2Y%2Bjc5rq7E6LphwDVTGjOmEgpwiPMv9EzuR5b2B4qAioOZiSmwsTay1RZMHqTdDlxaumoKmNoNAd8YhF2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201911.cds285.am5.hn,1691201911.cds316.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e93ce034e750a73-AMS

GET
H2 200 all.min.css
f3f6i6e3.stackpathcdn.com/wp-content/themes/generatepress/assets/css/ 31 KB
7 KB 121ms
48ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/themes/generatepress/assets/css/all.min.css?ver=3.3.0
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: 3a494cb8a3fc5345ca81844d27d3e0834aa754aeaa0056f1710a1df56acd983c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:31 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6803
last-modified: Thu, 23 Mar 2023 04:21:01 GMT
server: cloudflare
etag: "1679545261"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BvGtUlWhwW78Xb7wVjf8mNAMlodDcCzHRjga4Xgd0zymhgh%2Bluvswj5XnTnSEk6%2B4eyEOUTW6p8kwnjqSwXVs3Z8NFDtA%2F8yXjK%2BqJox9C5GtDtEu5oV8O6Ki%2BHJkmX"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201911.cds285.am5.hn,1691201911.cds278.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e4d4e7fed66b8af-AMS

GET
H2 200 font-icons.min.css
f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/ 3 KB
1 KB 139ms
67ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=1687230184
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: 891b450bc9c1540873ef9d8e417573bebb8a04d5da713bfc5f269a1f4ffde175

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 790
last-modified: Tue, 20 Jun 2023 03:03:04 GMT
server: cloudflare
etag: "1687230184"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yusx1sjwsj%2F5xKT4N1jyGc%2FM1tIZ4Kn20avYezBFH2AP1DJv2oPOLLZ59BfH3ZwNVJk6aTyhMtcc5tQhOkLFQTVfBknjiUD%2F8STpTyNTxnP6UXn4iqflholqDsphBfji"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201912.cds285.am5.hn,1691201912.cds314.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da0c6fdeb000b89-AMS

GET
H2 200 font-awesome.min.css
f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/ 30 KB
7 KB 131ms
59ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/font-awesome.min.css?ver=1687230184
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: 4f61525c435935afe56cf850326d30eddbac45d82f9ec281cc2554eb570efff3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6976
last-modified: Tue, 20 Jun 2023 03:03:04 GMT
server: cloudflare
etag: "1687230184"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3CwmvHt0moxdjmLQ3vlwwLEj0%2BgLVsxA6%2F2h6OoprmJ8WtTELBx%2B7B0XsPenZmJV6SVonTPH3kvACfybTZZ4o8Xg0RiELEUr0hEl6fe4di2QI4zHXQHV4z%2FeGEIfChL"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201912.cds285.am5.hn,1691201912.cds109.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da0c6fdeb9cb936-AMS

GET
H2 200 style.css
f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress_child/ 307 B
513 B 120ms
49ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress_child/style.css?ver=1687230184
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: d098cba4343ea4111852815ebe9dca7c79d69ca280b99825415448f380c2b4dd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:31 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 187
last-modified: Tue, 20 Jun 2023 03:03:04 GMT
server: cloudflare
etag: "1687230184"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xe8NisIccA6%2FEQHMUvif30V6JY5v0gvMXb2rHW2LB%2Foxji8I9KV3HIaH%2FOljZBVstGb4rMv2cpQJ3YEw2pp7X4aO%2FnqHVujJ3E%2Fxyep3MiqWCVMLfqh0auVVf8a%2Bvg7K"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201911.cds285.am5.hn,1691201911.cds249.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da0c6fdef7f0e2e-AMS

GET
H2 200 widgets.css
f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wpforo/themes/2022/ 17 KB
3 KB 137ms
67ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/plugins/wpforo/themes/2022/widgets.css?ver=1687230184
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: 95b642f67cd22e16edcc8466f6de5cf0cf4a96549aad8979d9dfdf58536fdc82

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2646
last-modified: Tue, 20 Jun 2023 03:03:04 GMT
server: cloudflare
etag: "1687230184"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FjY7OS1rR0xxrSS3739adDXnCxYVxXHvY%2BhrF4jA8x7KXCK%2Bh8f9tL%2BWaq65pIKDe%2FNZnByaoqLzd0Is%2BsW0Jgq2V%2B%2FUJdUhhw8Ts7tlYQbb%2BcgTZN5shuuKEePkkUP"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201912.cds285.am5.hn,1691201912.cds307.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da0c6fe0b076921-FRA

GET
H2 200 front.min.css
f3f6i6e3.stackpathcdn.com/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 139ms
69ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.2.2
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1108
last-modified: Wed, 29 Mar 2023 07:22:32 GMT
server: cloudflare
etag: "1680074552"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlgsYDJl85CAiVK92HNI77NKasDPYa7ZMb7O79wjeolxMwphuUEuFub0hyZX0QtFBBZiFdCkIuXzfGncnMCl8SZQGYUMtdeiBpWeQk6RlOBDujNen8saD4%2B2aeAhZ96M"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201912.cds285.am5.hn,1691201912.cds303.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ca35dc31f011ca2-AMS

GET
H2 200 featured-images.min.css
f3f6i6e3.stackpathcdn.com/wp-content/plugins/gp-premium/blog/functions/css/ 3 KB
816 B 129ms
59ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=2.3.1
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: 3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 04:06:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1680321960"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZY8UU1SiBQajYzvL4zXYRrkYMkAgK7zlbUt6kFEkv4EnOz0Zpw7675tnoM7TnHxke9%2BkiJZ1kWaYzhuPXYqpJ848fAuZGlPLovjusxG%2BDYBcIaJRfH2US2VqYV9j73Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201912.cds285.am5.hn,1691201912.cds222.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b0e13288889b7cd-AMS
content-length: 493

GET
H2 200 style.min.css
f3f6i6e3.stackpathcdn.com/wp-content/plugins/gp-premium/secondary-nav/functions/css/ 7 KB
2 KB 126ms
57ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/plugins/gp-premium/secondary-nav/functions/css/style.min.css?ver=2.3.1
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: b09569c29ce1eaff4d4b26f902188a7f679223d58a7f5d1e5f7b17aab6833c49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 04:06:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1680321960"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2B2U4tk%2BjPorRBz7JyBEI0YQncliBnkhOEKiQFF2SrmxgfZnyPSXob8bzNAj10esICVLKZLuQuxd7ctUJlhfzQkhE1SiFc2dbmLt3hgrtTPmmfRLoN8PIHAl4vT9oY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201911.cds285.am5.hn,1691201911.cds207.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b0e13288bcad0bd-AMS
content-length: 1247

GET
H2 200 style-mobile.min.css
f3f6i6e3.stackpathcdn.com/wp-content/plugins/gp-premium/secondary-nav/functions/css/ 2 KB
835 B 139ms
70ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/plugins/gp-premium/secondary-nav/functions/css/style-mobile.min.css?ver=2.3.1
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: 76159e62f0aa757670084bcf637554ecbce058a98467688d5d3e94e6f022d537

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 01 Apr 2023 04:06:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1680321960"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TL0fI1PkIgVW7VflhTtd4X5as8klFL0eDGJDwHh99w%2By5bzDs5fKPLKRsLRXVkrjd2MBhhdV3X6fKJVJO%2FTYviq39Hr1YkxwEiqSLTAvzYz8XSrENFzxYhfpwPRaE7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201912.cds285.am5.hn,1691201912.cds271.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7b0e1328bc5c2c23-FRA
content-length: 512

GET
H2 200 colors.css
f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/uploads/wpforo/assets/ 62 KB
8 KB 127ms
58ms Stylesheet
text/css 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/uploads/wpforo/assets/colors.css?ver=1687230184
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: 4bfec0d9a1a3e8806adbb6f164d312aaed994cfff3a77bfef2d3cde0afd02405

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7932
last-modified: Tue, 20 Jun 2023 03:03:04 GMT
server: cloudflare
etag: "1687230184"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cp%2BZ2OptqUN1PMh5Zr7mSiAo0m8gN7QE1UHz5puawU8KfowiwOQZ8JHc7xwP%2FJzXvjAox91gyiG3X01qaVnaCCcoSxgceXdpCGsRaNIYz8scaJqBgT3hy32CTVFUCKK"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201911.cds285.am5.hn,1691201912.cds120.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da0c6fde87806cc-AMS

GET
H2 200 jquery.min.js Show response
f3f6i6e3.stackpathcdn.com/wp-includes/js/jquery/ 88 KB
31 KB 139ms
71ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31049
last-modified: Thu, 30 Mar 2023 04:37:47 GMT
server: cloudflare
etag: "1680151067"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j97f2UqRABGPKEvSD1x3JKHd7HSBtuZs0h9zL8e6Y3ouTJ3raa6pIoDupyhL57zbtaqAl%2FDVXinYCXmbWLRnB85nfDuvwgmTkRtdCWAF%2BpRVxlQrZ8tHVB1yKqpWIUkV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201912.cds285.am5.hn,1691201912.cds202.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c86cab10d182be2-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 206ms
77ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4629bd7aed5f6ceb6d6ce47042f3d875dc1548c58a7f9879ca4a78c3fc05f3e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27703
x-xss-protection: 0
server: cafe
etag: 563 / 19574 / 31076708 / config-hash: 16920917814545374618
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 02:18:32 GMT

GET
H2 200 DucumonIku-min.jpg
f3f6i6e3.stackpathcdn.com/wp-content/uploads/2021/10/ 51 KB
52 KB 32ms
30ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/uploads/2021/10/DucumonIku-min.jpg
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: ed2cf15d31dbb39bec3e590eee1406f6d375c55dfdeceebb91081a4fd061f427

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Oct 2021 01:05:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1633655156"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyFHVHnaVgMGs0lkzIc0vTaAciSYbp0yxkQTt6IEvF6lzWhLIHM4UptpN1vanV%2Fp%2BQyINnb0meSIqmgkN5g73gasjlIu9Crs1v7vlvHRuv7pMP35RYs96QZj%2BqgNtj8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-hw: 1691201912.cds285.am5.hn,1691201912.cds012.am5.c
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7ac40237eb080a63-AMS
content-length: 52426

GET
H2 200 Prism095.png
f3f6i6e3.stackpathcdn.com/wp-content/uploads/2016/12/ 63 KB
63 KB 40ms
38ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/uploads/2016/12/Prism095.png
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: 51ccf0ba6f97f7f8c16d0e51644aac50ea3ce3542b5d083486883562afbf9bee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Jul 2023 01:07:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1689728838"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNuQ8RGei0FV4L2VS0if67IM7LU71KSpIBEC4xwZDK6X9RRbclh2T0C8oOnPz1VDDZuDmMsH%2BKgBfgJ0%2FBAwMGKP7ca0tKPgqM3WnwcxFQdcxvCss5fmhZY7la354mLF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-hw: 1691201912.cds285.am5.hn,1691201912.cds280.am5.c
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7e8fb34bbd861cb7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 64608

GET
H2 200 StoneDragon3.png
f3f6i6e3.stackpathcdn.com/wp-content/uploads/2023/08/ 46 KB
47 KB 57ms
56ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/uploads/2023/08/StoneDragon3.png
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: b02e100224262ce6979ae8de6cb7c5d06e9c360647b2740f813fd7ef7a353caf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 04:03:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1691121803"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAa8Cn81doCPG%2BjSCPtjwqNKfKKrUTpLkNfQ0L%2F2TdUjZSUHnKPMUKqcU3%2BZs1Vkem2bfFADvSnQtefprHDbmFSZfVw3pz%2B%2FTsX2XSo6MHO512NCoxvmc0bM0xNy5U%2Bc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-hw: 1691201912.cds285.am5.hn,1691201912.cds235.am5.c
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7f1426c7be023642-FRA
alt-svc: h3=":443"; ma=86400
content-length: 47256

GET
H2 200 StoneDragon2English.png
f3f6i6e3.stackpathcdn.com/wp-content/uploads/2023/08/ 38 KB
38 KB 64ms
63ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/uploads/2023/08/StoneDragon2English.png
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: d3f7a1c58c2789ee03c553e493ad4b16fb2b910bd89348875b359e583d32752b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
cf-cache-status: MISS
last-modified: Fri, 04 Aug 2023 03:23:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1691119401"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrQV7%2B7qwSOBjARsT%2BeGCmvszYg%2BBIYAmpmmZg4veFeagPAbwbAW%2BhCNG6hGb0VWtL8nF%2FaIaGWjDtpUX0YAzzYwRkjs6EqHUqiIR5I77xnvAApUfILVISI6ywCy1%2B0J"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-hw: 1691201912.cds285.am5.hn,1691201912.cds141.am5.c
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7f14433bcbc29c10-FRA
alt-svc: h3=":443"; ma=86400
content-length: 38538

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
77 KB 214ms
78ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CE6CLHD4YS

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d5f29ab920873be58a1cb51277d06b8b08c11916e05c69035c7fac877708e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78444
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 05 Aug 2023 02:18:32 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
3 KB 137ms
36ms Script
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=44
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt: AcO1rw4XeYL/ODkBAA
x-accel-expires: @1691726528
date: Sat, 05 Aug 2023 02:18:32 GMT
x-77-pop: frankfurtDE
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 90833930f6e36e8278b1cd646c8f6a0b
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 80184
x-accel-date: 1691121728

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 46 KB
9 KB 148ms
47ms Script
text/html 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 06b7462536903ae4d86abe8f1ceb0f4849958a43005c7e58d24fb4e5f2d246d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt: AcO1rw6pSVP/5RkBAA
x-accel-expires: @1691734547
date: Sat, 05 Aug 2023 02:18:32 GMT
x-77-pop: frankfurtDE
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 90833930f6e36e8278b1cd64adcb710b
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 72165
x-accel-date: 1691129747

GET
H2 200 141132d91516007c468d881398463db8.js Show response
f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/ 58 KB
17 KB 69ms
69ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/141132d91516007c468d881398463db8.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: 1417946a14c7a05e3b2b32bc2349994a9c09f0c29fd317fff0236da9f8f9f892

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 17384
last-modified: Tue, 20 Jun 2023 03:03:05 GMT
server: cloudflare
etag: "1687230185"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3aSIN7VfsRb9mRP%2Bre6VLC%2FRK1re%2BnQ7zPNv9UClobOMxLmgQCBCX18Yhg%2BJqeyLYRC1hlJZ4Lm7AXa%2BfHo05m9KD8ChkiuZRWHwbYohcRbExpXVrUXjIn%2FK7cX9124"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hw: 1691201912.cds285.am5.hn,1691201912.cds153.am5.c
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7da0c70d68110b36-AMS

GET
H2 200 /
www.ducumon.click/ 34 KB
34 KB 91ms
90ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ducumon.click/
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 04 Aug 2023 19:55:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9m4rpu9K2AijgILaH1O99pTa%2FSY1TN83UIZqzw%2BrkWcd%2B6jGXXcWpajvFVttPYhVh6QnCKCTV9Dw44IruuqniYma1NWrBxIBI9vnuG9kU2T%2BRWu65X7jOwDn3zP9s%2B4DcOOMluAXq4Kb8zaYOYT2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=0
cf-ray: 7f1b8cce8b20b742-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 05 Aug 2023 02:18:32 GMT

GET
H2 200 generatepress.woff2
f3f6i6e3.stackpathcdn.com/wp-content/themes/generatepress/assets/fonts/ 1 KB
2 KB 84ms
30ms Font
font/woff2 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://f3f6i6e3.stackpathcdn.com/wp-content/themes/generatepress/assets/fonts/generatepress.woff2
Requested by: Host: f3f6i6e3.stackpathcdn.com
URL: https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=1687230184
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: cloudflare /
Resource Hash: ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

Referer: https://f3f6i6e3.stackpathcdn.com/wp-content/cache/min/1/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=1687230184
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 23 Mar 2023 04:21:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1679545261"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lP%2B43%2FgFxZnO2nJnTA1z%2F6riPlr%2BZjp8uYwOVl34XHf%2FMMcnFE0x6okXG5AwSzN9c8sElDgPgpIs6nlyu4FWqY4pQq4XX7gp33QeVFtU%2BOFGug%2B24aOzfncjQayphK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
x-hw: 1691201912.cds293.am5.hn,1691201912.cds319.am5.c
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 7ac3f1e6982a2c2e-FRA
content-length: 1287

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 111ms
37ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 09:02:59 GMT
x-content-type-options: nosniff
age: 62133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 09:02:59 GMT

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 131ms
39ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=101319&f=44&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
server: nginx
x-iplb-request-id: 1FCC98D3:EAB4_36264064:01BB_64CDB178_20B8F93:14677
x-iplb-instance: 38439
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 110 KB
37 KB 144ms
35ms Script
application/javascript 2.16.107.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-153.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c0df6138992189efffefdbe9173df743253fecb3f07ffeae59a5296597680667

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 37188
Expires: Sat, 05 Aug 2023 04:18:32 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
291 B 141ms
35ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 206337
expires: 60

GET
H2 200 mapper.js Show response
spl.zeotap.com/ 61 KB
20 KB 109ms
38ms Script
application/javascript 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=2592000; includeSubDomains; preload
age: 1501
cf-polished: origSize=62056
cf-bgj: minify
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://freizeit-haus-und-garten.de
cache-control: public, max-age=21600
access-control-allow-credentials: true
cf-ray: 7f1b8ccffe150a65-AMS
access-control-allow-headers: *
expires: Sat, 05 Aug 2023 07:53:31 GMT

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 161ms
38ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:32 GMT
Last-Modified: Thu, 14 Oct 2021 07:27:52 GMT
Server: nginx/1.20.1
X-IPLB-Request-ID: 1FCC98D3:ADB8_91EFC0A6:01BB_64CDB178_236A29AE:6BA8
ETag: "6167dbf8-15ab"
X-IPLB-Instance: 30195
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 204 /
onetag-sys.com/usync/ Frame 7DF3 0
0 108ms
33ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691201912230

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 118ms
33ms Script
application/javascript 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 12 Aug 2023 02:18:32 GMT

GET
H2 404 px.js
p.cpx.to/p// 0
0 171ms
43ms Script
text/plain 52.208.148.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p//px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.148.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-148-0.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-length: 42
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 118ms
38ms Script
text/javascript 65.9.7.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-64.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 23:04:41 GMT
Via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
X-Amz-Cf-Pop: FRA56-C1
Age: 11632
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: O_yEnEZ4vt2VIyd2jYxM32ipbD_JkYFHgg4IECBjNAIB6upEgCWM6g==

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/ 547 KB
178 KB 48ms
48ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=101319&formatId=44
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 314239c0951006468f0c6db2d927690ce7f623ce86544796a5aeea93e36c7456

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 80177
x-accel-date: 1691121735
x-77-nzt: AcO1rw6gkaD/MTkBAA
pragma: public
x-accel-expires: @1691208135
last-modified: Wed, 02 Aug 2023 20:22:36 GMT
server: CDN77-Turbo
x-77-nzt-ray: 90833930f6e36e8278b1cd647c5b410f
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Sat, 05 Aug 2023 04:02:15 GMT

GET
H3 200 LyingerOfflineAds300x250.png
www.ducumon.click/wp-content/uploads/2023/01/ 5 KB
5 KB 33ms
32ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ducumon.click/wp-content/uploads/2023/01/LyingerOfflineAds300x250.png
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de961d9a1ae4dc41c14f0454663f8adc6db10f8fed40c59fb080a0af24f08ee7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Jan 2023 14:27:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 218791
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Es9xy0nOfLcCWzWYUnkdIz%2BltIaftmMN6dJNH0ZwlNP7TKpeQidmRugTcR8mmvTF2nA6JuanhXh3dQke3fzpiqaUrAL%2BNLy07OukoKy0VZZn0GQt2FvDWsYDI4044HdsmkYBH1YctTB09Yi9Ix9slA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 7f1b8ccf98660bb4-AMS
alt-svc: h3=":443"; ma=86400
content-length: 4693
expires: Thu, 30 Nov 2023 13:32:01 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/ 398 KB
126 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 13:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44569
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129167
x-xss-protection: 0
server: cafe
etag: 5057873641579568274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 03 Aug 2024 13:55:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 39 B
63 B 108ms
41ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ducumon.click

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc1edad6e7746ed1aba933a7a0773ecb235ba0bd35a46ee42b941ad1b7be529b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
x-xss-protection: 0
expires: Sat, 05 Aug 2023 02:18:32 GMT

GET
H2 200 / Show response
spl.zeotap.com/ 429 B
637 B 45ms
44ms XHR
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25cb63150e157225b72ab00456c9007a8f9de63b4da4a7f9b7a06eb21283b0cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
cf-ray: 7f1b8cd05e4c0a65-AMS
access-control-allow-headers: *

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 122ms
34ms Script
application/javascript 2600:9000:223c:c800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:08:07 GMT
content-encoding: gzip
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
server: AmazonS3
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: gY_WhbKawQUr1qdGsihdfMJkEew49RJaxl0_ks7tPP5X52FWLKZUkw==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 134ms
34ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 07:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 412563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jul 2024 07:42:29 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 107ms
38ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ducumon.click%2F&domain=www.ducumon.click&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 05 Aug 2023 02:18:32 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 181320
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
390 B 35ms
34ms XHR
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.ducumon.click%2F&domain=www.ducumon.click&cw=1&lsw=1

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 224648
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 134 B
545 B 109ms
33ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1018 B 94ms
31ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:32 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Thu, 03 Aug 2023 15:25:22 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 124974
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REVl2ivwQT9m%2BRWVaneVqVnIL0GeAWJNKgohmReN5BTniXKMNTXjmX0PtP2QhlgoO2rxCdOgQw%2FxMHxpqiUuXVM11iSlTZuD8MLWR3rgJIz0tWyzv4sY5Goy%2Fp2iVEjDEg6VHNL4Lja22y3a"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7f1b8cd10f5ad0d5-AMS

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=c9aa7be3-c9d4-452f-64d9-85a5685358f1&reqId=4da106ba-9af2-4c61-7e13-e1adac026f7e&...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=c9aa7be3-c9d4-452f-64d9-85a5685358f1&reqId=4da106ba-9af2-4c61-7e13-e1adac026f7e...
https://mwzeom.zeotap.com/mw?google_gid=CAESEF4wqT1TJw7RirXRvhPBR9Y&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=c9aa7be3-c9d4-452f-64d9-85a5685358f1&reqId=4da106ba-9af2-4c61-7e1...

95 B
165 B

51ms
44ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?google_gid=CAESEF4wqT1TJw7RirXRvhPBR9Y&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=c9aa7be3-c9d4-452f-64d9-85a5685358f1&reqId=4da106ba-9af2-4c61-7e13-e1adac026f7e&zdid=1258

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
cf-ray: 7f1b8cd1ef900a65-AMS
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEF4wqT1TJw7RirXRvhPBR9Y&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=c9aa7be3-c9d4-452f-64d9-85a5685358f1&reqId=4da106ba-9af2-4c61-7e13-e1adac026f7e&zdid=1258
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 446
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 102.json Show response
id5-sync.com/g/v2/ 276 B
688 B 104ms
37ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

5dae896bb6619fee2842fbf57b2f68425693760e409d51daa3485d527d3b4ab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame DCBB 0
246 B 38ms
37ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.ducumon.click%2F&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:32 GMT
Server: nginx/1.20.1
Transfer-Encoding: chunked
X-IPLB-Instance: 30195
X-IPLB-Request-ID: 1FCC98D3:ADB8_91EFC0A6:01BB_64CDB178_236A29B1:6BA8

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 82ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CE6CLHD4YS&_ono=1&gtm=45je3820&_p=1016053721&_gaz=1&cid=1451542700.1691201912&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691201912&sct=1&seg=0&dl=https%3A%2F%2Fwww.ducumon.click%2F&dt=Ducumon%20-%20The%20Next%20Gen%20to%20Give%20entertainment%20that%20best%20suits%20you%2C%20all%20for%20free!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CE6CLHD4YS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 101ms
33ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-CE6CLHD4YS&cid=1451542700.1691201912&gtm=45je3820&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CE6CLHD4YS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 118ms
44ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-CE6CLHD4YS&cid=1451542700.1691201912&gtm=45je3820&aip=1&z=1754703621

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET s
kvt.sddan.com/api/v1/public/p/29567/d/50/ 0
0

GET
H2 200 pixel;r=54244526;labels=Categories.;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.ducumon.click%2F;uht=2;fpan=1;fpa=P0-1406726379-1691201912362;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gd...
pixel.quantserve.com/ 35 B
371 B 34ms
33ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=54244526;labels=Categories.;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.ducumon.click%2F;uht=2;fpan=1;fpa=P0-1406726379-1691201912362;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=ducumon.click;dst=0;et=1691201912486;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.Ducumon%2Cdescription.The%20Next%20Gen%20to%20Give%20entertainment%20that%20best%20suits%20you%252C%20all%20for%20free!%2Curl.https%3A%2F%2Fwww%252Educumon%252Eclick%2F%2Csite_name.Ducumon;ses=48cfbf5f-8e51-4e5e-937d-8c194484c915;mdl=

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 88ms
34ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef6e6dfd4d82f26303e757b5895d9c9aac7424484bc74cf386055d1bb3e940f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:32 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 116651
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 03 Aug 2023 15:25:21 GMT
Server: cloudflare
ETag: W/"d28a1b0d6dc3203c62f341488d62736b"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fT%2Bq9LVlS2duSKqyzG%2FeNudeWIMtIAzT4ip5UA5mmYutPGsDtqZ5o1Cl%2FDmqG0MIYcK8eFrf2Av3tDrotvk%2Brw%2BzI4u7%2FHNHsVHh4ZD16j2MPMGreaeVKUnm%2BoV77ctBSNxEqEvb1TorRvb0"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7f1b8cd18b4db89c-AMS

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
13 KB 110ms
109ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=138438793603560&correlator=3875237396984691&eid=31076708&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=21673142571%2C472__ducumon.me__default__728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=4198062671&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1691201912533&lmt=1691178944&adxs=436&adys=731&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ducumon.click%2F&frm=20&vis=1&psz=1600x115&msz=728x-1&fws=0&ohw=0&ga_vid=1451542700.1691201912&ga_sid=1691201913&ga_hid=1016053721&ga_fc=true&dlt=1691201911883&idt=624

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af314566bc1963e9d748aa55507f7a6e15ef3b9025465be5b6a4a02e0e844fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13003
x-xss-protection: 0
google-lineitem-id: 6160640580
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138413578869
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 117ms
117ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=138438793603560&correlator=3875237396984691&eid=31076708&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=21673142571%2C472__ducumon.me__default__320x50_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&ifi=2&adks=2479459083&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1691201912541&lmt=1691178944&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ducumon.click%2F&frm=20&vis=1&psz=1600x115&msz=0x-1&fws=128&ohw=0&ga_vid=1451542700.1691201912&ga_sid=1691201913&ga_hid=1016053721&ga_fc=true&dlt=1691201911883&idt=624

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3459779243b2a81d508c56eeaee78a7260d03f85cf1a7ce831617ca42b185bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11924
x-xss-protection: 0
google-lineitem-id: 6162763190
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138413479337
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 134ms
134ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=138438793603560&correlator=3875237396984691&eid=31076708&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=21673142571%2C472__ducumon.me__default__160x600_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=3&adks=1747618850&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1691201912544&lmt=1691178944&adxs=1440&adys=50&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ducumon.click%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=1451542700.1691201912&ga_sid=1691201913&ga_hid=1016053721&ga_fc=true&dlt=1691201911883&idt=624

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2659c49ddc850b9c1992082cd7b0f55ba2571d922d873b5e135e65d4ce1f9b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11920
x-xss-protection: 0
google-lineitem-id: 6137698453
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138408788069
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 149ms
149ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=138438793603560&correlator=3875237396984691&eid=31076708&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fif&iu_parts=21673142571%2C472__ducumon.me__default__300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&adks=714504307&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1691201912546&lmt=1691178944&adxs=528&adys=1594&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.ducumon.click%2F&frm=20&vis=1&psz=776x250&msz=300x-1&fws=0&ohw=0&ga_vid=1451542700.1691201912&ga_sid=1691201913&ga_hid=1016053721&ga_fc=true&dlt=1691201911883&idt=624

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a37b4efb6a9302af7a2491021d7099b80296373698860e06f0bcf9f5cbee0948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11950
x-xss-protection: 0
google-lineitem-id: 6137698276
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138409411186
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3e937318ce7243d3184050141a4c7d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D02E 6 KB
3 KB 274ms
66ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3e937318ce7243d3184050141a4c7d94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 05 Aug 2023 02:18:32 GMT
expires: Sun, 04 Aug 2024 02:18:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 110ms
33ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

012710d3589c5a3d4593c906b9fea443e306806e3b7b7268f78f5c5fceadce1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
923 B 274ms
43ms XHR
application/x-javascript 52.209.73.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.73.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-73-195.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Aug 2023 02:18:32 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Aug 2023 02:18:32 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.ducumon.click
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200 12.json Show response
id5-sync.com/g/v2/ 276 B
688 B 33ms
33ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

5c2c4d971a83d95495d3a3bb926e3a45ec0a8e12b432d9a1c80171600c8dc0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 76A9 0
0 99ms
99ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssd-QS-vO4KAGuubev698ZG6BqvF0CztiTL5Xj9HRIaJjQKn5E4GotmVrzARF1XlbC7a85Q8hQeXKssm1ykLhdJCeTSGjtGEt_FvyqJlH7J_0ln15ck_Uv28EzwVwsjOy54stfyJQHbYzKzAca5u0y7FVeibMNVcB5xZveLZS77mc_bT6hdp8qjxhguvfx-CvMhmzDT_KhbxB6zzBj_Y2XkVSzH0Ax9-AqOg9Rno7NDS3FATG19pe1-zpXCVrOSFoIdUl1ezMaaZfMM3HNKii1Xqs4Gagdy6GWAwHcUhhdWC51qRiaXtoFKtSrmsDS7H4LEm_yR4adLn1xO3bl4LsupFZez9j3ZSiTg8gLuMg&sai=AMfl-YS9RtwuIXjoIMkGHzlFhwsmGEy8bVcQ8bYSMyapEwS_dEqLfE8z7LRBVmf2oY1efmgVl3r8zvN9i6IiwqaqcD2ElfdDqkYnPGeB6k7Qnv-liDrkdogo00EixA8Emw&sig=Cg0ArKJSzMlzsQ61Aj2bEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 t.js Show response
sourserve.com/ Frame 76A9 90 KB
22 KB 125ms
37ms Script
application/javascript 108.138.17.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6997181691201912706
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 443fdb6f2f8d2ee31f2effb89a2a1a57e963ed76bd1e2fd9ff385b509c9527b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 5AE4kb1UPWsKF88fvPgQeZxqzcnrm5MT
content-encoding: gzip
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
date: Fri, 04 Aug 2023 09:14:00 GMT
last-modified: Tue, 01 Aug 2023 16:05:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 61473
x-amz-server-side-encryption: AES256
etag: W/"a088accae16c67d3c8f95d044e1d0f9e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: KQqRMs8AmVBcWiLo6d7UnBu6jbD1OE63yGTI0dcj7RvVypRboM8lfg==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76A9 179 KB
57 KB 102ms
75ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Aug 2023 02:18:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7C62 0
0 98ms
98ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvE3OwhEsH3Wgbz3u0mi4k4EvwH_K2FGcWXx-20ah1VsvMMKhVT_w6ofvin8I8G_12_ENcb2YtgvXG7_bti_hQfqva_4wUqFgErARDwMcWp7z9L3zWIuERDWq1zGRNpsJs1Di-lo8u4h5xj78DbM733WSiJCUoH4h0NxGOyD8WQyefHjFVUkRHSsLugsTJMPjAMCLflWHXHnSDJlKKNybhKK0w6Sm3gxddMJdbPqvshDVz4kqs1anYeMTn3AYbQTBPMWDQ91ct3nb4WK5TR204O2A_cFhd_lpTJy7AC6KfABK839QlIE4pJG1-CGRyqZ-FRWkiwSAdrM2jir7k6iYSZTm8UiogjOfUJ8-8z-A&sai=AMfl-YTe7Tvpr2e6V6mfcxCL-GjA8buX0w4SvAA4nUPYsFdcze9SucE1EVlRq-v_pnE1zwDPcSVgPiLyJHIz0ovfHr6RPy1E75D3AjKjp_IAit9G6TOihk30syN2Kv6xkcg&sig=Cg0ArKJSzDoeWNnzGVeBEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 t.js Show response
sourserve.com/ Frame 7C62 90 KB
22 KB 144ms
78ms Script
application/javascript 108.138.17.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=7281821691201912728
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 443fdb6f2f8d2ee31f2effb89a2a1a57e963ed76bd1e2fd9ff385b509c9527b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 5AE4kb1UPWsKF88fvPgQeZxqzcnrm5MT
content-encoding: gzip
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
date: Fri, 04 Aug 2023 09:14:00 GMT
last-modified: Tue, 01 Aug 2023 16:05:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 61473
x-amz-server-side-encryption: AES256
etag: W/"a088accae16c67d3c8f95d044e1d0f9e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 4NfHXPhZeCOYVm5_5mHHGUAH45DL3BDc68zIHC1pUpwz5wTNHbqhjA==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C62 179 KB
56 KB 103ms
99ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Aug 2023 02:18:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7859 0
0 97ms
97ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvpUgD3XMhN7ibFnxvUtUqYP6jcdDDqbWxsNBpxgxU_q7OBOytJM9ZfNtZM0A_URidWizfuG3uvGYBYAJwg4TggF2_rBQZxLLfgy3rWlLDmU1XkGDagHzA4N79rog_Sn0rOz1-kRyVr4LE5z5CVCns8GWra_ySQGgoCN_jDEcPoqatAU8dc-_JzItHO4UlYVOIAgCKI9mDo7PDMoGs6MdDM1GS3epfSNaXPJTtJst2Rzyr2Of947x3Bm-ETtYlZiS9EaZNFUuRsPkLDzMxty20k4wLAfu1vkXQqWwvkRUbHWo85WJMPRb28i9qDBiPNxs6Rl8EnNwTXJQNyNZd4TqfCRmrleCaC803UOrPoA9X&sai=AMfl-YTy8bAniNg0gbMJAP2YrQzfEZWBn4Z6xN4nC-6-6ScPbSdSPFIjgTuXjqnKyZkUf8QuXov1IqebTIYaRMW-Zo5q2h51saAgohJYkjLg3VYvgpMcLZcVHJOq_31CeB4&sig=Cg0ArKJSzBu-9A9gbekSEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 t.js Show response
sourserve.com/ Frame 7859 90 KB
22 KB 118ms
63ms Script
application/javascript 108.138.17.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=5126971691201912739
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 443fdb6f2f8d2ee31f2effb89a2a1a57e963ed76bd1e2fd9ff385b509c9527b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 5AE4kb1UPWsKF88fvPgQeZxqzcnrm5MT
content-encoding: gzip
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
date: Fri, 04 Aug 2023 09:14:00 GMT
last-modified: Tue, 01 Aug 2023 16:05:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 61473
x-amz-server-side-encryption: AES256
etag: W/"a088accae16c67d3c8f95d044e1d0f9e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: CNuk54cqu9NpQJeB119pduSW_qNgIYv0tNt7i_i2l98Rlh8PmcIK1A==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7859 179 KB
56 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Aug 2023 02:18:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 83F9 0
0 97ms
97ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7GDalz3fQhEJfRH_fpODM4hk3u9bTDzDoU30JyMVntabB8G_OxGganPksGNwC-KvlCeojZt-pIb8yqF5Fm6NLKLJwLyoZjY6kBWGiIQ7ZC2MaFQY7__bYFbybeaDifRJV55UFdfRni2IEvyAiK1cqKWswziVYl-DoCb-OOHKdOZI33oR4xNc0ZK8UaTsvsPvB17YIThb3LG5-LPZcy6AzxVYI6NYdGv9jPgPytY5C7OP-xnBCCqOTKcZQqOhQN6TFiVMEABTKba9WDFS0lQDjFbafI1ov4bkXAJoVQdh0_3BKaR46ezifzB7t0uGJsRy7qLyqCv0wIueSMH2iEA1vKwyA3iINAyJQL7N54reDHg9g&sai=AMfl-YSSeeRGDLQmpCty_sHGpcJ6jlqgdPnP23jNYahNp7m0m7RDI4sZAJ9Ht8mjQCOuRvVJ9OMkDaTvjteO0BGFAPc1ib3oOwueRtzf6VXA3CGiOOiot1ZmCyhHNR-M&sig=Cg0ArKJSzB_Kgaop4s-_EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 t.js Show response
sourserve.com/ Frame 83F9 90 KB
22 KB 109ms
70ms Script
application/javascript 108.138.17.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=2628631691201912755
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 443fdb6f2f8d2ee31f2effb89a2a1a57e963ed76bd1e2fd9ff385b509c9527b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 5AE4kb1UPWsKF88fvPgQeZxqzcnrm5MT
content-encoding: gzip
via: 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
date: Fri, 04 Aug 2023 09:14:00 GMT
last-modified: Tue, 01 Aug 2023 16:05:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 61473
x-amz-server-side-encryption: AES256
etag: W/"a088accae16c67d3c8f95d044e1d0f9e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: bkT_EoTmjim1bo--2HTI3xNBbe_Rd_X0YdnERz2PmV2JpFS7rnKNEQ==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83F9 179 KB
56 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Aug 2023 02:18:32 GMT

GET
H2 200 a4ey53iqvdnqdrnbfn1vg.json Show response
sourserve.com/c/ Frame 76A9 1 KB
2 KB 100ms
34ms Fetch
application/octet-stream 108.138.17.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourserve.com/c/a4ey53iqvdnqdrnbfn1vg.json?cb=1691201912874
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6997181691201912706
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a94553c5a6b5a952d3ec3584962dfad0128ac5e7b17c21a5bbdf20930c4ffb8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 0LSbXarCM38MSGBExyeUkHd_HWUM7gI7
date: Fri, 04 Aug 2023 18:49:23 GMT
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 26950
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1390
last-modified: Wed, 21 Dec 2022 10:36:32 GMT
server: AmazonS3
etag: "7b481c5997acee4ba46e9189e2de3a95"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: 9TjoMcfOKeCM-qcNOWrbX6fhYmgGnJEH7jEJJBJuRT9Ime1z56dt2A==

GET
DATA 200
OK truncated
/ Frame 7859 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5093fcecf0faa378b923db608fc49f872347770d9d802e76b232a2284f487e55

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 76A9 0
0 72ms
72ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9Kz-FRTzLqi0JQ8SC5w_XCraya1VourKw2MCiEBcT53Q-RZIqKpckETgbZ1fsj2IdBYwRpsq_hgWdS6vUvVIuP09EkdEtxA7GU9FNBvHTFWC-9dCLAwoOMiTDjBChckZUZe3XDeuYQNf4xl4x4in4LDXV937C3eJz0iwdvBHdZ-zPU10QcpRdI1RBNmYwV1PK9le5VLNkj1g1mrRvauHM1bBF0nQ60H6TH3PA3ewBE1UQnc2sOjta6JGQTOGILlRaAliHZbSLJYOvAC1NWn_6tQ21iuL3RUKWbGaiBkkedXnIPnFXvljar1MsVDvSD8mOxepKsUVF4MoIJ8jtk7VS8RKK2JhkU1syD3Q-kbgB&sai=AMfl-YRqmORkx6R6URi3a9k0afHc02HrPu7Pb_KJPDuGoBVNiiESag1fQerK_39gaicLkigM2FDuJqBLEoEgPvnRdcBYnubtOMjUEb7NtgqUTo0azBsEL9cRbTFGWgWPRA&sig=Cg0ArKJSzI4wjOhGus4YEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 05 Aug 2023 02:18:32 GMT

GET
H2 200 tsvywhsu3dccosod7zsfh.json Show response
sourserve.com/c/ Frame 7859 1 KB
2 KB 77ms
34ms Fetch
application/octet-stream 108.138.17.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourserve.com/c/tsvywhsu3dccosod7zsfh.json?cb=1691201912897
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=5126971691201912739
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44383d0c7580f1f36178ccde234a9ecfc6b5f976ff98f2bc6d7b061b892323f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: cE2BbvemxuN8qiD7vcnUZrs7gi34K__z
date: Fri, 04 Aug 2023 18:33:34 GMT
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 27899
x-cache: Hit from cloudfront
content-length: 1263
last-modified: Fri, 18 Nov 2022 09:39:31 GMT
server: AmazonS3
etag: "dde775937c6052dedc08d4a4d13b7fd1"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: DyzW4CLT1XLvILPVKCEKkt7HEY052h6vokC7EYZ6bLFlVCj4VgdHTQ==

GET
H2 200 p17507zcwy1drux4xxi2j.json Show response
sourserve.com/c/ Frame 83F9 1 KB
2 KB 76ms
35ms Fetch
application/octet-stream 108.138.17.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourserve.com/c/p17507zcwy1drux4xxi2j.json?cb=1691201912899
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=2628631691201912755
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe000543be696bf9a6e05b1cf8906ce355c6a469653b1b44fcaa19245fdcea39

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: qExezBpn8UjBEjEi3um3v4XltjuwFz3U
date: Fri, 04 Aug 2023 18:32:03 GMT
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 27990
x-cache: Hit from cloudfront
content-length: 1442
last-modified: Fri, 18 Nov 2022 09:39:36 GMT
server: AmazonS3
etag: "b9cf5ee922252dea4a4ab921e2da182e"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: Urqh-RVt1B5X8pFDmWSR-tVuX5mzZ3XJtuyvYihVlB0fb6OSDjYl5A==

GET
DATA 200
OK truncated
/ Frame 7C62 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58badb5b493752ca8afa9788630acbe1975cd8236824bfb2e01e3ef56fa722b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 83F9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b210b71bba3b288718f4969a33919967a425e81aef7906edae1d4e378ee71ab5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 83F9 0
0 70ms
70ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstq2rIwP2H78pRbLPUD6a3hJc9QdEOfdOtqDsjw8tNgvP-fph7nbruUiB1hbpqjZR14d6bx3smJo9MImdY4soits8SptdJOI36GDiwQ7tC0N6DsuyBx9LQW1rFMW-O02rgO2TbwtnvfwzYJKf078kGCZiXFu0v6TqECl3g04szbgHB2rDtPKfRIDUVEFvas30xcSu_uv3mbr3HvGCKiLzqOMAJHYN8k5fVzC49NJrWyd4m0UOrL824mBqig42_C-y6TeoKjS8udW_3rbU9aFx7r_SAtB0R1nS7rJ54m8Srak-okarsmdNiAluTZjE6UcC4gNJDj2VgEvbIMgQfCZqdzJsfBCPeBb0ptIHHtWrdIHJSxEVY&sai=AMfl-YQP9-mvooSJpGrRiD17NO0OXKlIbWhptMPGYGPtoNuicQ73wKIVnC0tdWwBMTe-BpH5V2hQz2iLuPNEPaUZHZAmhoM_ptrNdpW_U0T3n_yOoXaS5yI5KVB2SWaA&sig=Cg0ArKJSzMg96SJ5ydE9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 05 Aug 2023 02:18:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7859 0
0 69ms
69ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssviVdgZLSFFSzo7i4zD1ghCVsUAD8LaFRuHzpQxAfKH9D27jpht9D8FeA9yMKJdf4f8dzOyRlxCFw3MZuwTPNM5ayBSqhF0_hs3iZJqFnUwSw-q23vCD2js5mStUXPldXRniFGxuetc_tddAcQfYKpoqjncM8-N5-RfsXPckEu1PRnFDv4G9jKmDzDwb82JnWDBENFwUS5lVAewNPOgmEtmXXu6zAZt5Ej6CWpV3S-QHUfsB2DCY-E1EkXAlO14UVxbTK1SoMPl2kjVMjQyxrfKog2OgJ1Je4GzQKb3wCBc7M7FBLqGIY2dx99I1roqoitILCq2dpdow4Agww49stsl5at5HioZLxFMGjN_HgmNHY&sai=AMfl-YQ-hOLQwZ79o1jBDXF2Bu8xtj7ljJ-2Pe8iYaQWW2lMIAteoaoTnzfObY0S4SumeXbZDdU6mDL-CY3LzQ81ri7gDHEx-Jr0FZQgf2X7xfNH_WN1HR_Dtq8mfm3lWRM&sig=Cg0ArKJSzFsPXPdM5kVuEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 05 Aug 2023 02:18:32 GMT

GET
H2 200 dngtej48zud812zd87r36.json Show response
sourserve.com/c/ Frame 7C62 1 KB
2 KB 35ms
34ms Fetch
application/octet-stream 108.138.17.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sourserve.com/c/dngtej48zud812zd87r36.json?cb=1691201912953
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=7281821691201912728
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6dcb70227dbc7f39789f278bf9aff1ee74352c034c1a3404568bd95eca78cde7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: L13RVBzEXvJseRQLHb4gREwIXRb6GYK1
date: Fri, 04 Aug 2023 21:13:38 GMT
via: 1.1 d34cf2ddbdf9774517330fee6a26e4b2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 18295
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1389
last-modified: Wed, 21 Dec 2022 10:36:37 GMT
server: AmazonS3
etag: "8d4a1a472a4d71b7951c4f713c7dcbf1"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: JJTwafSJY3u1SGAm9YU2dcVDZryQdjR6cIA-B3FrzfFzNSiqU6XkOw==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7C62 0
0 71ms
71ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvedmd3agJSGY9-A1McHH_hzQIRtTHAtw8gZLyh5mX1bKvrzDIjb8tGJ5TDaEv60TJxGsElYTh_-1qagfWeASfBtHfX9uhl8g4qc-MwgpEkMW544ZwpJo72o5V_f-hMVPF0rbrzsSpEIeJMLSdQiuIixvy-9lA-9TIkDiVJ3ycwM3XGbj8_gkALl_-iBQ7Yfu47NgY4J0dKF4vziC0RLK5hDUQXQ6LB0B3mvfJHoX30jJN2qo-3joZOm4r6E6t04VxTZBSWwvd134YARLlPXf_y1UBdduynEmRXw4RhL2KPgpN3sbhfl8FxEobawPtqt78Lqv7xPuROylLuTi2JDZhRh64uZqkHLvz1eePALOhA&sai=AMfl-YQWl8CKi3kjb2a3yEnPYPDPYd1hYq5i1gTrxi2R5TgjwroDI5CL_Ygb_xXxia23Sc_UJ_tU7RGMHLGMxAajvWixKfDy3DnWoX5Dvn9C84wSNpJrqTP5Us49DSYKTJQ&sig=Cg0ArKJSzBLnqppcHGY-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 05 Aug 2023 02:18:33 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 204ms
76ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa19563e6dd52a6e0a826365b0f1a1960710ff942f072d390ebcde8b303326c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11779
x-xss-protection: 0

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 7C62 63 KB
23 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d78168f7d30e6d8b8cea98e125e6e9a80d0bc9ab2d00750161952b9afbe79107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 01:40:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2297
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23842
x-xss-protection: 0
server: cafe
etag: 16445705997412244728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 02:40:15 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame D470 424 KB
122 KB 135ms
71ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzpzkpjB4wyfTAYoHubdyutqZbEytYk2%2Fu1LPLhtjbIxqgVLzE3%2FtgVIuaJZfeeNu6WRGhxjfqRIq23T8jOoxX1jUltQuIuVpUAI%2BH1YDjGmWYrOksI3nu6Q7O0tkiAg%2BEzucIJUIb8LJdI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd4cb531cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 76A9 12 B
182 B 202ms
95ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6997181691201912706
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 8B26 424 KB
122 KB 58ms
41ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWQ20%2BCZmunqCJ1Adb27NxMERtmAMG6NwBu7k1vReGhU6TiQGnniU1So5MFvzQLRrkemaI5TDZM1%2FKckXJiuP1kRcy5b30QXctBkh9N9XTQudDrHuaDBIgcnfzOoKkSwXpRLpTZgpCvvYlk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd4cb541cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 76A9 12 B
181 B 182ms
96ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6997181691201912706
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 7F65 424 KB
122 KB 73ms
70ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4ok9WTFRL%2BAvbyuDTknkOFzsTiiVIIbWahZJGYI8z%2BqlpMFY3M7vs9tzO0twckIctD1P2J91nzBcE8TZvFhMhsu2MwWgFZWQenee56Cv0uLbAO1XeRMGfCd3aRjdghjQWIMl%2Bd0QcyVUxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd4cb551cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 76A9 12 B
181 B 168ms
95ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6997181691201912706
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame E638 424 KB
122 KB 59ms
59ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wzj8G90uDLAsmazBQxPX0OwORw0zVqN%2FZm9IV4RE2APK7%2FypdxtXS04WqRSi8JlpRKb3bkG9w%2BelumpFKuY5nGHzFdQl%2F011W6w2DyLjHbTzzdJGXEhrpLBe0wP0inpyxl1TSELSTcTN8sk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd4db711cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 76A9 12 B
181 B 153ms
96ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6997181691201912706
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 4D5A 424 KB
122 KB 51ms
51ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BjR5%2FfObgjFlOpQU6XBy5z2kyLGPqbj4%2FDWBxnYJQbDwkU12blsebcUU%2Bg25abB68063NQN2z4CD4NIBfgrZQ7wctV7l%2FsiAyDv6UwmzNOG%2Fyt5Ypw34GGSPUe%2Be4pEnn1gwxfvoHsn%2FiA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd4eba31cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 76A9 12 B
181 B 139ms
96ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6997181691201912706
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 3D30 424 KB
122 KB 58ms
58ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkUUAaQnzObmDwqJQQN4oSATyQMxUd8E7QJPSXwHEtMTXioJdoZl49lbKj5dk71gQpGXGnVeHlEU7uugoCTkH5QQMJYDdq4PQUyxW%2FuI5yV3PQDUzpktjTMkSbblymmDMiLeoMo11OML2%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd50bb31cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 76A9 12 B
181 B 126ms
96ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6997181691201912706
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame EF90 424 KB
122 KB 52ms
52ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dX0pEGEnuaZ%2BQTagM5NeePO6uOa7Y884jiGha9QlvgHTXy953dz02fuMBLUJgV%2F7cCX8H%2B8aFRZvzZYLzy9thnOouwOZQWbGiXhcHhec%2BUrWD1AwO5ZLlgQ%2FsRD8tzyZvtTnD0qzXouJ8yQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd51be51cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 76A9 12 B
181 B 112ms
97ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6997181691201912706
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 60AD 424 KB
122 KB 50ms
50ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7Ji%2Fs5oBu09SmaCRb5CID3UbLNHIZLTCag7D4LdGx0ciUlGbLe%2FTspJlTAMYMiJf1atsvn0vj7G88S0An%2FH2r7PYwyH2cMmIfvYepr6g1%2BLxOZZF0v9HRo%2BDgZ79mBn15TroitoZ65eGUY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd52c0d1cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 76A9 12 B
181 B 138ms
137ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=a4ey53iqvdnqdrnbfn1vg&cb=6997181691201912706
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 6E16 424 KB
122 KB 49ms
48ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuZNug4Ql9P63eGTxFvY1e58WS%2BjFpQytiCBb8MjhdVboQc8rg6Mpcg9zdcnnP2Q8rtfmW%2B2SuMw4pxwXj8BS3QkHKNdZHy4lgnA9MeZriMoWBFmdFyZMYZBshwkS0W8CxV2B%2Bqb38nHnfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd55c491cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 7859 12 B
181 B 75ms
73ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=5126971691201912739
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 6992 424 KB
122 KB 48ms
48ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5aVIG%2F%2FJY7RDo4Xexlfwfr84hoaHW0LXecGZu696LS7CMxhSRAKT5KnGVx%2BBVVk9z0iVoYPlAZldqhHR1QV%2Bk8GeEG79q3r7fRLHf5rqP%2B1KQyQtJofjqmPiuDW9vkwE1BwOhEQ4x0Kwng%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd56c7c1cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 7859 12 B
181 B 61ms
60ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=5126971691201912739
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame C2D0 424 KB
122 KB 44ms
43ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igrGfKaamLzEdP%2Fjxh0tmEpFvq7sIrJahztrCPZkvxDzGTMAL8aRJtFKtaLQGt6W%2FMmH1NXrPoZY%2F4KZWg5PZLcmmj%2F1qWNrBoFsovgMgfA6yDXUfzXEfSU4RcehwC1e0XP75ehBnMbeQeY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd58ca31cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 7859 12 B
181 B 87ms
87ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=5126971691201912739
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 40AF 424 KB
122 KB 43ms
42ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PV2Q08vEJw1w1GxbCMOA6PSuFTCLlzo4mRTNveMg4UtHvZ4C1blhGP7vnbpQKqwkBL2VLzUUG0L67IN1NuG0ywERENTh5ZAje9G%2B8LhbKYYUDyke9dpl1JYfjKT29nuBnCz8zx3WbeByBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd59cd11cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 7859 12 B
181 B 73ms
72ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=5126971691201912739
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 193D 424 KB
122 KB 46ms
46ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIbHAiJeaTcmjR%2Bvl6JXWy7r0cUa3WAnb1Q%2FJOtsGSVDDHijBPOPfI8m1BSGrangsF9F3sWEq5cqrTtSUwVx7ZgaSfjvTqjV0H%2BO6fYZASH1NzSpsaIB7h7IVJhkvwiT4T5xnjN0KJOUwyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd5ccf01cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 7859 12 B
181 B 50ms
43ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=5126971691201912739
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 104C 424 KB
122 KB 42ms
40ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nXRxRAGGHBwFZkdqXkReBjWO9zqgg5pEJrHabd8Xv%2Bd0XbuRoB2HzsONwIoDAJcsG%2FUMai0cV01fKIwtWobrxIEiyC22Mxm9cR6XT%2BD1jHkYQfRcF%2BY83SyyPzijgcPy6XZhpD7khRADZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd5ed041cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 7859 12 B
181 B 52ms
51ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=5126971691201912739
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame E44B 424 KB
122 KB 46ms
44ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9lNM9c6%2FvSHYUf%2Fr1nuuWSe6H81%2FBzsAftmfvehzJdCc2cLBv0aiHa%2BhXBKQq95WfKhtXzmWad94YuJZsL9BJkoZ%2FdQzUsNG3VjSU3JmefqZImq8yUSJPHNMZTx%2FkI6pztZAxKSWwGWNws%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd62d301cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 7859 12 B
181 B 49ms
49ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=5126971691201912739
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame C699 424 KB
122 KB 42ms
42ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwYzSZ%2BIxCeP4yX0HX%2F4lwrfAnSu%2FxugtAh3EZu6z3UA1ks15ZmlDC2J15j3jsRMXccAeQoIGSTrzLKvUfSY%2Bdl5NZ8EJNsWI%2FYbAR4l2oNzwenoelb51E78Jis8Qb59LjBR1lr0y%2BeqDBw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd64d411cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 7859 12 B
181 B 48ms
48ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=tsvywhsu3dccosod7zsfh&cb=5126971691201912739
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 212ms
82ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Aug 2023 02:18:33 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 72D8 424 KB
122 KB 40ms
40ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piK3d1SYUHvnafO%2FJQprs1VPeS4tWEO1haEytTQ3DAN2420bxEqj4JaSP0Cp%2BzCEr%2FjLaPRjufOuvR60hI3%2BI4UP1rjCIS7Y7NhdN3ZOOG8V%2ByMU8rIQ8L0bmUGBFIrjjnF84xZrr8s0%2FBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd68d931cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 83F9 12 B
181 B 47ms
47ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=2628631691201912755
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 2630 424 KB
122 KB 41ms
41ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zhZ7slXKizhRl6OGGn9TPKa5H5QGxCeUmHQlHxitzyckwRu7HkwBpDNXMxnieohUXCHsrDuTbvqI5Wtl3Hh7Ct1SxpQdFofoEFaCgZXYZZIrnOdNwuzEM9y0AC5eBP8qtfSe73VfSLpDBk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd6ada21cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 83F9 12 B
181 B 47ms
47ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=2628631691201912755
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 49FA 424 KB
122 KB 40ms
40ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FujSCcPcQXmB%2FrbNV3K6pSNseFLgQLnkIMLDwXOPYB%2B76K2pwpGv5qA1nYoaur6eXIswQtXFf2lJhc8gFDjMKAXdE26ppk%2ByebQnXx1FXTLxQQE3wtBBGVTYgVjHJY6T%2Fb1N%2F7qsYPL2ztQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd6cdaf1cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 83F9 12 B
181 B 48ms
48ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=2628631691201912755
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 4585 424 KB
122 KB 39ms
39ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3CXF9%2FWSB5b0evwyZaL7JgBSkrS22k7MVzM62%2Bx5xpfGWB8KQvsPnmfgQpbQOtTN0xv%2FlhJtQ6agn3vr9pazZ%2BjyTKLi%2BD2HMA%2FrO%2BLH%2BDDQ2YNQyxHeXLEq35s4yNvSkmAA3PgdklOAXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd6ddc31cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 83F9 12 B
181 B 48ms
47ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=2628631691201912755
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 41C5 424 KB
122 KB 44ms
44ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJY5thRFV30CWv689s24tbkOpZy5BqSMJhI2Ao6p5lX74EwMw9Bm1LPlIKUf5ETWM4SmqivWgEX6sUennkO3roJpzBAiYxxz%2BnbBtZoFn85kt23ga6yxtz2wM5WzsRDu9k9NnwmDAsyeceU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd6fdd71cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 83F9 12 B
181 B 52ms
51ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=2628631691201912755
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 31F3 424 KB
122 KB 45ms
45ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ysw6zeqN7ejM1doL%2B8t0xJ%2BFolNYY0LqkHSLDJA8a1NjL8hN82CI7zINJ9%2Fcs3WzB2RtQ95v0cP7h3naopbNdfMjSFIU%2Bc7kBAnY1p%2FKYalElsC58coPRrvDqTklF8O6QwXKsNNYjhLxZVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd70e1d1cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 83F9 12 B
181 B 48ms
48ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=2628631691201912755
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame DC17 424 KB
122 KB 41ms
41ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCBLr7f69aUuLn31JWhaCm34bljOwGS2qRKjjrd2vYDkCIvnI7ltwSKKjbOG%2F4mjfuAIqcWuUl5ZTv3SQaJJk25OSO92gydcjgIUEWb6vuFGZv03eBQ4VB%2Bne2Quyk0tMY%2BeOBAVmAm9yZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd72e2b1cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 83F9 12 B
181 B 53ms
53ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=2628631691201912755
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame D5C3 424 KB
122 KB 42ms
40ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Vl%2FMZW7ie%2BkS6bveVRh7KoVpP3j17YM8Gj2oBjWAnMud7BnCFR%2BvZZWzGfhHIeff7TzODTvrudUvIf8kySIbFyKdpMZvFj9hvvawxmEWoxYwu4VqFbM4SbR88lT0670Jv2a4B52zuZljP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd73e3f1cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 83F9 12 B
181 B 49ms
49ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=p17507zcwy1drux4xxi2j&cb=2628631691201912755
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame E61F 424 KB
122 KB 40ms
39ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IHx4TbHFaxYHvGCvBOa8RAZAzxoY%2BK8KuwlrorPxJQ8BXhd4LiYJSufcDomAF5mLI%2Fo6hkXHOtT%2FJZI4eWAXpcJv67e5c6%2BpRVuYxUBa8glcfrT9J4nu7yxcqyl%2FSAcUZXNPNB86n97RN8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd75e5d1cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 7C62 12 B
181 B 47ms
47ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=7281821691201912728
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame DBC5 424 KB
122 KB 43ms
40ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcivCjaO4%2BZgHY7Cz7d5%2B1lLPWUSv1ofFFEgN1scnTbLUICggNniVE2gVissRLQ9Xg8c11fZNo3jFKm4dM6N2esWcAvqTvXEdB%2FPKRLM0RzZ5MOT6T%2BT4OVTn9dZ9fzCg8U3lFn1CR0kK%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd78e7d1cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 7C62 12 B
181 B 50ms
50ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=7281821691201912728
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 3EFB 424 KB
122 KB 41ms
40ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ee0FhHmqNZLJBkPaUuGu90eLDomJ0oTrzsPsHUvJaP1OWgsU39zl5%2FVjGr6%2Bn35IBzFRMQyIXDrLWKdKGSEzFJSjKEPrKIgM9LXdg%2BrWqzx54gIHuV2Fu%2BdxJgLZkSAW5mMoI%2FDwOYdKsyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd79e8d1cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 7C62 12 B
181 B 48ms
47ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=7281821691201912728
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 8C02 424 KB
122 KB 42ms
42ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BR07ZAFYRz2pAn6DDDJAikgrxelTeekZjapcQoPmusoPAZ17RxkSoJ9IGV7M26yr%2FxHVzTgmLp%2BhBodi8y5A0VE34FW9mFD5nVK%2FfH87%2BYcyTTMnPu7Bh13zrVAaBjSTbHYvXNMTHKiCZ1o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd7bea01cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 7C62 12 B
181 B 48ms
48ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=7281821691201912728
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame E9AE 424 KB
122 KB 42ms
42ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gi4gksJhZ3kFL2Z4lZLKE3bihD%2BRMdGcl9ByVauy7iDpP5Xah4nHBKAOb23p0pk4bFbWgTv9crydFL6Zgq0tb0os%2BragRDnOhl2BWUj%2F%2Bkjp%2FCuYuB37NtwdsSQitGxNF%2BFQXGkceGgf4dk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd7ceb11cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 7C62 12 B
181 B 50ms
50ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=7281821691201912728
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame EF80 424 KB
122 KB 42ms
42ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMBPFAnf86u4JV2i%2Frn5%2BvMV4K3jopF3ytu9e2eI7ledyvJD95QizbHc%2Bz4mQXXVJPwh%2Bdkr%2FLMdkHpP8u3ffPZgKbvamI3mZlqMs1zM9dPF10s96wnKUupwQBl5PW0ZNMliKjvxOM4XTvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd7eebf1cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 7C62 12 B
181 B 47ms
47ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=7281821691201912728
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 588E 424 KB
122 KB 44ms
43ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqXzwZBiT0b6bYyFYOS7bNQZy50I0I0SnYLIucTVBnHdYcGnRk2Se4vA%2ByG%2B8hqlcqpKGCjXzXm7gkcGvdgESW46OBWrtBsJ%2BDdHhlu9dC4BBu5C%2B3CWr7Bnp0aGCKXcLHwqJ0WCJeMu0pw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd80ee01cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 7C62 12 B
181 B 47ms
47ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=7281821691201912728
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 0FF5 424 KB
122 KB 40ms
40ms Script
application/javascript 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4V6QCAP9CBYVQ584
age: 4199
x-amz-id-2: 6BmlEhNcaeWMmULWxE3bg+CYuYtrsW4ZjibSWuT6D5CXkNEOpAeXhYNhPWsXXkpffaHmt4gKOQw=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCPs%2Bu6z3uT0KI03r4rrAy%2F5GN0RJ7lUgtDs1S9eQwX51byFPq34Yqz1RIS%2BWJS45714%2BD5lQmRFcWwqPS87IG%2BeaTsK0oxP68PgDzPY5SHjK1l8c9c8hcCswx4LOjdKxDJNj07MKSzCr1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f1b8cd81ee91cc6-AMS

POST
H2 200 / Show response
s.richaudience.com/ex/ Frame 7C62 12 B
181 B 395ms
395ms Fetch
application/json 162.55.101.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/ex/
Requested by: Host: sourserve.com
URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=7281821691201912728
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.101.55.162.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 05 Aug 2023 02:17:21 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
content-type: application/json; charset=utf-8

POST
H2 204 csi
csi.gstatic.com/ Frame 7C62 0
234 B 552ms
195ms Ping
image/gif 2607:f8b0:4012:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lkxdyc5q&chm=1&e=21060099&ctx=2&qqid=CP32-Im6xIADFVGXgwcd2iUFvA&met.4=fb.8~lb.5f~ol.6l~idt.c5~dt.-57&met.3=739.5g~738.6i~749.6i_3~736.6q~735.6s_1~740.6t~113.ow_3~112.ou_4&met.1=1.lkxdybgw~14.1~15.1~16.1~17.1~18.1~19.1~20.1~21.1~22.66~23.66&met.7=CBsQCDgB~CCIQBBgBIAgoCDBsOGRoCXBreKwCsAEBuAED~CBsQCiAJOJIB~CE0QChgBIAkoCTCYATiPAWgNcHB4gsMDgAHWwAOIAaGbC7ABAbgBAw~CBsQBCDpATgj~CCIQBBgBIO0BKO0BMLUCOEho7QFwtAJ4rAKwAQG4AQM~CCgQChgBIPMBKPMBMLgCOEVo9AFwsAJ4zrwBgAGiugGIAZH1A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7C62 0
54 B 552ms
195ms Ping
image/gif 2607:f8b0:4012:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~lkxdyc6z&chm=1&e=21060099&ctx=2&qqid=CP32-Im6xIADFVGXgwcd2iUFvA&met.6=6.1_CgwY_wEgpAEqBAgIEgAKDBiqAyClASoECAgSAAoLGO0EIH4qBAgIEgAKDBjuBSCMASoECAgSAA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 202ms
34ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:33 GMT
server: ATS/9.1.10.57

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 8B26 0
533 B 256ms
142ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 8B26 66 B
116 B 137ms
69ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 0fc3360ce0759964a57972566e1209b2942637c0ca5ae4304899cf97dd7d6cec

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 8B26 171 B
559 B 418ms
184ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 8B26 342 B
683 B 248ms
142ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=43&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,6b4d27c7-2d52-4029-b962-6e46377d01d6,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913047&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5ace53da-99b7-4cdd-8206-88527bcaa01e&l_pb_bid_id=86795da6e9614e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08236228717550897
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 30ac2fe51a08ecba2469e4c2bd6665d1373d2d99784312b6afeaef4e7f5d54dc

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 8B26 145 B
964 B 324ms
265ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

262b8ab4e1800fb51410f01aa7d3df0f3231bafc546a23674627d511fae4cbba

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
an-x-request-uuid: 9bb2bec9-b9b1-4d19-9be5-2d5b640be237
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 8B26 19 B
545 B 114ms
33ms XHR
application/json 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&tmax=10000

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
accept-ch: sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 8B26 0
195 B 127ms
36ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=71333277992&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 112ms
34ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:33 GMT
server: ATS/9.1.10.57

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame D470 12 KB
6 KB 214ms
213ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

09b81e1bdf01672c993e3f5009b9ee66d00eb6164ade3a9c8d67cf73b09d5a14

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
an-x-request-uuid: 2b79388f-49aa-4954-b0e8-1f46daa78c85
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame D470 171 B
559 B 308ms
161ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ Frame D470 0
234 B 166ms
58ms XHR
text/html 157.90.3.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.144.3.90.157.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
server: nginx/1.14.2
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame D470 0
196 B 44ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=88290166767&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame D470 0
534 B 149ms
127ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame D470 66 B
116 B 135ms
68ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 42daf128a797f05b9f2ad36dcf94d33e5441cd9de806d0c95494abefff3d4230

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame D470 19 B
544 B 34ms
34ms XHR
application/json 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&tmax=10000

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
accept-ch: sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame D470 342 B
681 B 155ms
139ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=43&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,2eab2466-5b23-4298-ae55-d6ba2dbfd515,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201912999&tk_flint=pbjs_lite_v7.19.0&x_source.tid=58eed33a-9266-4a06-ab3f-f185d96a5332&l_pb_bid_id=167ddba8d0dc2fd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.36206051867668143
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b5639e8e502c469e91cfcbcda3032e32478a3752dc66a691e75abc6adcaebeb9

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 106ms
33ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:33 GMT
server: ATS/9.1.10.57

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 7F65 0
195 B 51ms
48ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=56207279293&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 7F65 171 B
559 B 280ms
140ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 7F65 66 B
116 B 134ms
67ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: a2c6cf939f490f199869ea850ab0a1824c3423db9f16c6f77d5f4bf2a791438d

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 7F65 19 B
544 B 33ms
33ms XHR
application/json 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&tmax=10000

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
accept-ch: sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 7F65 145 B
965 B 149ms
149ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5e6f10f24e5a6b558a783cb5987f4f99e5262cacb69e0db96a47eee87bd3230b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
an-x-request-uuid: 7ce69000-0141-4017-b657-c3997f7c7bc7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 7F65 342 B
682 B 150ms
139ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=43&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,cef0de2e-21a1-4827-ba4b-cd802a06a3df,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913061&tk_flint=pbjs_lite_v7.19.0&x_source.tid=fd2adc08-30cf-4efb-9c94-840c1a343167&l_pb_bid_id=12520095f902f17&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.12809850288941216
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d6956ba361d8d8516e40604e443adac177abf6462fb9ea41d10c5a03ccb39e2c

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 7F65 0
533 B 142ms
128ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 99ms
34ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:33 GMT
server: ATS/9.1.10.57

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame E638 12 KB
6 KB 215ms
214ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

21fa8cbcd0bd7baead27834fe9c1ffe51903fb431bc297a0a06b7d09772c3951

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
an-x-request-uuid: 751b7354-dd93-403f-8085-b7bed039a11b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame E638 0
195 B 36ms
36ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=88010529594&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E638 342 B
683 B 146ms
141ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=43&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913075&tk_flint=pbjs_lite_v7.19.0&x_source.tid=9755cd84-331c-468b-b887-9a598618f3a9&l_pb_bid_id=66e20d3ab6f37&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.11786952962990682
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3a35b3a789cc4a8f56e3adae741e471b8f28614b24198fecbe60b8b85b69127e

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame E638 66 B
116 B 138ms
71ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: c9efc5367a0f3b463c175da7c2911c6b5be44af90135346f0f86fa63843c1ee0

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame E638 19 B
544 B 33ms
33ms XHR
application/json 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&tmax=10000

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
accept-ch: sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E638 171 B
559 B 280ms
149ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame E638 0
533 B 161ms
154ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 4D5A 19 B
544 B 43ms
42ms XHR
application/json 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&tmax=10000

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
accept-ch: sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4D5A 342 B
860 B 128ms
127ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=43&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913090&tk_flint=pbjs_lite_v7.19.0&x_source.tid=61648d44-2aad-408c-8207-9262d68fc228&l_pb_bid_id=479a25d05409ae&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6271701411563098
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6cf11ffaf063b0874ee655c1e08da85c510b1c9fc5cb2b793c5e4b04fcb02d5f

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 4D5A 171 B
559 B 278ms
152ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 117ms
63ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:33 GMT
server: ATS/9.1.10.57

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 4D5A 0
533 B 169ms
167ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 4D5A 0
195 B 57ms
57ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=995414695&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 4D5A 12 KB
6 KB 233ms
233ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

61c9418d536f51e7419c9a27af9dfe8d6ea69ee060b473c53b4f7cad36d1e9db

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
an-x-request-uuid: c9ff1c16-f638-444b-8687-00805a460add
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 4D5A 66 B
116 B 108ms
71ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 9c1d26e3e6f9b15bece5f1912bd35e4be904829d6c6dc7e73010e1d8cc8c764f

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 84ms
34ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:33 GMT
server: ATS/9.1.10.57

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame EF90 0
533 B 147ms
147ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame EF90 171 B
559 B 270ms
152ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame EF90 0
195 B 49ms
49ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=68009001072&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame EF90 6 KB
3 KB 236ms
236ms XHR
application/json 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&tmax=10000

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

Software

Resource Hash

5f9eab8ad5485ccef3019096c01b9bda7c30ba98b21fb348ee983112accabb68

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2514
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame EF90 12 KB
6 KB 235ms
235ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ec82b34f1e3e6f9e2409d243a07090a7290b678059a174463431d6b413840e95

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: ffe808cb-43b3-4ffd-8f53-62433b0f9c2c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame EF90 66 B
344 B 133ms
66ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 312b067b01f64e9f6efa97ef8c7391cbad5c7e4e814c2d0d0fd214ba521956d9

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame EF90 342 B
683 B 127ms
127ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=43&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,43eeb9d7-ea9a-48a6-a052-c9eff76c40e2,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913119&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2e6644f8-a9ea-4d94-aca1-54eaa4bdac41&l_pb_bid_id=14b6fbbdfa2e016&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9117437533747736
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7662b416cae2e4b8d072bad8ef551a81665c9615868c62f5376da5af632a05f1

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 81ms
34ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:33 GMT
server: ATS/9.1.10.57

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 3D30 66 B
116 B 137ms
70ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 647894e92f71c82668df312fe6d0071985f95566ecb862a1fce81d22c4aeea2b

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3D30 171 B
559 B 370ms
117ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 3D30 0
195 B 53ms
53ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=36386245489&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 3D30 342 B
683 B 131ms
130ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=43&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,05d86905-b8c6-4ed4-a09b-d7034e6d1721,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913104&tk_flint=pbjs_lite_v7.19.0&x_source.tid=0f41d126-6436-4fda-9c0a-d7405b2053f1&l_pb_bid_id=806fe9f598cd07&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.20421187781453143
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 33184878ac6c694422a00ee3901397f97669717adc656dcec1a34de32e968438

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 3D30 12 KB
6 KB 229ms
228ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e5d16f5e7abb7c947ab0e9e19d902cfeabfa176b7b0c75ed1516505ddd0acfdd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: bd72a6a0-b724-424a-bce1-abddef017c99
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 3D30 19 B
544 B 33ms
33ms XHR
application/json 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&tmax=10000

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
accept-ch: sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 3D30 0
533 B 129ms
129ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 100ms
61ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:33 GMT
server: ATS/9.1.10.57

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 60AD 6 KB
3 KB 185ms
185ms XHR
application/json 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&tmax=10000

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

Software

Resource Hash

1da72996af1fa0bf3a79f8c021db0f3c02ba8b3b3fc4e14159ddea0e30e26ab2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
accept-ch: sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2604
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 60AD 12 KB
6 KB 226ms
226ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d57fbc235bc44d7c61a913a90036523ffe75072ff80951e3dd254c263fab64ca

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: 672ba428-d54e-42eb-9e06-d09adade6bd9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 60AD 0
195 B 40ms
39ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=87825330403&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 60AD 0
533 B 122ms
122ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 60AD 66 B
117 B 111ms
70ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 6d460eb1d9f21ad5bb0addf8d85f30ee0ca7bc69483a9395a97dca54611e1d1a

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 82

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 60AD 342 B
683 B 116ms
115ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=43&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,25cf8784-fc87-447f-8f7f-60801c6555a2,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913132&tk_flint=pbjs_lite_v7.19.0&x_source.tid=bf57fbe1-83f7-46ed-a8e8-2a23b5bd7928&l_pb_bid_id=12280f84edf2c28&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.012425780160271627
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 072fbeed19523e70bda2f20a695392b643c9212bd7272a326a5e6a6e060b9f8f

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 60AD 171 B
559 B 395ms
135ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 97ms
60ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:33 GMT
server: ATS/9.1.10.57

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 6E16 66 B
116 B 110ms
68ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 994ba1984d953316ab73b4f808f41308ad665b4663aee139a45b093e063049d5

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 6E16 11 KB
6 KB 212ms
211ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

12faf22005bec68fb8d3db2afa60d1586b2e9733eeb247336d78fbb4ff738e15

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: 26cfa5f1-2741-40e6-a05b-3fb81cbdc8ff
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6E16 341 B
681 B 132ms
131ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=9&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,f9c363be-1145-434c-898d-bcb91fea9155,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913155&tk_flint=pbjs_lite_v7.19.0&x_source.tid=4002e5d7-a923-4949-b0b6-bca19b78ee22&l_pb_bid_id=604fd235d10a5d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7105191373132067
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3127b2900c8ef9b9f31accc3cc2efe1953cde4d1b13b8a155a871af73a46601c

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 6E16 0
195 B 36ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=16135749563&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 / Show response
shb.richaudience.com/hb/ Frame 6E16 0
233 B 122ms
60ms XHR
text/html 157.90.3.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.144.3.90.157.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
server: nginx/1.14.2
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 6E16 171 B
559 B 401ms
145ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 77ms
63ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:33 GMT
server: ATS/9.1.10.57

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 6992 0
195 B 36ms
36ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=58983348024&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6992 341 B
680 B 123ms
123ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=9&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913169&tk_flint=pbjs_lite_v7.19.0&x_source.tid=59070135-50f9-4f54-a930-9ddac1305d04&l_pb_bid_id=470298dbafb45f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6682814121351985
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7273f57cb98afcde27ee9b06f4321f8ed5e89c699d6248af4ad34f54cc5daec1

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 6992 66 B
116 B 106ms
70ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: f6c5b35ce0823603474903bc0a070cc2479aecb69b03e7b0c787e228646f959d

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 6992 12 KB
6 KB 241ms
241ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b8b33913a23c1d4dd4ea1afb1d398b2f740a219166a6f47ec1c485b2b30c6f16

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: 1eae0fc4-6ee6-4f3c-b5d3-aac1095a286d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 6992 171 B
564 B 375ms
140ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 72ms
63ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:33 GMT
server: ATS/9.1.10.57

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame C2D0 0
195 B 36ms
36ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=32430652777&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C2D0 171 B
564 B 386ms
147ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame C2D0 66 B
116 B 106ms
69ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: ac5c27609769d5d680d34c90abbb626b715d4b6cd0f039e3db17f3e6db1eba66

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame C2D0 11 KB
6 KB 168ms
168ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2d4c8d2e2ba6cb0248e65805b942c5b9a8ef06cfc1b305c120075d391ff0fbc0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
an-x-request-uuid: cac4fa74-4239-4c33-9ecc-fc48a260dfe6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame C2D0 341 B
681 B 132ms
132ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=9&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,dbf9a246-303d-4eea-b29c-18acceef5acd,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913184&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ec19db94-f9ee-4a49-8001-53806e2de4e8&l_pb_bid_id=1037644d04ad5b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.07534998244157531
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d0ebf114b50c8b83d066ef42db568332577ca860396f8409342f4115e88deb6b

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 68ms
62ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:33 GMT
server: ATS/9.1.10.57

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 40AF 0
195 B 35ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=78882844685&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 40AF 66 B
116 B 107ms
69ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: dd8c24f457f989f67d0d9e61256da604cf3c0478dae1dcc77bc9f7a150573efb

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 40AF 11 KB
6 KB 240ms
240ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5c9a31cff4131bfa107071f5a4426fd5fefbcdaca9187a46514eb451f5ebbae6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: 7d150138-2723-4784-97cf-db3dd1a8c262
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 40AF 341 B
682 B 134ms
134ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=9&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,f5a39bfc-df45-47f8-a4a9-335ad305cefa,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913198&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a5a4312a-9aa8-4165-b305-9aeb652283ec&l_pb_bid_id=868405c1c31263&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3343826771429579
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b68e7016eaed979935279ad89af1b38ba8799ac2d6d8b3a477f80213c1e0c92b

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 40AF 171 B
559 B 388ms
134ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 193D 171 B
559 B 430ms
105ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 193D 341 B
681 B 146ms
145ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=9&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913224&tk_flint=pbjs_lite_v7.19.0&x_source.tid=da55c5dc-7ac2-4ccb-96e4-c083c2658e8a&l_pb_bid_id=4463d944c20d67&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6420026352334618
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1e5940fc890fe7e744e96d1639b5270df569fa48aed4be2e6e0b52ed495c1995

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 193D 11 KB
6 KB 159ms
159ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

804901b8936d0a61c01f049a217f91541f21325471babec37d7f0c054222c850

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
an-x-request-uuid: 2f30c2a2-db2d-4b98-b196-db7837d8b791
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 62ms
61ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:33 GMT
server: ATS/9.1.10.57

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 193D 0
195 B 36ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=95095341321&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 193D 66 B
116 B 107ms
71ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 1741f36a3116e0262697b1e4805ecdfdd53ea9088933ad8016ba38066b0d7421

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 59ms
59ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:33 GMT
server: ATS/9.1.10.57

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 104C 66 B
116 B 105ms
68ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: d33722d6a09db17e5929e7b73daa8fa28d97ba111658ae050fe0abc7958f510a

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 104C 171 B
559 B 476ms
123ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 104C 341 B
683 B 139ms
139ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=9&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,ac846d01-82e0-48a5-85de-d71323094dcd,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913242&tk_flint=pbjs_lite_v7.19.0&x_source.tid=591c40c8-5833-426e-9df1-61ba05a6222e&l_pb_bid_id=67e4e1a29ed18c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.29640856971522656
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 611451a55d13c93f1da349a3c1b4b1b20424a2cc371a9a0f2203465eeb16d051

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 104C 0
195 B 35ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=5974550343&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 104C 11 KB
6 KB 204ms
204ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

faccfaad26a779f9ca9fc6bff49ba999f081c513f1e9d4693e090aed5de7d86f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: db20d7d3-286a-4110-8e4a-910e8c59bd38
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 49A2 13 KB
5 KB 62ms
60ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 19152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 20:59:21 GMT
expires: Sat, 03 Aug 2024 20:59:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 075C 783 B
1 KB 194ms
69ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2382d8e36db9a3c8daa5bf013cf613c07d78cc37d2bc9a04db9d311926b81284

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-atcg3WF270AoSwmt2YLXBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-atcg3WF270AoSwmt2YLXBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 05 Aug 2023 02:18:34 GMT
expires: Sat, 05 Aug 2023 02:18:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 34ms
33ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:33 GMT
server: ATS/9.1.10.57

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame E44B 0
195 B 41ms
40ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=18992429116&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame E44B 11 KB
6 KB 189ms
188ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

58db1fe7dca9c9ab7024401aac5a2d7490a70792caadaa3f73a429dc75f7c9e1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: a23eda50-4fad-4bb8-80c4-acb2b4dd45b7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E44B 171 B
559 B 339ms
111ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E44B 341 B
398 B 96ms
96ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=9&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913286&tk_flint=pbjs_lite_v7.19.0&x_source.tid=353d6bf1-f40d-430c-959d-870cb6afa47a&l_pb_bid_id=84abe869756cc7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4953624499813558
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5ba402d4fff181e491b7361a6d1f608cb1dd74c12776b60299cbd171346dcd31

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame E44B 66 B
139 B 41ms
34ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 3693cc12cfc29f8ba7659362631d3fd514c01934cc390c0b00f5b29c4ad064b1

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 36ms
36ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame C699 0
195 B 38ms
38ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=82792449343&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame C699 13 KB
6 KB 168ms
168ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f582716fe8acd952971127b53734bb58efb6eee67179a0284de4e3a22631f988

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: 5c538706-a0e6-4da7-92e3-3eeb1ca54e4b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C699 171 B
559 B 347ms
118ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame C699 66 B
116 B 39ms
36ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 5ba5eee7c41c9c4d83a70300e29fcb68d426ed78e26d984f8d0758cc069d9e02

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame C699 341 B
375 B 101ms
100ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=9&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,456e9967-8e8a-43d7-be31-231986bd0866,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913302&tk_flint=pbjs_lite_v7.19.0&x_source.tid=625d7a9c-8ca7-4f4f-a1d1-58b45eb37ca1&l_pb_bid_id=10bba6e4c2cac6f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9623081228016865
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: decd3e00bfc13030f28794df73f7d63c5805ec9ea326485280e5ed5cb68c9476

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 34ms
33ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 2630 171 B
559 B 375ms
143ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 2630 66 B
116 B 36ms
36ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 4cff760f94167adbbe64d443a69f778c7d52a1741d4885bf9af88a75d223c99e

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 2630 171 B
559 B 384ms
144ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 2630 0
195 B 36ms
36ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=60368903161&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 2630 342 B
376 B 132ms
132ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,886f7235-2125-4487-89b4-7a02858a5944,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913366&tk_flint=pbjs_lite_v7.19.0&x_source.tid=8dc1e612-7aff-4ba5-8c3c-e9c8d108c4f6&l_pb_bid_id=107cd84ecc16778&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7698205143858783
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 61f653a4ee3f1ea54d9136e4771aeacec086bac68300f70cdc85b18291372795

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 2630 144 B
963 B 317ms
317ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e4845804e91a17e87dd8cd9156fc4667accaa692bc2bca52c817fded1755b9c9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 887d448e-078d-4ae7-a9c2-a457090fddf6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 35ms
34ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 72D8 171 B
564 B 424ms
144ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 72D8 342 B
376 B 138ms
138ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913351&tk_flint=pbjs_lite_v7.19.0&x_source.tid=07b53ae9-bc0d-49ea-8565-6d1cda8ed72d&l_pb_bid_id=4f2008aa13fd4e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8393063532107554
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2edfb4e2b0b907b22ca228f45f169c8d3a4fa66104917f66e7291497079a9fa3

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 72D8 66 B
116 B 35ms
35ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 53bace9855d7fc13840102f36fdde9855a2931b857115c429ee9d39350386ad2

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H2 200 / Show response
shb.richaudience.com/hb/ Frame 72D8 0
233 B 56ms
56ms XHR
text/html 157.90.3.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.144.3.90.157.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: nginx/1.14.2
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 72D8 0
195 B 36ms
36ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=55345995010&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 72D8 144 B
963 B 156ms
156ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b216df192272c5df4cf9df3d4fd8993b5292e7853b420e0ad8829a97d186ed8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 64af9e5d-b1c8-4d30-8949-cf689dc1c8cf
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 72D8 171 B
559 B 441ms
119ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 33ms
33ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 49FA 342 B
376 B 139ms
139ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913382&tk_flint=pbjs_lite_v7.19.0&x_source.tid=d492cb3c-f503-4aa7-984d-02884df22aa3&l_pb_bid_id=24bb0311a2928f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.37398957819037815
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e0b3aefa598882f7c3da24fb2b50d0f6435b5f16d7745a5194c20c88d5664f7a

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 49FA 171 B
559 B 489ms
164ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 49FA 66 B
116 B 35ms
35ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: d16112de269a3f5822da76f3412ed43dd4540764ea961c9385e91321b4b45479

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 49FA 0
195 B 35ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=2762467769&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 49FA 171 B
559 B 451ms
120ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 49FA 12 KB
6 KB 196ms
196ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

1dc48f458e6c28751bf7f56340fbfcb6291333c9085d5d6dcb62036dddf2e724

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: ef36ff55-5687-4409-ac1e-34d0d9e836d9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 33ms
33ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 41C5 171 B
559 B 477ms
117ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 41C5 342 B
376 B 136ms
136ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913415&tk_flint=pbjs_lite_v7.19.0&x_source.tid=6c819c04-7553-4deb-b481-179137ce5d8d&l_pb_bid_id=4c9fdf18200cf1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.030777774288363702
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 053825f9812c8939087ef626ec0f3598e8f2560a6a79340489ae46b5c62b264b

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 41C5 0
195 B 35ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=2244153791&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 41C5 12 KB
6 KB 192ms
192ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

cddfbbc7335cfb5e6c37a5f08d39e179ff23416660b636237475a55a09c15476

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: 40d1d0e7-3d4a-4f19-9489-13e18f55e644
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 41C5 66 B
116 B 36ms
34ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 4a529371457621b23bdf1667f0804d085589acffaf8d2729ae51660d444d8d4c

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 41C5 171 B
559 B 479ms
112ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 31F3 342 B
376 B 129ms
129ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913430&tk_flint=pbjs_lite_v7.19.0&x_source.tid=cb074896-9f02-4af6-af3f-4096dc1b631f&l_pb_bid_id=24f1b0eeaabe9d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3120676760587766
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bd41d19426503aa64ae4d28ad783b7e4c7c0408e10170928039b3e9b5a19f202

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 33ms
33ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 31F3 171 B
559 B 523ms
114ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 31F3 12 KB
6 KB 228ms
228ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

bee477c0b0407fc387a3a212180c68f34f9f6a078a0636bd8da5e9e992bf4a30

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: a020338c-7856-470e-bb36-8594da943cc2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 31F3 171 B
559 B 536ms
107ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 31F3 0
195 B 35ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=92726927642&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 31F3 66 B
116 B 36ms
35ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 0122bb0ec690b62cf7251b0672f30872776c83d7eba04ab714678825ce912361

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame DC17 171 B
564 B 554ms
115ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame DC17 0
195 B 41ms
34ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=19863008133&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame DC17 342 B
376 B 118ms
111ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913444&tk_flint=pbjs_lite_v7.19.0&x_source.tid=7b953721-48d0-4c2f-bec3-ee0fad1d3b01&l_pb_bid_id=6fbec46587d50b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6614922385919406
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d1d2823e3d018e19c124753405ef6312aad5f348b7aaec9f4e1af05a76fd67d1

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame DC17 12 KB
6 KB 171ms
165ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d9ecfd47d629e25ef1e52f36bc1fe2dfd3c9468b37ead58ebee4ae68eaafc55e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: 758ddb52-858c-4611-9e31-aa6edcc2d889
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame DC17 171 B
559 B 853ms
390ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame DC17 66 B
116 B 41ms
34ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: bef2e7a0999a8ed5b749118f3ada9d15172393ed5610d67be4ec2abee63f87b2

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 39ms
33ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 36ms
32ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame E61F 19 B
544 B 37ms
33ms XHR
application/json 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&tmax=10000

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 / Show response
shb.richaudience.com/hb/ Frame E61F 0
233 B 59ms
55ms XHR
text/html 157.90.3.144
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.144.3.90.157.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: nginx/1.14.2
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame E61F 66 B
116 B 42ms
33ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: b90c9f73a6fda98b1fed2fd0a20dbce821faad29f60ec174457ad903b4d48a3f

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame E61F 0
533 B 124ms
120ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E61F 341 B
375 B 135ms
132ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,3e80917b-68b4-4ca1-889e-4db4b2a720fd,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913481&tk_flint=pbjs_lite_v7.19.0&x_source.tid=e4d2fc58-87ba-48d6-a342-b75ac44737dd&l_pb_bid_id=102044faf3b5445&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7962296329489449
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f251442a522836fd793db82c2ad392df69ab88bd365f0e721e9342a286c74494

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E61F 171 B
564 B 610ms
146ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:33 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame E61F 0
195 B 39ms
37ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=83444476958&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame E61F 13 KB
6 KB 199ms
196ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ed1ac176c57c5c2b5236745714f9299f66323972795422a7cd50ababcdf8eb9f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: c6a90c5b-4e9b-4a46-8068-fc8b9f4488a5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 36ms
36ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame D5C3 0
195 B 37ms
36ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=47136036419&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame D5C3 144 B
963 B 174ms
174ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4966cdeebe522ea379f7beeacb9228f180ec14b999272819045971858f46a347

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 53ac9d9d-47f5-4e9b-a6bd-27fee2a6c8f8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame D5C3 342 B
376 B 111ms
110ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913459&tk_flint=pbjs_lite_v7.19.0&x_source.tid=1c9e3752-61db-47bc-ad92-795d61458757&l_pb_bid_id=6e3425a9d8073e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1271726761223495
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 498f9823c8b2f290df9ea5a7f01d23320aa9cb5cfe77e278e6b590bd57e73030

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame D5C3 66 B
116 B 37ms
35ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: ab9c951192e3d82483102403fdea591bb542141b38848938c0d0562397a59c5f

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame D5C3 171 B
564 B 612ms
150ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame D5C3 171 B
559 B 625ms
121ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 33ms
33ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 3EFB 341 B
375 B 133ms
132ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913518&tk_flint=pbjs_lite_v7.19.0&x_source.tid=0285f4d5-5ccb-4c26-ae02-d13d5d19ba92&l_pb_bid_id=23fde8725ebada&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7676942427641484
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8e648b19e3033f455f5108fbdd15143c12bd7bc14bf6d7bd589a3b15afdb1c47

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 3EFB 0
533 B 122ms
122ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 3EFB 66 B
116 B 35ms
35ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: cd935de441d2a800babe5cbf659a431e0ff7c2bb5208bacc4f4a7f5e9d2f8fd0

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 3EFB 19 B
544 B 34ms
33ms XHR
application/json 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&tmax=10000

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 3EFB 12 KB
6 KB 158ms
158ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

02bcb140c724f564c8d4f9c624e6bb4d8f1d2734dd5cd8ae313de7c5bfcaf73f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: 8f195557-3665-443e-a442-7d60f990115e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3EFB 171 B
564 B 655ms
141ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 3EFB 0
195 B 36ms
36ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=55693225288&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 33ms
33ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame DBC5 66 B
114 B 39ms
38ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: dcdc80f7fa04398b96b356bf8f318a58771d41fcb25360c98fa065d1f6ec956e

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 82

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame DBC5 0
195 B 36ms
36ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=11305875394&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame DBC5 171 B
564 B 901ms
371ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame DBC5 0
533 B 114ms
113ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame DBC5 13 KB
6 KB 148ms
146ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

df1e08ae6a51b0ea6b8bbbfc3f67c04931b9fe9d53e4a3aef2eef33a468a436b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: b057118f-68af-49d6-980e-8e51af219a0f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame DBC5 341 B
375 B 137ms
136ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,aada9963-6b63-44f6-b31d-07126e4a1774,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913501&tk_flint=pbjs_lite_v7.19.0&x_source.tid=fb47122e-d7bf-4b16-9f0b-07d766946800&l_pb_bid_id=1255bae8e9ffadd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.29232050372758844
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 073f2d09f13230ba4e634a2a2da71c535a6b5f72b8e151b1b371429e9d69a675

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame DBC5 19 B
544 B 34ms
33ms XHR
application/json 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&tmax=10000

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 8C02 341 B
375 B 138ms
138ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913534&tk_flint=pbjs_lite_v7.19.0&x_source.tid=6c3ad6fb-f659-407d-b78d-14b59d41328e&l_pb_bid_id=2f1e31f8a16c6c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4603214229355548
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: edd9c8a0725b706beb492f3e8f79ef2f5ec97b354a27ef33685dcc0010bd59d1

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 8C02 0
533 B 109ms
108ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 8C02 12 KB
6 KB 144ms
143ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e683c8ec53a11b2ac15b574e80515c7bd25dec1ddc1705bbd1ecdfdc946b4084

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: b6cda7cd-1df5-47b4-ba48-03181179c9a6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 8C02 6 KB
3 KB 207ms
207ms XHR
application/json 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&tmax=10000

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

Software

Resource Hash

91ed17c3b043cee9b58ecc7118a3d5ab8f09f5d5d4ab7485f762f9140600d3bd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
accept-ch: user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2358
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 8C02 171 B
564 B 728ms
137ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 8C02 0
195 B 35ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=30406990423&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 8C02 66 B
116 B 36ms
36ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 44ee3420c4a6a39f3619cc3150b0bfd559c688e900f044dd988f844f20882e89

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 34ms
33ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 34ms
33ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 4585 171 B
564 B 704ms
117ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 4585 66 B
116 B 35ms
35ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 4ea9b9226782535bcb7d58507682bbc32872cc81d64738b59ed25fd614562c19

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 4585 143 B
962 B 153ms
153ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7cdfd01427c9728e29c377236bcb4ba87adefd9be0ef21c7fddaf83edc9985a6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 1e3d82da-b084-4cf2-80d6-8b0aac532832
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 143
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 4585 0
195 B 35ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=17669403357&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4585 342 B
376 B 103ms
103ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,039f831d-c134-4440-b58a-be90d976554a,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913399&tk_flint=pbjs_lite_v7.19.0&x_source.tid=88d934c8-fde2-4a41-b421-cbcae6b03b85&l_pb_bid_id=104fbc9ecb7b058&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1745650996636985
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e1fb28d0995684b1fc8ea8763c09d3f38d10f3252e95f859a5c2cc61bb406d72

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 342
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 4585 171 B
559 B 717ms
118ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E9AE 171 B
559 B 746ms
115ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E9AE 341 B
375 B 117ms
109ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913548&tk_flint=pbjs_lite_v7.19.0&x_source.tid=077575ef-cf80-40c2-9b0d-5fbae78d2ffa&l_pb_bid_id=4758b21c166936&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3810185654230802
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 91d8cb6f9e04c4e878e377fe4eed417464f1831b0166e83f18b7a3b872f2f1f8

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame E9AE 0
195 B 40ms
34ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=65613037379&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame E9AE 19 B
528 B 175ms
169ms XHR
application/json 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&tmax=10000

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame E9AE 0
533 B 102ms
96ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame E9AE 12 KB
6 KB 207ms
203ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

22ef378a698e130d688cd1f8a8a11fab09b6ee381813d0983a7f3caa56c166b4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: db5271a2-cefe-48bc-8666-e3df9ef7c114
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame E9AE 66 B
116 B 35ms
34ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 44259d035de9d34107a8e641cdb9ab84dc700a4367cdb149e78f286ebe503166

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 37ms
33ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 34ms
33ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame EF80 19 B
544 B 33ms
33ms XHR
application/json 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&tmax=10000

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame EF80 171 B
564 B 885ms
195ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame EF80 0
195 B 36ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=86090407945&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame EF80 66 B
116 B 35ms
35ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 7b763a2b16aebb89ef2048c7a908b54464b98d1368c0e92ed406670be305e578

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame EF80 145 B
965 B 164ms
163ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

35db0e7967140c42e23202a877b559ba7970d95a7915d8659b9742b34ef14ee0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 836a673a-500b-4842-96f5-bd16f88573d3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame EF80 0
533 B 119ms
118ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame EF80 341 B
375 B 101ms
101ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,78e8f061-9ee6-4416-a37a-073eaafb86bf,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913565&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3ebe0378-5015-4e5c-a0ed-62b95b8b2f3e&l_pb_bid_id=14689386d7384e8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.042952268400784366
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 405db8c604929240731226264a88b5ceeb6bba6e2c2cacf76ab0b9bc53a2480a

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 34ms
34ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 588E 0
533 B 119ms
119ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 588E 12 KB
6 KB 193ms
193ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e18e34f4a4668641d99eb32ed26dac4a448e5421e749821fad57ac394b934abc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: 1811adf0-0ab4-4aac-acb7-d791cdbf5570
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 588E 171 B
564 B 818ms
121ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 588E 66 B
116 B 35ms
34ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: 3d69ef3d37bb5b58826d5c53bf94b5979cec458092df135df34db345f00e2bad

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 588E 341 B
375 B 100ms
100ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,5236d529-1e00-4d3d-88a1-1433fafe0a19,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913585&tk_flint=pbjs_lite_v7.19.0&x_source.tid=48842c40-8386-44dd-898f-8d9ab018b511&l_pb_bid_id=10014b7abc85051&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9771526038795322
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d2748ded1f3035b6044d2a26843d4420bf3aed71da9aec6ca1384f790c935168

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 588E 19 B
544 B 33ms
33ms XHR
application/json 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&tmax=10000

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 588E 0
195 B 37ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=25447122353&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7859 42 B
174 B 95ms
94ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQ-1T6CX8zQhWwpq6_zQHd2AbG0T-_vnLwtTTpP2sGGdBjs96FR1WD2T36wVoD9PZi81xvJymyc3Rv7SP6N48e73OokpbGq8Y_PUbV_UvbfjrT395Y&sig=Cg0ArKJSzE8b1CSgR7fKEAE&id=lidar2&mcvt=1115&p=50,1440,650,1600&mtos=1115,1115,1115,1115,1115&tos=1115,0,0,0,0&v=20230802&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1747618850&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691201912733&rpt=209&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7C62 42 B
108 B 95ms
95ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubE8_RlmHX7xYCLMqm1pVurjTI_lBqq-M_z5vmWp8SAiohN8_RuMjteJUcur6t-1oS22m4crkob5K7wWfjskKH8fDf4V6syowGju9yKDXZDJyHXgpC&sig=Cg0ArKJSzBRgZreUjgM7EAE&id=lidar2&mcvt=1117&p=730,436,820,1164&mtos=1117,1117,1117,1117,1117&tos=1117,0,0,0,0&v=20230802&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4198062671&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691201912720&rpt=234&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 34ms
33ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.ducumon.click
access-control-max-age: 600
age: 0
content-length: 0
date: Sat, 05 Aug 2023 02:18:34 GMT
server: ATS/9.1.10.57

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame 0FF5 12 KB
6 KB 182ms
182ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

3782d61e0afd889a3d6feee93c15c851e3db02c0bce034e886fcda143a7c8ca3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
an-x-request-uuid: 133e9c00-d0ef-4c9a-bfc2-b0bf610abc39
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 0FF5 66 B
116 B 35ms
34ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.57 /
Resource Hash: d0d8dfbe45c07bd5eaf7d33ce5a3af604e44743fd4d4b9a1ea2aa5dc770ba4da

Request headers

Referer: https://www.ducumon.click/
x-openrtb-version: 2.5
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
server: ATS/9.1.10.57
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.ducumon.click
access-control-allow-credentials: true
content-length: 84

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0FF5 341 B
375 B 100ms
99ms XHR
application/json 2602:803:c003:200::45
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=2&p_pos=atf&rp_schain=1.0,1!adpone.com,194a6ea3998f9e263238,1,e43031a5-a8a9-43b0-bc2d-aa1c94e808cf,,&rf=ducumon.me&tg_i.page=https%3A%2F%2Fwww.ducumon.click%2F&tg_i.domain=ducumon.click&tg_i.pbadslot=adpn-adtag-1691201913602&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a904ef81-934b-4ffe-8e85-9e49e408824e&l_pb_bid_id=62008d5ece213&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8536364583720981
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ab555aad6c626fa576b7a412f40ce9591ec513e2fd23edfa252ef1a08ff83421

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 341
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 0FF5 0
533 B 103ms
103ms XHR
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0FF5 171 B
559 B 792ms
141ms XHR
application/json 185.86.139.116
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.116 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ducumon.click
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 0FF5 19 B
544 B 33ms
33ms XHR
application/json 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&tmax=10000

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-94-253.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 0FF5 0
195 B 35ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=68176187854&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ducumon.click
date: Sat, 05 Aug 2023 02:18:33 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame A825 76 KB
26 KB 153ms
27ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0erHNZAAAAACgBJVI/duwRbgargH/cMJPQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame A825 80 KB
27 KB 165ms
40ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame A825 0
647 B 44ms
25ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QKEB-iEAwAAAwDWAAUBCPnitqYGEMf2rfbzhdCDPBgAKjYJd-CqlbO2sD8R4hAraYjBrz8ZAAAAQOF61D8h4g0SACkRJAAxCRvwlZQ_MKbdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4u_MFgAEBigEDVVNEkgEDRVVSmAHAAqABMqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCq4CaHR0cBEw8G1iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD02NjZmZTRhYS03YjE1LTRjODctODYxOS04ZjRiNGE3ZDAyNzgmY21FeHBJZD1MVjMmb0FkVW5pdBFFVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA2jloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzNDImdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_0NAFfZ3ZycS1wYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNDMyNTQ5NjUzODc3MzgxNDA4NyIJMzgxODQ2NzE0KgRiaW5nOiRVMmh2Y0hCcGJtZEJaQ014TkRBM05qVXlPREk0TmpRMU5EYzXAA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQPCAAQARjAAiAyKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWar7T9wZbbiBDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAFNwkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHu_MF0gcNCQkkAAAFJgjaBwYBXnwYAOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=bffdd8e51bb68ef396e1942f2be3f8852e8216aa

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 1d72c827-e7aa-4e23-93ef-fcfa001d72c1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame A825
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=1b2ccdd3-5ce2-4aa8-ab50-6a35df293400&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=666fe4aa-7b15-4c87-8619-8f4b4a7d0278&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_7-1-0?&RG=27b99b6c0899484c9d776780fdf096c9&SNR=1&GV=2&med=10

0
546 B

72ms
72ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_7-1-0?&RG=27b99b6c0899484c9d776780fdf096c9&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 93B2EB8D67B54C5494E2172D3DF4C10C Ref B: FRA31EDGE0621 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674aa2
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F38E59699FDF4EF9AA85F3BD10C0F3B2 Ref B: MIL30EDGE1011 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674a64
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_7-1-0?&RG=27b99b6c0899484c9d776780fdf096c9&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 150
expires: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame AACB 76 KB
26 KB 163ms
53ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0erHNZAAAAACQCJn7cuPmS4nrN+QmYg+OQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame AACB 80 KB
27 KB 148ms
39ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame AACB 0
647 B 28ms
26ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QKGB-iGAwAAAwDWAAUBCPnitqYGEOfI_aPjzsCoWBgAKjYJRm5VetW3pz8R9lsEAT6Ipj8ZAAAAQOF61D8h9g0SACkRJAAxCRvwlZQ_MKbdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4nfMFgAEBigEDVVNEkgEDRVVSmAHAAqABMqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4YDCpwCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1lNjQ1ODVjOC1hZjc0LTQzYTctODZhZS0wOTY3ODNlYWE1ZWYmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBljloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzNDImdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnwQ2Vnb19aWV9pMiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzYzNjM4NzA0NTUxNjEzODE5OTEiCTM4MTg0NjcxNCoEITl8OjhVMlZoY21Ob1FXUWpOelkyT1RFeE1qZzNNemM0TWoFAvDCeU9EUTVNRGMxTURBME9EVXlNdz09wAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEDwgAEAEYwAIgMigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFvoSe6qWTjJVVwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFAPoFBAgAEACQBgCYBgC4BgDBBgAAASMs8D_QBsKNBNoGFgoQARAuAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAed8wXSBw0JESoBJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=ebbdca98838114402f406b7dca486a1f9256ab1a

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 5c9e4a4e-c7fc-4fab-9224-258db3cae013
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame AACB
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=1b7e4365-9e4b-4ae1-90a1-f0d58d887506&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=e64585c8-af74-43a7-86ae-096783eaa5ef&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ad03955bb5a740e8bcd12be7c21e4fb8&SNR=1&GV=2&med=10

0
546 B

133ms
132ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ad03955bb5a740e8bcd12be7c21e4fb8&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 87041823D4C7465EAB91564405A938F4 Ref B: FRA31EDGE0216 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674a97
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7E59A5086FBF450290BDAAC8F8DF4132 Ref B: MIL30EDGE1216 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674a65
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ad03955bb5a740e8bcd12be7c21e4fb8&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 4EB6 76 KB
26 KB 183ms
82ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0erHNZAAAAABXs55CBUJgRZJDCETiCxFAQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 4EB6 80 KB
27 KB 142ms
40ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 4EB6 0
647 B 29ms
29ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QKEB-iEAwAAAwDWAAUBCPnitqYGEIDdwfyEr7W7PhgAKjYJM-nJ_n4EsT8R8ANz2KsqsD8ZAAAAQOF61D8h8A0SACkRJAAxCRvwlZQ_MKbdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4kfIFgAEBigEDVVNEkgEDRVVSmAHAAqABMqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCq4CaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0yYTM3OTUyZC0yMTRhLTQ4OTQtYTgxMS1iMTYyNjBlZjU2MWQmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgAyjloANHJ0eXBlPW51cmwmdGFnAZBwODI3NDM0MiZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGRR6emYlM0ERH_Q0AV9ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0NTAxMDE5NTkwMzExMDQ2Nzg0IgkzODE4NDY3MTQqBGJpbmc6JFUyaHZjSEJwYm1kQlpDTXhOREEzTmpVeU9ESTROalExTkRjNcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGMACIDIoADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBeuv6ovFwY7xV8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAU3CQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeR8gXSBw0JCSQAAAUmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=13ecbc2bf97f69a62be2d5c87022cead02cf40ba

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 707da4ac-d33e-4a4c-8930-d43b66855fc1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 4EB6
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=6efb2787-ef18-4c86-891e-5183cb15ab7d&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=2a37952d-214a-4894-a811-b16260ef561d&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=5a54d38ec6434e5993059badc089e674&SNR=1&GV=2&med=10

0
547 B

73ms
72ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=5a54d38ec6434e5993059badc089e674&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FF7EA37E59C3410385C5945F2EEDF297 Ref B: FRA31EDGE0714 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674aa3
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C2D200705EF341E5AA623DCF4303E17B Ref B: VIEEDGE3215 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674a67
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=5a54d38ec6434e5993059badc089e674&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 150
expires: 0

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 226D 15 KB
5 KB 208ms
128ms Script
application/javascript 13.32.99.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=ducumon_me_320x50_472xdefaultx1&tid=206227
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-84.fra60.r.cloudfront.net
Software: /
Resource Hash: 061d197b740a294ffb97ecf80a1dd5a410ba9a67a3e6b777ee344352f8898acd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: "6344e3d44cbb39d12f1c86ca259e524d2dd0cb6b"
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
alt-svc: h3=":443"; ma=86400
content-length: 4965
x-amz-cf-id: mXTrTlxMD1WD1allqnDUyk-sbFJhPV0Zgiot9mKMJXOeDYMwkjM75Q==

GET
H2 200 notify
tlx.3lift.com/header/ Frame 226D 37 B
220 B 34ms
33ms Image
image/gif 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=0.024&ts=1691201913&aid=10837199502961204692700&ec=5563_66529_OADD2.8246376968418_1IME7EK2KZ9MJ3E783&n=Gs0CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD05NmEyN2Y0Yi03OTNjLTRjNWQtODg4Ny1lN2FjOGI2Mjk4OWUmY21FeHBJZD1MVjMmb0FkVW5pdD0xMTczMDM3NCZwdWJsaXNoZXJJZD0yNTAxNTIyMzUmcklkPTk2YTI3ZjRiLTc5M2MtNGM1ZC04ODg3LWU3YWM4YjYyOTg5ZSZydHlwZT1udXJsJnRhZ0lkPTQzODU0NiZ0cmFmZmljR3JvdXA9Z2V2Y3lyeXZzZ19wY3omdHJhZmZpY1N1Ykdyb3VwPXp6ZiUzQWdldmN5cnl2c2dfcGN6X3FycGJoY3lyJmFpZD0xMDgzNzE5OTUwMjk2MTIwNDY5MjcwLTk2JndwPTAuMTIy8gL6AQgAEhcxMDgzNzE5OTUwMjk2MTIwNDY5MjcwMBgAIAEouysw4YcEQAFIAFABYBJoCnCB%2ByGQAQCYAQCoAf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwG4AQXAARjIAXrwAZPLDPgBeoACGJECAAAAAAAA8D%2BZApqZmZmZmek%2FqAIAsAIByAIC2AIA8QJmZmZmZmbmP%2FgCpTuQAwCYAwCgAwC4AwDIAwDSAyZPQUREMi44MjQ2Mzc2OTY4NDE4XzFJTUU3RUsyS1o5TUozRTc4M%2BADgabDWukDAAAAAAAAAADwA3r5AwAAAAAAAAAAgAQEiQSamZmZmZnpP6AEAKkEAAAAAAAAAADABGD4AgyIAwGSAwQ5ODk1mAMAoAOS4hqoAwA%3D
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-94-253.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 226D 37 B
140 B 97ms
32ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=18&peid=0&aid=10837199502961204692700
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame EB01 76 KB
26 KB 96ms
52ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0erHNZAAAAACOzL8aKMxkR6BcVFNJhgOmQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame EB01 80 KB
27 KB 146ms
47ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame EB01 0
648 B 26ms
26ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QKDB-iDAwAAAwDWAAUBCPnitqYGEMvxu-CMyaLOHRgAKjYJq5-KUjMXlD8RfOQ2WwoWkz8ZAAAAQOF61D8hfA0SACkRJAAxCRvwlZQ_MKbdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4zPQFgAEBigEDVVNEkgEDRVVSmAHAAqABMqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4MDCpkCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1iZTcyODRmNi04NGExLTQxNTUtODgwYi0wYmY1MTFmODMxYmYmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBijloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzNDImdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnwQHl2Z3poZiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzIxMzM3MzIzNjg3MzI1ODQxMzkiCTM4MTg0NjcxNCoEITbwwjo4VTJWaGNtTm9RV1FqTnpFd05UWXhPREV4TURBNE1ESWpNak15TWpnMU5UYzFNamt4TWpRME13PT3AA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQPCAAQARjAAiAyKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWs9YHAndSI_EXABQDJBQAAAAAAAPA_0gUJCQkMcAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8z0BdIHDQkRKAEmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=02c2627f5c3fb408cd63ffc72e73b24cfa877549

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 3db91fd6-4078-4fe3-8783-319099d0913d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame EB01
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=eea8d73d-8821-4bc8-8409-e22a883cd2bf&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=be7284f6-84a1-4155-880b-0bf511f831bf&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=a23ed69da9bf4f79a7d85132d71b831e&SNR=1&GV=2&med=10

0
547 B

87ms
86ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=a23ed69da9bf4f79a7d85132d71b831e&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 81CF604C9B6E4617B7F9DAC8AAA11DEE Ref B: FRA31EDGE0210 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674a9c
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 987E7688FE3A41778400AE1A584A7515 Ref B: MIL30EDGE0911 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674a68
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=a23ed69da9bf4f79a7d85132d71b831e&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 3DE3 76 KB
26 KB 84ms
83ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0erHNZAAAAABEnsTT9ojuQIKeIHAbndiNQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 3DE3 80 KB
27 KB 101ms
39ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 3DE3 0
647 B 33ms
33ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QLzBuhzAwAAAwDWAAUBCPnitqYGEL2Rg4au0saOLRgAKjYJAAAAAO6nrj8RAAAAgIgfrT8ZAAAAQOF61D8hAA0SACkRJAAxCRvwlZQ_MKbdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4v_UFgAEBigEDVVNEkgEDRVVSmAHAAqABMqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA_MCCp0CaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03NGM3OWZhZS1mMGY1LTQwNDUtOTA1MS1jZjY3MThmZDExMjkmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA3jloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzNDImdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnw0HpodnFmcnlhcmomYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMzMjUwNzgzNzI0MTY5NjQ0MjIxIgkzODE4NDY3MTQqBGJpbmc6JFUyaHZjSEJwYm1kQlpDTXhOREEzTmpVeU9ESTROalExTkRjNcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGMACIDIoADAAOAK4BADABADIBADaBAIIAeAEAfAERVNUiAUBmAUAoAWR0pWbyLf-xwTABQDJBUGOGAAA8D_SBQlFvgEBaNgFAeAFAfAFAPoFBAgAEACQBgCYBgC4BgDBBgEfAS8k0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAe_9QXSBw0VYwEmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=7bfc139d3d407e67f897a8ab27db128777635312

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 8e7508a4-576b-4c6f-b1bf-772010cdeedd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 3DE3
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=fe574edd-7706-4a4e-a4fc-ffaaeb511fcb&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=74c79fae-f0f5-4045-9051-cf6718fd1129&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_4-1-0?&RG=346e98aecdcb4aeba9b5923c7071ce41&SNR=1&GV=2&med=10

0
546 B

74ms
74ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_4-1-0?&RG=346e98aecdcb4aeba9b5923c7071ce41&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FE27FDA12E2C41A0B11F7A1786AF40AB Ref B: FRA31EDGE0617 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674a98
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DF3FD22681E340AA85C03A0A94707902 Ref B: MIL30EDGE0908 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674a69
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_4-1-0?&RG=346e98aecdcb4aeba9b5923c7071ce41&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 150
expires: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 95A3 76 KB
26 KB 75ms
75ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0erHNZAAAAAB4N3tprFsdR67Qx5eva9YcQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 95A3 80 KB
27 KB 63ms
44ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 95A3 0
647 B 27ms
26ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QKNB-iNAwAAAwDWAAUBCPnitqYGENSIodO-7e6uZRgAKjYJuS8eGgC-kD8ReScGmGbPjz8ZAAAAgOtRyD8heQ0SACkRJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeIj1BYABAYoBA1VTRJIBA0VVUpgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDiwMKoQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03MDc3ZjVhMC03ZjU5LTRhMDctYWI5OC1hY2NhNGE5YjBlNmUmY21FeHBJZD1MVjMmb0EyRQBUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOCDcwN4ZaALhydHlwZT1udXJsJnRhZ0lkPTI3NzI0OTc0JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ9DQBZWdvX1pZX2kyX2doYXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3MzA0MjAwMjQyODMzNDA5MTA4IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56WTRPVGN5TmpVMU56RTJNVE1qTWpNeU9EWTVOamt3T0RNM05UZ3lOZz09wAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfD9nZnpkf2bUMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYADS8k0AbCjQTaBhYKEAURHQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeI9QXSBw0JESkBJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=6993a02d8ed5893594ad9b96436a410ed3c3d801

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 77a28dab-f983-4833-beb4-1afb7a5ae059
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

c.gif
www.bing.com/aes/ Frame 95A3
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=cd37dd7a-efb5-4ea8-ae9c-259d042ea4b1&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=7077f5a0-7f59-4a07-ab98-acca4a9b0e6e&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2e9ec9bb794d443397203d60975d6d26&SNR=1&GV=2&med=10

0
547 B

70ms
70ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2e9ec9bb794d443397203d60975d6d26&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D4F5E3DD23A74BA8BE2734682CB4C0B4 Ref B: FRA31EDGE0820 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674a9d
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 400706CD9DD340ACBC7DF86DA59C9B34 Ref B: MIL30EDGE1011 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674a6c
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=2e9ec9bb794d443397203d60975d6d26&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H/1.1 200
OK 42405d30-1f2c-4692-bcd5-9e666534e635 Show response
dcdn.adnxs.com/renderer-content/ Frame 94BC 11 KB
3 KB 146ms
32ms Script
text/javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 9bcfface27a9414dd7d2cff2c9bb8fad69b7cc2cc7b3f5d50fbf6aa769b0af1f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
x-b3-traceid: dc8e244610715cab
an-served-by: hbapi-proxy-production-bfc9874b9-jm2tl
Connection: keep-alive
Content-Length: 2986
Server: nginx/1.21.3
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Cache-Control: max-age=76808
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Expires: Sat, 05 Aug 2023 23:38:42 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 94BC 80 KB
27 KB 44ms
43ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H/1.1 200
OK 42405d30-1f2c-4692-bcd5-9e666534e635 Show response
dcdn.adnxs.com/renderer-content/ Frame EFF6 11 KB
3 KB 139ms
32ms Script
text/javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 9bcfface27a9414dd7d2cff2c9bb8fad69b7cc2cc7b3f5d50fbf6aa769b0af1f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
x-b3-traceid: dc8e244610715cab
an-served-by: hbapi-proxy-production-bfc9874b9-jm2tl
Connection: keep-alive
Content-Length: 2986
Server: nginx/1.21.3
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Cache-Control: max-age=76808
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Expires: Sat, 05 Aug 2023 23:38:42 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame EFF6 80 KB
27 KB 44ms
44ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H/1.1 200
OK 42405d30-1f2c-4692-bcd5-9e666534e635 Show response
dcdn.adnxs.com/renderer-content/ Frame FC77 11 KB
3 KB 133ms
34ms Script
text/javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 9bcfface27a9414dd7d2cff2c9bb8fad69b7cc2cc7b3f5d50fbf6aa769b0af1f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
x-b3-traceid: dc8e244610715cab
an-served-by: hbapi-proxy-production-bfc9874b9-jm2tl
Connection: keep-alive
Content-Length: 2986
Server: nginx/1.21.3
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Cache-Control: max-age=76808
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Expires: Sat, 05 Aug 2023 23:38:42 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame FC77 80 KB
27 KB 59ms
38ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H/1.1 200
OK 42405d30-1f2c-4692-bcd5-9e666534e635 Show response
dcdn.adnxs.com/renderer-content/ Frame 1B5B 11 KB
3 KB 131ms
33ms Script
text/javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 9bcfface27a9414dd7d2cff2c9bb8fad69b7cc2cc7b3f5d50fbf6aa769b0af1f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
x-b3-traceid: dc8e244610715cab
an-served-by: hbapi-proxy-production-bfc9874b9-jm2tl
Connection: keep-alive
Content-Length: 2986
Server: nginx/1.21.3
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Cache-Control: max-age=76808
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Expires: Sat, 05 Aug 2023 23:38:42 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 1B5B 80 KB
27 KB 43ms
43ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 075C 0
0 215ms
93ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308010101&jk=138438793603560&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H/1.1 200
OK 42405d30-1f2c-4692-bcd5-9e666534e635 Show response
dcdn.adnxs.com/renderer-content/ Frame B7BF 11 KB
3 KB 129ms
32ms Script
text/javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 9bcfface27a9414dd7d2cff2c9bb8fad69b7cc2cc7b3f5d50fbf6aa769b0af1f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
x-b3-traceid: dc8e244610715cab
an-served-by: hbapi-proxy-production-bfc9874b9-jm2tl
Connection: keep-alive
Content-Length: 2986
Server: nginx/1.21.3
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Cache-Control: max-age=76808
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Expires: Sat, 05 Aug 2023 23:38:42 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame B7BF 80 KB
27 KB 43ms
43ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H/1.1 200
OK 42405d30-1f2c-4692-bcd5-9e666534e635 Show response
dcdn.adnxs.com/renderer-content/ Frame 1317 11 KB
3 KB 121ms
32ms Script
text/javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 9bcfface27a9414dd7d2cff2c9bb8fad69b7cc2cc7b3f5d50fbf6aa769b0af1f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
x-b3-traceid: dc8e244610715cab
an-served-by: hbapi-proxy-production-bfc9874b9-jm2tl
Connection: keep-alive
Content-Length: 2986
Server: nginx/1.21.3
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Cache-Control: max-age=76808
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Expires: Sat, 05 Aug 2023 23:38:42 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 1317 80 KB
27 KB 45ms
44ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 49A2 37 KB
14 KB 155ms
60ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 20:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 20:35:41 GMT

GET
H/1.1 200
OK script.js Show response
acdn.adnxs-simple.com/strikeforce/ Frame 5609 125 KB
44 KB 160ms
35ms Script
application/javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 954309f6fff8b00faddd8b89b52990d9ee23a1c56bb7c71ee630d77973090e96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 10:24:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64ad2dcc-1f24a"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 44995
Expires: Sun, 06 Aug 2023 02:18:36 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 5609
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ffbb3d59-6850-4bfc-9f83-509bee6e1070&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=26f06343-8b24-4031-9e1d-c5ad7e291ac0&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ed2171c16afe407fa860d1bddd0cc074&SNR=1&GV=2&med=10

0
18 B

81ms
81ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ed2171c16afe407fa860d1bddd0cc074&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 678997162A874ECCAB84752F69272839 Ref B: DUS30EDGE0309 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674af8
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EC860399927742FCAD9B57E093F2F93F Ref B: MIL30EDGE1118 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674a87
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ed2171c16afe407fa860d1bddd0cc074&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 5609 76 KB
26 KB 28ms
28ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0erHNZAAAAAAwNbEDY1tlTI64SYo60zeoQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 5609 80 KB
27 KB 50ms
49ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 5609 0
647 B 26ms
26ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QKrB_BMqwMAAAMA1gAFAQj54ramBhCZ8ZX6kuj43REY9NzxwObI565eKjYJ95R9zapSpj8RURoEEO80pT8ZAAAAgOtRyD8hURoEEO80pT8p95QJJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeKn0BYABAYoBA1VTRJIBA0VVUpgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDoQMKtwJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0yNmYwNjM0My04YjI0LTQwMzEtOWUxZC1jNWFkN2UyOTFhYzAmY21FeHBJZD1MVjMmb0EyRQBUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOCDI2ZoZaALhydHlwZT1udXJsJnRhZ0lkPTI3NzI0OTc0JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZFHp6ZiUzQREf9FMBX29lbmFxX2Zuc3JnbF9veWJweHZhdCZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzEyNzc4NjQ3ODgzOTUxMjg5ODUiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpZMk9URXhNamczTXpjNE1qSWpNak15T0RRNU1EYzFNREEwT0RVeU13PT3AA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF2aCVnsbO2_NWwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFAPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAFFCQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAep9AXSBw0VYwEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=eac56cd899c818beef8b36e116ea846ce809432d

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 46b8d9da-3ea5-4288-87bc-a64bd822bd26
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 th
www.bing.com/ Frame A825 4 KB
4 KB 36ms
35ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OPE.M59qVFtgg6%2fRaw300C300&pid=21.1&w=300&h=300&c=17
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6bc69a3495661d6ce5cda5d9fddbdccb1e46471929448319834330deb5422874

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674a8e
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 3865
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame A825 0
647 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKABOgAAgAAAwDWAAUBCPnitqYGEMf2rfbzhdCDPBgAKjYJd-CqlbO2sD8R4hAraYjBrz8ZAAAAQOF61D8h4g0SACkRJAAxCRv0UwGUPzCm3b0NOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeLvzBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGMACIDIoADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBZqvtP3BltuIEMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAETx4ABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHu_MF0gcNCREnASYM2gcGCAUJdOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=f5a322364a1d281af54f21a177000a5e3e85a781&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=3&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 517e1c35-29b9-481f-8693-2dc5811285af
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 th
www.bing.com/ Frame EB01 1 KB
2 KB 36ms
34ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7490509756837_1RDUBTRGI7H4HKLUK0&pid=21.2&c=3&w=95&h=50
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9122535ebff7a9fa340f326c989bd8147beaff944aefed16a4425c9c27e423bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674a91
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 1503
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame EB01 0
647 B 27ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKABOgAAgAAAwDWAAUBCPnitqYGEMvxu-CMyaLOHRgAKjYJq5-KUjMXlD8RfOQ2WwoWkz8ZAAAAQOF61D8hfA0SACkRJAAxCRv0UwGUPzCm3b0NOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeMz0BYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGMACIDIoADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBaz1gcCd1Ij8RcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAETx4ABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHzPQF0gcNCREnASYM2gcGCAUJdOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=11e08e004125ff03977e980b10b5def8540e18dd&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 24cee4dd-a4fc-4fbe-9a72-a470be13342e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 th
www.bing.com/ Frame AACB 2 KB
3 KB 50ms
50ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8246376968418_1IME7EK2KZ9MJ3E783&pid=21.2&c=16&roil=0.0029&roit=0&roir=0.9951&roib=1&w=95&h=50
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 72437ce3aabb652ee4c5c7c75e96fdfbbc40f31f5c97863c07921a040745e0df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674a93
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 2321
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame AACB 0
647 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKABOgAAgAAAwDWAAUBCPnitqYGEOfI_aPjzsCoWBgAKjYJRm5VetW3pz8R9lsEAT6Ipj8ZAAAAQOF61D8h9g0SACkRJAAxCRv0UwGUPzCm3b0NOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeJ3zBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGMACIDIoADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBb6Enuqlk4yVVcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAETx4ABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHnfMF0gcNCREnASYM2gcGCAUJdOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=9c45c88139b82dedfb33eb5746588aefad95d08e&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 6e28a84f-9d59-45f5-8cbb-b8e72ce80175
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 th
www.bing.com/ Frame 4EB6 6 KB
6 KB 42ms
41ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OPE.M59qVFtgg6%2fRaw300C300&pid=21.1&w=300&h=300&qlt=90&c=17
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fb822c7ee364efb363931e6365d63ddbcac4589d1e3c2867cbf3571809d6f67b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674aad
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 6057
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 4EB6 0
647 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKABOgAAgAAAwDWAAUBCPnitqYGEIDdwfyEr7W7PhgAKjYJM-nJ_n4EsT8R8ANz2KsqsD8ZAAAAQOF61D8h8A0SACkRJAAxCRv0UwGUPzCm3b0NOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeJHyBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGMACIDIoADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBeuv6ovFwY7xV8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAETx4ABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHkfIF0gcNCREnASYM2gcGCAUJdOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=716d81d9fbed7157738c26c0f94cf2674e035a5e&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: a1bd29f2-2442-4d68-9aab-c835f3abda76
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 th
www.bing.com/ Frame 3DE3 6 KB
6 KB 46ms
45ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OPE.M59qVFtgg6%2fRaw300C300&pid=21.1&w=300&h=300&qlt=90&c=17
Requested by: Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fb822c7ee364efb363931e6365d63ddbcac4589d1e3c2867cbf3571809d6f67b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674ab0
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 6057
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 3DE3 0
647 B 26ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKABOgAAgAAAwDWAAUBCPnitqYGEL2Rg4au0saOLRgAKjYJAAAAAO6nrj8RAAAAgIgfrT8ZAAAAQOF61D8hAA0SACkRJAAxCRv0FwGUPzCm3b0NOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeL_1BYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGMACIDIoADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBZHSlZvIt_7HBMAFAMkFAAAAAAAA8D_SBQkJIScBAWjYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYBHzQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAe_9QXSBw0lrgEBASYI2gcGAV58GADgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=f9fb0a2fae587e9ad9467facb1ed3c1442e50f12&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 5eb59f4e-1ef3-476d-8d50-960063fefd0f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 th
www.bing.com/ Frame 95A3 8 KB
9 KB 45ms
45ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8246344178017_1NMA7TINP5L37P9DOW&pid=21.2&c=3&w=180&h=180
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 38ae75caeb50353f91350cdb3c3ecb9c736eac86f161376295bd4c39ed76e591

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674ab5
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 8650
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 95A3 0
647 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKBBOgBAgAAAwDWAAUBCPnitqYGENSIodO-7e6uZRgAKjYJuS8eGgC-kD8ReScGmGbPjz8ZAAAAgOtRyD8heQ0SACkRJPReATEAAABA4XqUPzCumZwNOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeIj1BYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXw_Z2Z6ZH9m1DABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAk-dBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHiPUF0gcNCQkkAAAFJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=8dcf4bdf684fe3e446e5ef94fdceba2c28ec0a9a&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: f98911cd-e0da-4ce4-aed1-009d5a3df940
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/5b127f1a7825086209cb9d14d26e2f86435fb3cd/dist/ Frame 226D 190 KB
60 KB 38ms
36ms Script
text/javascript 13.32.99.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/5b127f1a7825086209cb9d14d26e2f86435fb3cd/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=ducumon_me_320x50_472xdefaultx1&tid=206227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-84.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf54dfec005ccc9a151de3efd873abcd176a13a671fee685e8d2332f9bf7f35c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 20:44:14 GMT
content-encoding: gzip
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 365660
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 61292
last-modified: Mon, 31 Jul 2023 20:38:47 GMT
server: AmazonS3
etag: "4e28196ccd897772979289bb31430844"
content-type: text/javascript
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: 1qF64-UIxlr0jLWYUHlCfastikSi5poULifehHzBpWlq6bsvgrIy-Q==

GET
H2 200 300x250.png
redcarpat.com/a/ Frame EEFF 10 KB
11 KB 122ms
35ms Image
image/png 108.138.17.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redcarpat.com/a/300x250.png
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-108.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69abb1b8af004cb630bbfd95a8986e30d78dd7256ce28afb7c03c455ab046d83

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: mgFQzrV8Di.90CBDODKoOYDWRvNqdQfe
date: Sat, 05 Aug 2023 01:28:40 GMT
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Fri, 11 Feb 2022 16:12:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 2995
etag: "3bf1905d88ab4fd345b3dcea31d90ce3"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 10433
x-amz-cf-id: c1NaFz9pY7mx75bXIENpLhtdR-4ukFAOaKVhHz-p9l95W8uJx6fLWA==

GET
H3 200 th
www.bing.com/ Frame 94BC 74 KB
74 KB 59ms
58ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7490490394736_1KT3GERPF400BDKG4O&pid=21.2&c=3&w=1200&h=627&dynsize=1
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9320751e4da06f2dd1b89ee717a245516095ea7f2985b2e33947b9a7f2e829f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674ac0
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 75524
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H2 200 get
choices.trustarc.com/ Frame 94BC 739 B
1 KB 114ms
34ms Image
image/png 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Jul 2023 02:36:36 GMT
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1294918
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: GdEgBWfujq0YEEWkJV7J6M7ZTHRZFunnaI54nNGyU7BHgVMpByzj2g==
expires: Sun, 20 Aug 2023 02:36:36 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 94BC
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=2f00a8be-b860-4498-b33d-48ce4de905df&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=dcb19040-6428-4704-b376-dd36b8f07f8c&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=87e8b16c072e4fdaa0143b55af287ad9&SNR=1&GV=2&med=10

0
18 B

83ms
82ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=87e8b16c072e4fdaa0143b55af287ad9&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6DC3915D4A1A46F99EB6BDFA59734650 Ref B: FRAEDGE1310 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b0e
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A0EDBC9068204036B8DE297FFF751F4E Ref B: VIEEDGE2017 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674ac1
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=87e8b16c072e4fdaa0143b55af287ad9&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
quic-version: 0x00000001

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 94BC 0
647 B 27ms
26ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKEB-iEAwAAAwDWAAUBCPnitqYGEJqx48yktf_mAhgAKjYJujpQkOPheD8RyjdM_GSjdz8ZAAAAgOtRyD8hyg0SACkRJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF4yPIFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDhQMKnAJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD1kY2IxOTA0MC02NDI4LTQ3MDQtYjM3Ni1kZDM2YjhmMDdmOGMmY21FeHBJZD1MVjMmb0FkVW4ZRVRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4UZGNiMTkweloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0SAFlZ29fWllfaTImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhIyMDIwOTY0NjYxMjI1NjE2OTAiCTI0NjQ1MzgzNSoEYmluZzo4VTJWaGNtTm9RV1FqTnpFNU5EazFNekEzTVRZek5EWWpNak15TXpjME9URXdOakE0TXpJM05BPT3AA-CoAcgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFw_zhqKHep7NfwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFAPoFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAE6iAAAABAAGADgBgzyBgIIAIAHAYgHAKAHQcgHyPIF0gcNCQAACQIBJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=277e1d19a3307d50f1212ea57447c3d13bc95ece

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: a8bd5c4f-b437-4751-91e0-b134c563220f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 94BC 0
648 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QL-A-j-AQAAAwDWAAUBCPnitqYGEJqx48yktf_mAhgAKjYJujpQkOPheD8RyjdM_GSjdz8ZAAAAgOtRyD8hyg0SACkRJPRTATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF4yPIFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAXD_OGood6ns1_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAABMxkBeBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHyPIF0gcNCQANAQEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=d9f1e476cb3a9f25b8005f9e6735eb302650857a&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=3&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: cf4eb053-db45-46ff-b17d-b8b0786b4ad0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 get
choices.trustarc.com/ Frame EFF6 739 B
1 KB 111ms
34ms Image
image/png 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by: Host: dcdn.adnxs.com
URL: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Jul 2023 02:36:36 GMT
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1294918
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: mhRY1yijRHKykHSFGGKkVY0z-CesLIxtBl_5QCOy1N7fSjoBY-a2KQ==
expires: Sun, 20 Aug 2023 02:36:36 GMT

GET
H3 200 th
www.bing.com/ Frame EFF6 33 KB
33 KB 43ms
42ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD.350783978240635922&pid=AdsDAM&c=3&w=1200&h=627&dynsize=1
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: edea5feb53a5426d489c790abcfdc019b861eb384f3d7e28f3753fb59e809dc8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674ac3
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 33835
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H3

200

c.gif
www.bing.com/aes/ Frame EFF6
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=a61f54ce-1ed2-4b75-ad78-1fcbaf73327c&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=3eced8d9-1965-44c3-b9cc-2651d41a043f&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=fd005494ce304c2db4a4cf2c8e12aad5&SNR=1&GV=2&med=10

0
18 B

84ms
83ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=fd005494ce304c2db4a4cf2c8e12aad5&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C737E6609F944588BB2F238BF13180AC Ref B: FRAEDGE1817 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b0d
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 328E006645E64311BEA6C99BAB5D476E Ref B: MIL30EDGE0919 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674ac4
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=fd005494ce304c2db4a4cf2c8e12aad5&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 150
quic-version: 0x00000001

GET
H2 200 it
ams3-ib.adnxs.com/ Frame EFF6 0
647 B 26ms
25ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKGB-iGAwAAAwDWAAUBCPnitqYGEOTJpNLP4efJNxgAKjYJHOzcW_x9oD8RNVq94cVVnz8ZAAAAgOtRyD8hNQ0SBCkcDST0DgExAAAAQOF6lD8wrpmcDTiYUEC1XkjjA1DLrMJ1WIu0lgFgAGj2xbIBeIrxBYABAYoBA1VTRJIBA0VVUpgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4UDCp8CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxMjcwJmF1SWQ9M2VjZWQ4ZDktMTk2NS00NGMzLWI5Y2MtMjY1MWQ0MWEwNDNmJmNtRXhwSWQ9TFYzJm9BZFVuGUVUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOFDNlY2VkOHpaALhydHlwZT1udXJsJnRhZ0lkPTI3NzI0OTc0JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ9EgBZmdub3lydnFjbmZmJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNDAwNDcxOTM3MTc1MDAyNDQyMCIJMjQ2NDUzODM1KgRiaW5nOjRVMlZoY21Ob1FXUWpOekl6TmpFNU1EWTNOVFV5TWpjak56SXpOakl3T0RNd05UQTNNRFE9wAPgqAHIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMuswnWIBQGYBQCgBfzt1Oiu5ZKZdMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbreA_oFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAABOgUBdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHivEF0gcNCQUjBAAABSYI2gcGAV58GADgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=d84ab697c6897f7baaedffa69078c5e0edd0303f

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 8bd15176-3039-4b11-9d0f-a0529aa7c64e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame EFF6 0
647 B 27ms
27ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKABOgAAgAAAwDWAAUBCPnitqYGEOTJpNLP4efJNxgAKjYJHOzcW_x9oD8RNVq94cVVnz8ZAAAAgOtRyD8hNQ0SBCkcDST0UwExAAAAQOF6lD8wrpmcDTiYUEC1XkjjA1DLrMJ1WIu0lgFgAGj2xbIBeIrxBYABAYoBA1VTRJIBA0VVUpgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqAwDAA-CoAcgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAF_O3U6K7lkpl0wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFut4D-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQATMuAQB0EAAYAOAGDPIGAggAgAcBiAcAoAdByAeK8QXSBw0JESoBJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=c19c0d1ff7100bb42db931bb1c4360fc3620d72e&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: a6bb199d-0823-410e-87c9-708711d70ad0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame A825 0
664 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKEB-iEAwAAAwDWAAUBCPnitqYGEMf2rfbzhdCDPBgAKjYJd-CqlbO2sD8R4hAraYjBrz8ZAAAAQOF61D8h4g0SACkRJAAxCRvwlZQ_MKbdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4u_MFgAEBigEDVVNEkgEDRVVSmAHAAqABMqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCq4CaHR0cBEw8G1iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD02NjZmZTRhYS03YjE1LTRjODctODYxOS04ZjRiNGE3ZDAyNzgmY21FeHBJZD1MVjMmb0FkVW5pdBFFVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA2jloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzNDImdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_0NAFfZ3ZycS1wYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNDMyNTQ5NjUzODc3MzgxNDA4NyIJMzgxODQ2NzE0KgRiaW5nOiRVMmh2Y0hCcGJtZEJaQ014TkRBM05qVXlPREk0TmpRMU5EYzXAA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQPCAAQARjAAiAyKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWar7T9wZbbiBDABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAFNwkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHu_MF0gcNCQkkAAAFJgjaBwYBXnwYAOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=bffdd8e51bb68ef396e1942f2be3f8852e8216aa&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=300&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274342&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: bee47a8f-e681-472e-a2ca-7446a51d2ee0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame EB01 0
665 B 28ms
28ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKDB-iDAwAAAwDWAAUBCPnitqYGEMvxu-CMyaLOHRgAKjYJq5-KUjMXlD8RfOQ2WwoWkz8ZAAAAQOF61D8hfA0SACkRJAAxCRvwlZQ_MKbdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4zPQFgAEBigEDVVNEkgEDRVVSmAHAAqABMqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4MDCpkCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1iZTcyODRmNi04NGExLTQxNTUtODgwYi0wYmY1MTFmODMxYmYmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBijloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzNDImdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnwQHl2Z3poZiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzIxMzM3MzIzNjg3MzI1ODQxMzkiCTM4MTg0NjcxNCoEITbwwjo4VTJWaGNtTm9RV1FqTnpFd05UWXhPREV4TURBNE1ESWpNak15TWpnMU5UYzFNamt4TWpRME13PT3AA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQPCAAQARjAAiAyKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWs9YHAndSI_EXABQDJBQAAAAAAAPA_0gUJCQkMcAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8z0BdIHDQkRKAEmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=02c2627f5c3fb408cd63ffc72e73b24cfa877549&type=nv&nvt=5&jm=1003&px=0&py=0&bw=95&bh=50&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274342&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: f054967b-5ab2-44fa-9f6d-e55b883801e8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame AACB 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKGB-iGAwAAAwDWAAUBCPnitqYGEOfI_aPjzsCoWBgAKjYJRm5VetW3pz8R9lsEAT6Ipj8ZAAAAQOF61D8h9g0SACkRJAAxCRvwlZQ_MKbdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4nfMFgAEBigEDVVNEkgEDRVVSmAHAAqABMqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4YDCpwCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1lNjQ1ODVjOC1hZjc0LTQzYTctODZhZS0wOTY3ODNlYWE1ZWYmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBljloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzNDImdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnwQ2Vnb19aWV9pMiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzYzNjM4NzA0NTUxNjEzODE5OTEiCTM4MTg0NjcxNCoEITl8OjhVMlZoY21Ob1FXUWpOelkyT1RFeE1qZzNNemM0TWoFAvDCeU9EUTVNRGMxTURBME9EVXlNdz09wAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEDwgAEAEYwAIgMigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFvoSe6qWTjJVVwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFAPoFBAgAEACQBgCYBgC4BgDBBgAAASMs8D_QBsKNBNoGFgoQARAuAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAed8wXSBw0JESoBJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=ebbdca98838114402f406b7dca486a1f9256ab1a&type=nv&nvt=5&jm=1003&px=0&py=0&bw=95&bh=50&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274342&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 44efc843-815a-40d6-bcc1-eec8772e27dd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 get
choices.trustarc.com/ Frame FC77 739 B
1 KB 35ms
33ms Image
image/png 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by: Host: dcdn.adnxs.com
URL: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Jul 2023 02:36:36 GMT
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1294918
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: _ZjTCiV4CH4OwlxQm-pZH2BIE-l--dnk3uzW7MQeK7DonNPN0nPO9w==
expires: Sun, 20 Aug 2023 02:36:36 GMT

GET
H3 200 th
www.bing.com/ Frame FC77 14 KB
14 KB 40ms
39ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OPE.M59qVFtgg6%2fRaw300C300&pid=21.1&w=1200&h=627&dynsize=1&c=17
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ee40c28d24dbb2db5b064313eb226e48633a30bc92ab3e13b01ab3d6636571c6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674afe
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 14413
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H3

200

c.gif
www.bing.com/aes/ Frame FC77
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=42b05b5f-d3cc-4c4b-a49a-5b76f73711a2&cmExpId=LV1&oAdUnit=391270&publisherId=162645330&rId=7c9f8e7c-3c97-4ac9-86d3-13c0913bae90&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_3-1-0?&RG=4a97222eda484e229472a5cdc6bb0480&SNR=1&GV=2&med=10

0
25 B

74ms
74ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_3-1-0?&RG=4a97222eda484e229472a5cdc6bb0480&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 30B4857980FE47C4ADDE48977DC36B55 Ref B: DUS30EDGE0805 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b45
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A3ED213B0CBB4CD49F1C529BB4D28DD7 Ref B: MIL30EDGE1010 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674aff
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_3-1-0?&RG=4a97222eda484e229472a5cdc6bb0480&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 150
quic-version: 0x00000001

GET
H2 200 it
ams3-ib.adnxs.com/ Frame FC77 0
647 B 26ms
25ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QLuBuhuAwAAAwDWAAUBCPnitqYGEKOk0fbtxsC1ChgAKjYJSsDdNIMIsz8R4KnSC-MUsj8ZAAAAgOtRyD8h4A0SACkRJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF4y_EFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoD7wIKmgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD03YzlmOGU3Yy0zYzk3LTRhYzktODZkMy0xM2MwOTEzYmFlOTAmY21FeHBJZD1MVjEmb0FkVW4ZRVRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4UN2M5ZjhleloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0FwFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoSNzUwNjk2MTk3NTc3MjY1Njk5IgkyNDY0NTM4MzUqBGJpbmc6JFUyaHZjSEJwYm1kQlpDTXhOREEzTmpVeU9ESTROalExTkRjNcAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAWA6OuAk5TZ_jPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAZgGALgGAMEGCSIs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYM8gYCCACABwGIBwCgB0HIB8vxBdIHDQkRKAEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=d2ac5601d55e870cdf60078a77a31aa20d3ff2be

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: f461e8f5-af5c-4886-8e4a-ed65a49a47d4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame FC77 0
647 B 26ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QL-A-j-AQAAAwDWAAUBCPnitqYGEKOk0fbtxsC1ChgAKjYJSsDdNIMIsz8R4KnSC-MUsj8ZAAAAgOtRyD8h4A0SACkRJPRTATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF4y_EFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAWA6OuAk5TZ_jPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAABMxkBdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHy_EF0gcNCREoASYM2gcGCAUJdOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=d2b8338c0acaa71bbffe88342a53001f1ddbdd96&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: b3dee00f-a356-49de-b678-2f4bd1827ce0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame CBBA 76 KB
26 KB 29ms
28ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0erHNZAAAAAChTb4jOj6DRKR2XkcqWymtQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame CBBA 80 KB
27 KB 59ms
58ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame CBBA 0
647 B 30ms
29ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QKlB_BMpQMAAAMA1gAFAQj64ramBhDMpb2DkfzgtCQYq8XxrM-TiaJMKjYJlkctJwAdqT8Rm50E8ozbpz8ZAAAAQDMzwz8hm50E8ozbpz8plkcJJAAxARvwleF6lD8wrZmcDTiYUEC1XkjjA1C6iYq2AViLtJYBYABo9sWyAXjk8QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA5sDCrECaB0w8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1jYzQzMjhlYi1hZTVkLTQzM2ItYWE1YS0zNzRkNTI0N2Y3NDcmY21FeHBJZD1MVjEmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBjjloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_0UwFfb25hYXJlLWVuYXFmdm1yJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjYyMzc3MzI2MDU4NjYzNTk4MCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOelkyT1RFeE1qZzNNemM0TWpJak1qTXlPRFE1TURjMU1EQTBPRFV5TXc9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWUpeHPmOGO1jLABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAQt0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfk8QXSBw0JASIBAQEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=8181da4985f8d3bdcf174a2a8b2cfed0c8cd9cb4

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 799e46d1-73f4-4dd2-a302-b07e37640a53
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame CBBA
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=216ebab9-f6e2-4989-b3a0-98780a4d8749&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=cc4328eb-ae5d-433b-aa5a-374d5247f747&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7aa0029971d0446984bced3893d01061&SNR=1&GV=2&med=10

0
27 B

87ms
87ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7aa0029971d0446984bced3893d01061&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D8D784FECDD643798AD187C820478C95 Ref B: FRAEDGE1817 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b4e
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EFB5FDA0BA0C4A68BA191DBEA39BBEA2 Ref B: VIEEDGE1609 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b03
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=7aa0029971d0446984bced3893d01061&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
quic-version: 0x00000001

GET
H/1.1 200
OK script.js Show response
acdn.adnxs-simple.com/strikeforce/ Frame 2201 125 KB
44 KB 38ms
38ms Script
application/javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 954309f6fff8b00faddd8b89b52990d9ee23a1c56bb7c71ee630d77973090e96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 10:24:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64ad2dcc-1f24a"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 44995
Expires: Sun, 06 Aug 2023 02:18:36 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 2201
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=03add599-8905-4fed-b4f6-4d5a475233ec&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=78c1a5ab-f1ee-47eb-87da-8a90db344b1e&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=10a49791dcef47bab024376eb74b7f1b&SNR=1&GV=2&med=10

0
27 B

87ms
87ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=10a49791dcef47bab024376eb74b7f1b&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CDE722C529B14541A0AD8185977AC57A Ref B: FRA31EDGE0210 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b4c
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 61C1EBCA13B2459D85655FC99CE546E8 Ref B: VIEEDGE2417 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b06
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=10a49791dcef47bab024376eb74b7f1b&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 150
quic-version: 0x00000001

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 2201 76 KB
26 KB 28ms
28ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0erHNZAAAAAAPBWfxPzRCSraAkzzhC7YMQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 2201 80 KB
27 KB 45ms
45ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 2201 0
647 B 26ms
26ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QKNB_BMjQMAAAMA1gAFAQj64ramBhDBzNi93an52X4Yn6vZlsKcsc19KjYJOmZCUQDgnD8R6q2Ys2Zumz8ZAAAAQDMzwz8h6q2Ys2Zumz8pOmYJJAAxARvwleF6lD8wrZmcDTiYUEC1XkjjA1C6iYq2AViLtJYBYABo9sWyAXiv8gWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4MDCp0CaB0w8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03OGMxYTVhYi1mMWVlLTQ3ZWItODdkYS04YTkwZGIzNDRiMWUmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA3jloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnwaXpodnFmcnlieXEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM5MTI5ODkyOTkyMTA0NDA4NjQxIgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak9ETTJNekU1T1RZME5qSXdOVEENFPBxSTNOamd6T1RnM016UT3AA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6QWVYiAUBmAUAoAXU2s6moMW22S3ABQDJBQAFARTwP9IFCQkFC3QAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYBHzQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAev8gXSBw0VYwEmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=c9353c6986a6d9b16798411dd82c1bd71dfeda63

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 9d2985b9-02be-4c6f-ae46-4c063bc0f8ac
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 4CF7 76 KB
26 KB 29ms
28ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0erHNZAAAAACz2/h/j32lSYTm7YDEJjMYQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 4CF7 80 KB
27 KB 47ms
46ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 4CF7 0
647 B 27ms
26ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QL6BvBMegMAAAMA1gAFAQj64ramBhDQrK2L_JmahiIYq8XxrM-TiaJMKjYJwuj8AWRUoj8RH91JaMVpoT8ZAAAAQDMzwz8hH91JaMVpoT8pwugJJAAxARvwleF6lD8wrZmcDTiYUEC1XkjjA1C6iYq2AViLtJYBYABo9sWyAXiU8QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA_ACCpoCaB0w8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03ZDNlNzk3My1mNzRhLTRjYTgtYTM1YS00NDEzYzg5YjgzYWImY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA3jloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0KgFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjQ1MzQ1MTEzODUyMjYzMzgwOCIJMzgxODQ2NzE0KgRiaW5nOiRVMmh2Y0hCcGJtZEJaQ014TkRBM05qa3hNRGczTkRFM016SXjAA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF9r331rWEoLANwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFAPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEBE1EQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeU8QXSBw0JLiYADNoHBggJL3AHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=4becb9424bf73eab4f022cee3275b6faa9d7b8a1

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 187503ec-0bf2-4f89-9b53-b5c38bc1197c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 4CF7
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5e7dca4f-fda3-4eb4-bdf6-9a3eba29bd98&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=7d3e7973-f74a-4ca8-a35a-4413c89b83ab&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_4-1-0?&RG=ff6c989d9d744339912459a5bade9a13&SNR=1&GV=2&med=10

0
27 B

89ms
88ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_4-1-0?&RG=ff6c989d9d744339912459a5bade9a13&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CC79BC1CFCDE4216B274F4FD936170C3 Ref B: FRA31EDGE0618 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b4b
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 49EC637B5C7D4AA9B20C66701AD0351B Ref B: MIL30EDGE1310 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b0b
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_4-1-0?&RG=ff6c989d9d744339912459a5bade9a13&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 150
quic-version: 0x00000001

POST
H2 204 csi
csi.gstatic.com/ Frame 7C62 0
54 B 195ms
194ms Ping
image/gif 2607:f8b0:4012:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=3~lkxdyc70&chm=1&e=21060099&ctx=2&qqid=CP32-Im6xIADFVGXgwcd2iUFvA&met.6=6.1_CgsYyA0gWioECAgSAA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 1B5B 739 B
1 KB 34ms
33ms Image
image/png 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by: Host: dcdn.adnxs.com
URL: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Jul 2023 02:36:36 GMT
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1294918
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: JURYqajTLbXCj_vMnulOkL9S-XwtC6tllI6JrcT_9p-gBCKNlxdAsg==
expires: Sun, 20 Aug 2023 02:36:36 GMT

GET
H3 200 th
www.bing.com/ Frame 1B5B 32 KB
32 KB 51ms
51ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8452525181565_1UDHMVKUSXDRIQQMOK&pid=21.2&c=3&w=1200&h=627&dynsize=1
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0f65a9a5652d99cc3e798d8a1ff35ac8f0527ff4e72673a80a009679e09c93ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674b0f
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 33195
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H3

200

c.gif
www.bing.com/aes/ Frame 1B5B
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=fe9ebe40-0bab-4536-8338-5f58f789d98f&cmExpId=LV1&oAdUnit=391270&publisherId=162645330&rId=e1060ba1-8b71-4bd3-8bb8-6a6c26d9b0be&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=1d133d8a630e472eb25a8c0662a234be&SNR=1&GV=2&med=10

0
27 B

89ms
89ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=1d133d8a630e472eb25a8c0662a234be&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 614222ADBB8648319350F649FE34B65F Ref B: FRAEDGE1817 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b4d
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A96F4EFAE0C40C89F707EAB1C57A094 Ref B: MIL30EDGE1518 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b10
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=1d133d8a630e472eb25a8c0662a234be&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
quic-version: 0x00000001

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 1B5B 0
648 B 26ms
26ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKDB-iDAwAAAwDWAAUBCPnitqYGENKJvtKOi--WYhgAKjYJbexvxBRBkz8RzlNqh6BKkj8ZAAAAgOtRyD8hzg0SACkRJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF4ovMFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDhAMKmgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD1lMTA2MGJhMS04YjcxLTRiZDMtOGJiOC02YTZjMjZkOWIwYmUmY21FeHBJZD1MVjEmb0FkVW4ZRVRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4UZTEwNjBieloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRngZXJmcmVpciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzcwNzQ1MTc2Nzk3NDMxNDEwNzQiCTI0Aanw0DgzNSoEYmluZzo4VTJWaGNtTm9RV1FqTnpnME56YzRORGcyTnpBeE5qWWpNak16TURJM056UTFOalF5TVRZNU5RPT3AA-CoAcgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAF0t6pl_2Zmu92wAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5o2AUB4AUB8AUA-gUECAAQAJAGAZgGALgGAMEGAR80AADwP9AGwo0E2gYWChAJEhkBdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHovMF0gcNCREoASYI2gcGAV58GADgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=19fd87cdfe14ef5da2e14f212ccb30e7ef0270ef

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: b4973f0f-77f6-4600-ad98-67b5638237b7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 1B5B 0
647 B 26ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QL-A-j-AQAAAwDWAAUBCPnitqYGENKJvtKOi--WYhgAKjYJbexvxBRBkz8RzlNqh6BKkj8ZAAAAgOtRyD8hzg0SACkRJPRTATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF4ovMFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAXS3qmX_Zma73bABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAABMxkBdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHovMF0gcNCREoASYM2gcGCAUJdOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=0e690d8a507b364bebb1e6240ff0d2ff2832b6d1&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: b4694875-8a9e-4b10-ae22-719359223efe
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 get
choices.trustarc.com/ Frame B7BF 739 B
1 KB 34ms
33ms Image
image/png 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by: Host: dcdn.adnxs.com
URL: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Jul 2023 02:36:36 GMT
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1294918
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: cBg4V5gdVABwE6GOo47gIyIfNx5Rz6LLWyEMHRiqOMPIdg9WGXjy2w==
expires: Sun, 20 Aug 2023 02:36:36 GMT

GET
H3 200 th
www.bing.com/ Frame B7BF 150 KB
150 KB 58ms
58ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7146851201741_1R6041XUBAVUYTQX5U&pid=21.2&c=3&w=1200&h=627&dynsize=1
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e267ca092b7d8b7d64f4412c7957453439e8e767be7fd33103b392fb7d0d2d04

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674b11
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 153657
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H3

200

c.gif
www.bing.com/aes/ Frame B7BF
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=0276a8e0-b663-4ad0-802c-c9390fe84cb1&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=72b20002-d4aa-4f80-b4ab-2de8fe61c84e&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c533beb4ba704659b991c75334775394&SNR=1&GV=2&med=10

0
27 B

87ms
87ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c533beb4ba704659b991c75334775394&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CB43A8AD9BE444A691BCD6B27C3E90D8 Ref B: FRA31EDGE0216 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b4f
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3786D56AA4C3411BBFE169AB58373ED4 Ref B: MIL30EDGE1311 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b12
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c533beb4ba704659b991c75334775394&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
quic-version: 0x00000001

GET
H2 200 it
ams3-ib.adnxs.com/ Frame B7BF 0
647 B 26ms
26ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKjB_BMowMAAAMA1gAFAQj54ramBhCLv63h8tHF8XkY9NzxwObI565eKjYJXEeHreGomj8RMeqmMaNTmT8ZAAAAgOtRyD8hMeqmMaNTmT8pXEcJJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF47vEFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDmgMKsAJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD03MmIyMDAwMi1kNGFhLTRmODAtYjRhYi0yZGU4ZmU2MWM4NGUmY21FeHBJZD1MVjMmb0FkVW4ZRVRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4UNzJiMjAweloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_wQF9lcmRocmZnWXJpcnlZMSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzg3ODI4ODg1MDI0Nzk3NzM1NzkiCTI0Ab_w0DgzNSoEYmluZzo4VTJWaGNtTm9RV1FqTnpjeE56SXhOalEyTlRnNU9EUWpNak15T0RrM01UYzROak0zT1RVMU13PT3AA-CoAcgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFmMbo3qC50b4jwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXk0wz6BQQIABAAkAYBmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAfu8QXSBw0JESgBJgjaBwYBXnwYAOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=de6dbc21d924016386dedcc7cae28d631f9ab477

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 96bfec9b-d8a0-40e7-bde3-12c7b59a18ca
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4AB3 52 KB
17 KB 133ms
36ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:34 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:36 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame B7BF 0
647 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKIBPBMCAIAAAMA1gAFAQj54ramBhCLv63h8tHF8XkY9NzxwObI565eKjYJXEeHreGomj8RMeqmMaNTmT8ZAAAAgOtRyD8hMeqmMaNTmT8pXEcJJPRTATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF47vEFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAWYxujeoLnRviPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXk0wz6BQQIABAAkAYBmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChABMy4BAHQQABgA4AYM8gYCCACABwGIBwCgB0HIB-7xBdIHDQkRKgEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=88741a850085f7dc06ef520e358ed2ed4bebb955&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 6b68a5bd-a773-4986-882b-500e573f6c8a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 1317 739 B
1 KB 34ms
34ms Image
image/png 52.222.214.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tl.png
Requested by: Host: dcdn.adnxs.com
URL: https://dcdn.adnxs.com/renderer-content/42405d30-1f2c-4692-bcd5-9e666534e635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-4.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Fri, 21 Jul 2023 02:36:36 GMT
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P3
age: 1294918
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: 1loR8bVvwuIR3Plck3f6rIp6ud7RkzvNYk9lo9FXbznYuTh0O5-6vw==
expires: Sun, 20 Aug 2023 02:36:36 GMT

GET
H3 200 th
www.bing.com/ Frame 1317 57 KB
57 KB 67ms
67ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7490509999181_1BUF7SEYT80YGH8FL5&pid=21.2&c=3&w=1200&h=627&dynsize=1
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7c729fba24807127e139d6ca76ec4773de19ae3cb227e509e9e7d73d2b82afdc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674b19
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 58376
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H3

200

c.gif
www.bing.com/aes/ Frame 1317
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=f1b434c0-6587-47ce-9b26-c9129f148d21&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=5a272a3c-bac4-47b9-9bed-a9205720bef2&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=911fec7e48fe4aa3915e1e9f914d383f&SNR=1&GV=2&med=10

0
27 B

92ms
92ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=911fec7e48fe4aa3915e1e9f914d383f&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9AAC51D351DE488BA49C0B03F8FBDB8D Ref B: DUS30EDGE0908 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b50
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A38F5343E5E342EA8FB8E99C7AF49AAA Ref B: MIL30EDGE1007 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b1a
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=911fec7e48fe4aa3915e1e9f914d383f&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
quic-version: 0x00000001

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 1317 0
647 B 27ms
26ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKXB-iXAwAAAwDWAAUBCPnitqYGEO6_iubpifrULRgAKjYJYub8o-dTlT8R3drJ2-hClD8ZAAAAgOtRyD8h3Q0SACkRJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF4ivcFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDmAMKrgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD01YTI3MmEzYy1iYWM0LTQ3YjktOWJlZC1hOTIwNTcyMGJlZjImY21FeHBJZD1MVjMmb0FkVW4ZRVRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4UNWEyNzJheloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_wPl9ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMzMjkwNDE2NDI3MTA1OTUxNzI2IgkyNAG98NA4MzUqBGJpbmc6OFUyVmhjbU5vUVdRak56azJORFl3Tmpjek5URTJPVEFqTWpNek1UUTBOVFk0TnpjMU1UWTNNdz09wAPgqAHIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMuswnWIBQGYBQCgBceb6Yq_ydfbGcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEOaNgFAeAFAfAFAPoFBAgAEACQBgGYBgC4BgDBBgEfNAAA8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYM8gYCCACABwGIBwCgB0HIB4r3BdIHDQkRKAEmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=e3690cfd9b601e3f2df493a305c2105b8787a867

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: fdf50296-b143-4da3-bb8f-42037bc24509
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 1317 0
647 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QL-A-j-AQAAAwDWAAUBCPnitqYGEO6_iubpifrULRgAKjYJYub8o-dTlT8R3drJ2-hClD8ZAAAAgOtRyD8h3Q0SACkRJPRTATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF4ivcFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAXHm-mKv8nX2xnABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAZgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAABMxkBdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHivcF0gcNCREoASYM2gcGCAUJdOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=7b6e14da16e4e3f881728120e9511d8bbd323d14&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: e173d0ba-a831-4146-9f4f-ac830f08c949
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 1a Show response
i.clean.gg/ Frame 5609 0
104 B 114ms
112ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 th
www.bing.com/ Frame 5609 11 KB
11 KB 47ms
44ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8246376968418_1IME7EK2KZ9MJ3E783&pid=21.2&c=16&roil=0.2393&roit=0&roir=0.7617&roib=1&w=180&h=180
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f513b472e507126a912116f108035b149ba1c09a8b200eaa807eba7eddf0a3f6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674b28
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 10761
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 11C4 52 KB
17 KB 134ms
37ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:34 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:36 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 5609 0
647 B 27ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKJBPBMCQIAAAMA1gAFAQj54ramBhCZ8ZX6kuj43REY9NzxwObI565eKjYJ95R9zapSpj8RURoEEO80pT8ZAAAAgOtRyD8hURoEEO80pT8p95QJJPReATEAAABA4XqUPzCumZwNOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeKn0BYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXZoJWexs7b81bABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAk-dBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHqfQF0gcNCQkkAAAFJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=b90ad0c14aad836604f8f5997d4f4eef8ced8701&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 6af8e73f-d032-45bd-b0aa-bb74501a3943
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 4EB6 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKEB-iEAwAAAwDWAAUBCPnitqYGEIDdwfyEr7W7PhgAKjYJM-nJ_n4EsT8R8ANz2KsqsD8ZAAAAQOF61D8h8A0SACkRJAAxCRvwlZQ_MKbdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4kfIFgAEBigEDVVNEkgEDRVVSmAHAAqABMqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCq4CaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0yYTM3OTUyZC0yMTRhLTQ4OTQtYTgxMS1iMTYyNjBlZjU2MWQmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgAyjloANHJ0eXBlPW51cmwmdGFnAZBwODI3NDM0MiZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGRR6emYlM0ERH_Q0AV9ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0NTAxMDE5NTkwMzExMDQ2Nzg0IgkzODE4NDY3MTQqBGJpbmc6JFUyaHZjSEJwYm1kQlpDTXhOREEzTmpVeU9ESTROalExTkRjNcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGMACIDIoADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBeuv6ovFwY7xV8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAU3CQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeR8gXSBw0JCSQAAAUmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=13ecbc2bf97f69a62be2d5c87022cead02cf40ba&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=300&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274342&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 7460440d-137d-43e4-a1e6-0af23430dac2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 3DE3 0
665 B 26ms
26ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QLzBuhzAwAAAwDWAAUBCPnitqYGEL2Rg4au0saOLRgAKjYJAAAAAO6nrj8RAAAAgIgfrT8ZAAAAQOF61D8hAA0SACkRJAAxCRvwlZQ_MKbdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4v_UFgAEBigEDVVNEkgEDRVVSmAHAAqABMqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA_MCCp0CaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03NGM3OWZhZS1mMGY1LTQwNDUtOTA1MS1jZjY3MThmZDExMjkmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA3jloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzNDImdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnw0HpodnFmcnlhcmomYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMzMjUwNzgzNzI0MTY5NjQ0MjIxIgkzODE4NDY3MTQqBGJpbmc6JFUyaHZjSEJwYm1kQlpDTXhOREEzTmpVeU9ESTROalExTkRjNcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGMACIDIoADAAOAK4BADABADIBADaBAIIAeAEAfAERVNUiAUBmAUAoAWR0pWbyLf-xwTABQDJBUGOGAAA8D_SBQlFvgEBaNgFAeAFAfAFAPoFBAgAEACQBgCYBgC4BgDBBgEfAS8k0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAe_9QXSBw0VYwEmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=7bfc139d3d407e67f897a8ab27db128777635312&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=300&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274342&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 5c778b3f-7edf-481d-b218-fc37810fb63a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 95A3 0
666 B 25ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKNB-iNAwAAAwDWAAUBCPnitqYGENSIodO-7e6uZRgAKjYJuS8eGgC-kD8ReScGmGbPjz8ZAAAAgOtRyD8heQ0SACkRJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeIj1BYABAYoBA1VTRJIBA0VVUpgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDiwMKoQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03MDc3ZjVhMC03ZjU5LTRhMDctYWI5OC1hY2NhNGE5YjBlNmUmY21FeHBJZD1MVjMmb0EyRQBUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOCDcwN4ZaALhydHlwZT1udXJsJnRhZ0lkPTI3NzI0OTc0JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ9DQBZWdvX1pZX2kyX2doYXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3MzA0MjAwMjQyODMzNDA5MTA4IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56WTRPVGN5TmpVMU56RTJNVE1qTWpNeU9EWTVOamt3T0RNM05UZ3lOZz09wAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfD9nZnpkf2bUMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYADS8k0AbCjQTaBhYKEAURHQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeI9QXSBw0JESkBJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=6993a02d8ed5893594ad9b96436a410ed3c3d801&type=nv&nvt=5&jm=1003&px=0&py=0&bw=160&bh=160&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27724974&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: fbf168ba-999c-486b-9f8c-0348d38cf7fe
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 94BC 0
665 B 25ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKEB-iEAwAAAwDWAAUBCPnitqYGEJqx48yktf_mAhgAKjYJujpQkOPheD8RyjdM_GSjdz8ZAAAAgOtRyD8hyg0SACkRJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF4yPIFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDhQMKnAJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD1kY2IxOTA0MC02NDI4LTQ3MDQtYjM3Ni1kZDM2YjhmMDdmOGMmY21FeHBJZD1MVjMmb0FkVW4ZRVRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4UZGNiMTkweloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0SAFlZ29fWllfaTImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhIyMDIwOTY0NjYxMjI1NjE2OTAiCTI0NjQ1MzgzNSoEYmluZzo4VTJWaGNtTm9RV1FqTnpFNU5EazFNekEzTVRZek5EWWpNak15TXpjME9URXdOakE0TXpJM05BPT3AA-CoAcgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFw_zhqKHep7NfwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFAPoFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAE6iAAAABAAGADgBgzyBgIIAIAHAYgHAKAHQcgHyPIF0gcNCQAACQIBJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=277e1d19a3307d50f1212ea57447c3d13bc95ece&type=nv&nvt=5&jm=1400|1003&px=1440&py=50&bw=160&bh=600&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=27724974&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: a21c2202-8499-4cc0-b95e-4f13b337b92f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 190ms
111ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 notify
tlx.3lift.com/header/ 37 B
220 B 33ms
32ms Image
image/gif 18.194.94.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=0.024&ts=1691201913&aid=10837199502961204692700&ec=5563_66529_OADD2.8246376968418_1IME7EK2KZ9MJ3E783&n=Gs0CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD05NmEyN2Y0Yi03OTNjLTRjNWQtODg4Ny1lN2FjOGI2Mjk4OWUmY21FeHBJZD1MVjMmb0FkVW5pdD0xMTczMDM3NCZwdWJsaXNoZXJJZD0yNTAxNTIyMzUmcklkPTk2YTI3ZjRiLTc5M2MtNGM1ZC04ODg3LWU3YWM4YjYyOTg5ZSZydHlwZT1udXJsJnRhZ0lkPTQzODU0NiZ0cmFmZmljR3JvdXA9Z2V2Y3lyeXZzZ19wY3omdHJhZmZpY1N1Ykdyb3VwPXp6ZiUzQWdldmN5cnl2c2dfcGN6X3FycGJoY3lyJmFpZD0xMDgzNzE5OTUwMjk2MTIwNDY5MjcwLTk2JndwPTAuMTIy8gL6AQgAEhcxMDgzNzE5OTUwMjk2MTIwNDY5MjcwMBgAIAEouysw4YcEQAFIAFABYBJoCnCB%2ByGQAQCYAQCoAf%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwG4AQXAARjIAXrwAZPLDPgBeoACGJECAAAAAAAA8D%2BZApqZmZmZmek%2FqAIAsAIByAIC2AIA8QJmZmZmZmbmP%2FgCpTuQAwCYAwCgAwC4AwDIAwDSAyZPQUREMi44MjQ2Mzc2OTY4NDE4XzFJTUU3RUsyS1o5TUozRTc4M%2BADgabDWukDAAAAAAAAAADwA3r5AwAAAAAAAAAAgAQEiQSamZmZmZnpP6AEAKkEAAAAAAAAAADABGD4AgyIAwGSAwQ5ODk1mAMAoAOS4hqoAwA%3D&b=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.194.94.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-94-253.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 r
eb2.3lift.com/ 37 B
139 B 32ms
32ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=ducumon_me_320x50_472xdefaultx1&aid=10837199502961204692700&rev=5b127f1&pr=un&bc=0.122&bmid=5563&biid=7589&sid=66529&brid=556417&adid=&crid=189846273&ts=1691201913&bcud=122&ss=12&caid=0&unid=0&domain=www.ducumon.click&ref=https%253A%252F%252Fwww.ducumon.click%252F&rr=creative&fid=18&rb=10&g=0&tmplid=206227&cb=28783
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3

200

c.gif
www.bing.com/aes/
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=99855c66-fe42-46b2-8bf6-656ea95f52c5&cmExpId=LV3&oAdUnit=11730374&publisherId=250152235&rId=96a27f4b-793c-4c5d-8887-e7ac8b62989e&...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=efd9da97228f44ecaae0147708e208e9&SNR=1&GV=2&med=10

0
27 B

75ms
75ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=efd9da97228f44ecaae0147708e208e9&SNR=1&GV=2&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BBE7A0C7E1D642C48387339CF2E5DAEC Ref B: FRA31EDGE0117 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b83
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A42CD1B3306D4D92B82220FAE9EEDF29 Ref B: VIEEDGE1105 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b3f
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=efd9da97228f44ecaae0147708e208e9&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
quic-version: 0x00000001

GET
H3 200 th
www.bing.com/ Frame 226D 2 KB
2 KB 38ms
37ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8246376968418_1IME7EK2KZ9MJ3E783&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=0.9963&w=96&h=50&dynsize=1
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c760874839bcf780432a463be364665c1c48dc35b9f904e2939fe48880cfb184

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674b40
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 2347
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
DATA 200
OK truncated
/ Frame 226D 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 blank
img.3lift.com/ Frame 226D 178 B
486 B 112ms
32ms Image
image/png 18.66.122.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.3lift.com/blank?width=96&height=50
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-28.fra60.r.cloudfront.net
Software: /
Resource Hash: 5507d4789324dcb0db30f9a7b8480b815ece9b0e1f2eca83c5e547670d95eec6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 09:35:35 GMT
via: 1.1 0121ceb2efadb6db52d122a8b6b52f90.cloudfront.net (CloudFront)
last-modified: Fri, 04 Aug 2023 09:35:35 GMT
x-amz-cf-pop: FRA60-P2
age: 60179
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=86400
content-length: 178
x-amz-cf-id: NTqtGACy_ubJe9uGnTywTFKez8j2JJjBkVCbZcWz3oCXCLnFChpM9A==

GET
H3 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 226D 3 KB
3 KB 34ms
33ms Image
image/png 13.32.99.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.99.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-84.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 08:12:13 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 524272
x-amz-cf-pop: FRA60-P3
etag: "ddf020e069f1706b72b7698b28fede09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3125
x-amz-cf-id: nju_Wp0IXl2NpAjKrvFYzXeiupkrXB7C0s4pkx5e1AetSLQK5XdafQ==

GET
H3 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 226D 3 KB
4 KB 34ms
34ms Image
image/png 13.32.99.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.99.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-84.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 20:11:02 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 194853
x-amz-cf-pop: FRA60-P3
etag: "7ceab27af00fa466072a3c3360041755"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3518
x-amz-cf-id: 9HfHyUKp8dos3vTBpyaWW0Y3PacEkI-vf0xyCxU-rsm7Ltbf40fpjA==

GET
H2 200 ctar
eb2.3lift.com/ 37 B
139 B 32ms
31ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=ducumon_me_320x50_472xdefaultx1&aid=10837199502961204692700&rev=5b127f1&cta_render_method=2&cta_render_text=Learn%20more&cb=16638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame EFF6 0
665 B 26ms
26ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKGB-iGAwAAAwDWAAUBCPnitqYGEOTJpNLP4efJNxgAKjYJHOzcW_x9oD8RNVq94cVVnz8ZAAAAgOtRyD8hNQ0SBCkcDST0DgExAAAAQOF6lD8wrpmcDTiYUEC1XkjjA1DLrMJ1WIu0lgFgAGj2xbIBeIrxBYABAYoBA1VTRJIBA0VVUpgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4UDCp8CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxMjcwJmF1SWQ9M2VjZWQ4ZDktMTk2NS00NGMzLWI5Y2MtMjY1MWQ0MWEwNDNmJmNtRXhwSWQ9TFYzJm9BZFVuGUVUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOFDNlY2VkOHpaALhydHlwZT1udXJsJnRhZ0lkPTI3NzI0OTc0JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ9EgBZmdub3lydnFjbmZmJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNDAwNDcxOTM3MTc1MDAyNDQyMCIJMjQ2NDUzODM1KgRiaW5nOjRVMlZoY21Ob1FXUWpOekl6TmpFNU1EWTNOVFV5TWpjak56SXpOakl3T0RNd05UQTNNRFE9wAPgqAHIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMuswnWIBQGYBQCgBfzt1Oiu5ZKZdMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbreA_oFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAABOgUBdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHivEF0gcNCQUjBAAABSYI2gcGAV58GADgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=d84ab697c6897f7baaedffa69078c5e0edd0303f&type=nv&nvt=5&jm=1400|1003&px=0&py=82&bw=160&bh=600&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=27724974&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 8efad181-4ac8-4db8-b071-b39388d68399
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 4427 76 KB
26 KB 29ms
28ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0erHNZAAAAACijmlGhkg5R5YFIk56RBGOQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 4427 80 KB
27 KB 45ms
45ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 4427 0
647 B 37ms
36ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QKOB_BMjgMAAAMA1gAFAQj64ramBhCJsMChxZet8EEY-s60-MWcgKYZKjYJjas9sqpSlj8Rk_wg9u40lT8ZAAAAQOF61D8hk_wg9u40lT8pjasJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4vfQFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCpoCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD04MWY4OWU1OC04ZThmLTQxNzYtOTNmNS0wNWYzMzYyNGMzOWYmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA4jloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0SAFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNDc0Njk5MjcyODIwNzc5MjEzNyIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE00TXpneE5qY3dORGN6TXpZak1qTXpOVFl6TnpVM05UWXdOVEl4TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBdarmaef0Jb9dsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZKuNPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAVLfAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAe99AXSBw0JDSUFJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=b617889f8b0334f2f39369caf0df8dca5433c614

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: a16979ab-ff7a-4364-acb1-49ff6b417145
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 4427
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=e21a03f4-4ddb-4a42-8fde-4b38a714ddcc&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=81f89e58-8e8f-4176-93f5-05f33624c39f&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4624b30a0cd44495ade1c6f1f91165dd&SNR=1&GV=2&med=10

0
27 B

75ms
74ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4624b30a0cd44495ade1c6f1f91165dd&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2079E7193FBD4249A7199680ECA2F658 Ref B: FRA31EDGE0217 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b84
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AC269AEAA9CF4406823ACF47A51809AE Ref B: MIL30EDGE1121 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b43
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4624b30a0cd44495ade1c6f1f91165dd&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
quic-version: 0x00000001

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 5C8E 76 KB
26 KB 30ms
29ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0erHNZAAAAADHMxkIYxQ5QaNkyWtlyFOgQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 5C8E 80 KB
27 KB 47ms
46ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 5C8E 0
647 B 26ms
26ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QKOB_BVjgMAAAMA1gAFAQj64ramBhD77MnTsMz922sYu-Te3Piypo9BKjYJ95R9zapSdj8RURoEEO80dT8ZAAAAQOF61D8hURoEEO80dT8p95R9zapSdj8xAAABG_CVlD8wot29DTiYUEC1XkjjA1C6iYq2AViLtJYBYABo9sWyAXiN9QWAAQGKAQNVU0SSAQNFVVKYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDhAMKmgJodHRwETDwaWJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWY1NTYyMjFhLTc5YzctNDdkMC1hOWU4LTM2MWEyNTU1NzVjYyZjbUV4cElkPUxWMyZvQWQuRQBUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOAGaOWgC4cnR5cGU9bnVybCZ0YWdJZD0yODI3NDMzOCZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGZhlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNzc2MTkBUlg4MDMzODA3OTk1IgkzODE4NDY3MTQqBCE38MI6OFUyVmhjbU5vUVdRak56SXlNalEwTWpJM09UUXdOakVqTWpNeU5EQXlNems0TkRBek1qQTBPUT09wAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFkaHGzqGHh5ltwAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAF6sgf-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB431BdIHDQkRKAEmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=085dd2b3bb508bc961257782b75c903eaa078c7a

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: b2679c5b-22e3-4ffb-b27f-fec27a597fc9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 5C8E
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=a7d4e25f-a37e-4880-ae6b-8be5a1da81b8&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=f556221a-79c7-47d0-a9e8-361a255575cc&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=8dbd6571dbb14c959cc178533a3aa24e&SNR=1&GV=2&med=10

0
27 B

69ms
69ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=8dbd6571dbb14c959cc178533a3aa24e&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1C1338B22F85497795FD34A3A5BB744C Ref B: FRA31EDGE0811 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674ba1
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 668F9F0B0AFE42CA98329F9DA2EABE5D Ref B: VIEEDGE2514 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b49
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=8dbd6571dbb14c959cc178533a3aa24e&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame FC77 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QLuBuhuAwAAAwDWAAUBCPnitqYGEKOk0fbtxsC1ChgAKjYJSsDdNIMIsz8R4KnSC-MUsj8ZAAAAgOtRyD8h4A0SACkRJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF4y_EFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoD7wIKmgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD03YzlmOGU3Yy0zYzk3LTRhYzktODZkMy0xM2MwOTEzYmFlOTAmY21FeHBJZD1MVjEmb0FkVW4ZRVRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4UN2M5ZjhleloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0FwFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoSNzUwNjk2MTk3NTc3MjY1Njk5IgkyNDY0NTM4MzUqBGJpbmc6JFUyaHZjSEJwYm1kQlpDTXhOREEzTmpVeU9ESTROalExTkRjNcAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAWA6OuAk5TZ_jPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAZgGALgGAMEGCSIs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYM8gYCCACABwGIBwCgB0HIB8vxBdIHDQkRKAEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=d2ac5601d55e870cdf60078a77a31aa20d3ff2be&type=nv&nvt=5&jm=1400|1003&px=0&py=165&bw=160&bh=600&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=27724974&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: fe82d3eb-cba2-4c48-bf1d-3a4eebb9ea02
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 th
www.bing.com/ Frame 4CF7 11 KB
11 KB 45ms
45ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OPE.pmDf1f%2fkslC9zw300C300&pid=21.1&w=300&h=300&c=17
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 371d5dadac385366265574330de652d3b97d0646391835f0fd53936ef1cf7725

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674b58
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 10953
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FBD9 52 KB
17 KB 80ms
40ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:34 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:36 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 4CF7 0
647 B 27ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKJBPBMCQIAAAMA1gAFAQj64ramBhDQrK2L_JmahiIYq8XxrM-TiaJMKjYJwuj8AWRUoj8RH91JaMVpoT8ZAAAAQDMzwz8hH91JaMVpoT8pwugJJAAxARv0PgHhepQ_MK2ZnA04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4lPEFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCGmh0dHBzOi8vd3d3LmR1Y3Vtb24uY2xpY2svgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfa999a1hKCwDcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYABTAs8D_QBsKNBNoGFgoQBREdAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB5TxBdIHDQkRKQEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=609e97e04389970ceb0d2d471c0f09ad83891b45&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 970b84f2-f0fb-4c44-9f04-226b580ea8fd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 th
www.bing.com/ Frame CBBA 14 KB
14 KB 38ms
38ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8246376968418_1IME7EK2KZ9MJ3E783&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=300&h=157
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ae0aeaefd739ffd2451c5a5b09dd6ed0c63b2c11032a9418abbd61e6c3ca96df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674b5c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 14817
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8F6F 52 KB
17 KB 79ms
41ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:34 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:36 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame CBBA 0
647 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKJBPBMCQIAAAMA1gAFAQj64ramBhDMpb2DkfzgtCQYq8XxrM-TiaJMKjYJlkctJwAdqT8Rm50E8ozbpz8ZAAAAQDMzwz8hm50E8ozbpz8plkcJJAAxARv0PgHhepQ_MK2ZnA04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF45PEFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCGmh0dHBzOi8vd3d3LmR1Y3Vtb24uY2xpY2svgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBZSl4c-Y4Y7WMsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYABTAs8D_QBsKNBNoGFgoQBREdAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB-TxBdIHDQkRKQEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=7fd785e74b3b4acf11ae0fb267d32e1163129eef&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 9bd04e48-60db-44d0-8d5c-974042c8f3a9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 0CFA 76 KB
26 KB 29ms
28ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0erHNZAAAAADv6FDXeNQ8TbcJL4nvqVgPQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 0CFA 80 KB
27 KB 45ms
44ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 0CFA 0
647 B 26ms
26ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QKgB_BMoAMAAAMA1gAFAQj64ramBhD78t_LhZvmkXQYu-Te3Piypo9BKjYJgQl3KiKOmD8RO3xXqNNTlz8ZAAAAQOF61D8hO3xXqNNTlz8pgQkJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4sPUFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA5YDCqwCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1kYTliNGIwYi1lMmRlLTQ0OGUtOTRkYS1mMWNiZTJmNmE3NDgmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBkjloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_w5V9lcmlyZWZyaHpmJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTODM2ODcwMDU4NzU2NTkwNjI5OSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekV6TXpFd05EVXdOekkxTXpFak1qTXlNekV6TURZek1EYzFPREF5TUE9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAERXZYiAUBmAUAoAXEh4iHtNXk5XvABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBeGGTPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB7D1BdIHDRVlASYI2gcGAV58GADgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=664ecc174c42f54a264cf5322edff06810204805

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 486b2a6d-59ea-4473-94bb-99f01c340e71
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 0CFA
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=74bc6af1-c0bb-4958-8a94-3349882df400&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=da9b4b0b-e2de-448e-94da-f1cbe2f6a748&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=02589751547c4a7e9b4ef57ac239ae20&SNR=1&GV=2&med=10

0
25 B

69ms
68ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=02589751547c4a7e9b4ef57ac239ae20&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C8220A44FBEC4BF5B5BF3C88C86B11A6 Ref B: FRA31EDGE0707 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674bab
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A1BE61C7A19B458C8DA4A8A5B620FFE5 Ref B: MIL30EDGE1210 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b5f
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=02589751547c4a7e9b4ef57ac239ae20&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
quic-version: 0x00000001

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 111ms
111ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ducumon.click
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 05 Aug 2023 02:18:34 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H3 200 1a Show response
i.clean.gg/ Frame 2201 0
15 B 113ms
112ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 th
www.bing.com/ Frame 4427 6 KB
6 KB 107ms
106ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7559526591226_1O1ASSYRSURCUTP1LO&pid=21.2&c=16&roil=0.0017&roit=0&roir=0.9967&roib=1&w=200&h=105
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f338bedd25e2695c0878c4f3f01727d079008753714b4e4dccda935e360acebc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674b67
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 6438
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B265 52 KB
17 KB 74ms
32ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:34 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:36 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 4427 0
646 B 27ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKKBPBMCgIAAAMA1gAFAQj64ramBhCJsMChxZet8EEY-s60-MWcgKYZKjYJjas9sqpSlj8Rk_wg9u40lT8ZAAAAQOF61D8hk_wg9u40lT8pjasJJAAxCRv0PgGUPzCi3b0NOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeL30BYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBdarmaef0Jb9dsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZKuNPoFBAgAEACQBgCYBgC4BgDBBgAAAScs8D_QBsKNBNoGFgoQARAuAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAe99AXSBw0JESoBJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=e9500cd5ddec5ee93fdb8dfae98eedeb53929c2a&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=3&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: a1dfb136-fc0a-40d5-aa31-ea72a609bc09
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 1B5B 0
665 B 26ms
26ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKDB-iDAwAAAwDWAAUBCPnitqYGENKJvtKOi--WYhgAKjYJbexvxBRBkz8RzlNqh6BKkj8ZAAAAgOtRyD8hzg0SACkRJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF4ovMFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDhAMKmgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD1lMTA2MGJhMS04YjcxLTRiZDMtOGJiOC02YTZjMjZkOWIwYmUmY21FeHBJZD1MVjEmb0FkVW4ZRVRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4UZTEwNjBieloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRngZXJmcmVpciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzcwNzQ1MTc2Nzk3NDMxNDEwNzQiCTI0Aanw0DgzNSoEYmluZzo4VTJWaGNtTm9RV1FqTnpnME56YzRORGcyTnpBeE5qWWpNak16TURJM056UTFOalF5TVRZNU5RPT3AA-CoAcgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAF0t6pl_2Zmu92wAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5o2AUB4AUB8AUA-gUECAAQAJAGAZgGALgGAMEGAR80AADwP9AGwo0E2gYWChAJEhkBdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHovMF0gcNCREoASYI2gcGAV58GADgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=19fd87cdfe14ef5da2e14f212ccb30e7ef0270ef&type=nv&nvt=5&jm=1400|1003&px=0&py=247&bw=160&bh=600&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=27724974&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: a1bb0d0e-cf3f-4a21-a4f7-24f50551c8e8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame B7BF 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKjB_BMowMAAAMA1gAFAQj54ramBhCLv63h8tHF8XkY9NzxwObI565eKjYJXEeHreGomj8RMeqmMaNTmT8ZAAAAgOtRyD8hMeqmMaNTmT8pXEcJJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF47vEFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDmgMKsAJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD03MmIyMDAwMi1kNGFhLTRmODAtYjRhYi0yZGU4ZmU2MWM4NGUmY21FeHBJZD1MVjMmb0FkVW4ZRVRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4UNzJiMjAweloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_wQF9lcmRocmZnWXJpcnlZMSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzg3ODI4ODg1MDI0Nzk3NzM1NzkiCTI0Ab_w0DgzNSoEYmluZzo4VTJWaGNtTm9RV1FqTnpjeE56SXhOalEyTlRnNU9EUWpNak15T0RrM01UYzROak0zT1RVMU13PT3AA-CoAcgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFmMbo3qC50b4jwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXk0wz6BQQIABAAkAYBmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAfu8QXSBw0JESgBJgjaBwYBXnwYAOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=de6dbc21d924016386dedcc7cae28d631f9ab477&type=nv&nvt=5&jm=1400|1003&px=0&py=411&bw=160&bh=600&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=27724974&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: c8f0d696-5182-40cc-b96a-6156c947dea8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 1317 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKXB-iXAwAAAwDWAAUBCPnitqYGEO6_iubpifrULRgAKjYJYub8o-dTlT8R3drJ2-hClD8ZAAAAgOtRyD8h3Q0SACkRJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF4ivcFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDmAMKrgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD01YTI3MmEzYy1iYWM0LTQ3YjktOWJlZC1hOTIwNTcyMGJlZjImY21FeHBJZD1MVjMmb0FkVW4ZRVRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4UNWEyNzJheloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_wPl9ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMzMjkwNDE2NDI3MTA1OTUxNzI2IgkyNAG98NA4MzUqBGJpbmc6OFUyVmhjbU5vUVdRak56azJORFl3Tmpjek5URTJPVEFqTWpNek1UUTBOVFk0TnpjMU1UWTNNdz09wAPgqAHIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMuswnWIBQGYBQCgBceb6Yq_ydfbGcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEOaNgFAeAFAfAFAPoFBAgAEACQBgGYBgC4BgDBBgEfNAAA8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYM8gYCCACABwGIBwCgB0HIB4r3BdIHDQkRKAEmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=e3690cfd9b601e3f2df493a305c2105b8787a867&type=nv&nvt=5&jm=1400|1003&px=0&py=329&bw=160&bh=600&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=27724974&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 56d70404-3046-46b4-a18b-17963caaad7d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 th
www.bing.com/ Frame 2201 7 KB
7 KB 37ms
36ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OAIP.5bbfa3e3b81b0f781f6a465808c43be2&pid=AdsNative&c=3&w=300&h=157
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 51f982065039f2184f088c3510cb673a2af3c047b9f0d57ec7e1f95e973de626

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674b7c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 7612
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 061E 52 KB
17 KB 40ms
39ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:34 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:36 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 2201 0
647 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKJBPBMCQIAAAMA1gAFAQj64ramBhDBzNi93an52X4Yn6vZlsKcsc19KjYJOmZCUQDgnD8R6q2Ys2Zumz8ZAAAAQDMzwz8h6q2Ys2Zumz8pOmYJJAAxARv0PgHhepQ_MK2ZnA04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4r_IFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCGmh0dHBzOi8vd3d3LmR1Y3Vtb24uY2xpY2svgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBdTazqagxbbZLcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYABTAs8D_QBsKNBNoGFgoQBREdAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB6_yBdIHDQkRKQEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=c424f765da7a3800b57441da2e07bb3deedc6403&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: b21365da-6311-42fa-8f38-d4cb90574def
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 th
www.bing.com/ Frame 5C8E 9 KB
9 KB 37ms
36ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215782077556_15936JMTQRPOLLJS5G&pid=21.2&c=3&w=200&h=105&qlt=90
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 10bfa5464ab3925807fabf354e7ff92d8123ed43596a0953a70f9ba5dcde07ab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201914.48674b7e
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 9585
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 86A6 52 KB
17 KB 41ms
41ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:34 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:36 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 5C8E 0
647 B 26ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKKBPBVCgIAAAMA1gAFAQj64ramBhD77MnTsMz922sYu-Te3Piypo9BKjYJ95R9zapSdj8RURoEEO80dT8ZAAAAQOF61D8hURoEEO80dT8p95R9zapSdj8xAAABG_Q-AZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4jfUFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCGmh0dHBzOi8vd3d3LmR1Y3Vtb24uY2xpY2svgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFkaHGzqGHh5ltwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF6sgf-gUECAAQAJAGAJgGALgGAMEGAAABJyzwP9AGwo0E2gYWChABEC4BAHQQABgA4AYB8gYCCACABwGIBwCgBwHIB431BdIHDQkRKgEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=29d16d73500672511e1a00f361fe299b957c068e&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 7d87f1de-51f3-4fb8-80fe-16a7b347398a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame CD05 76 KB
26 KB 28ms
28ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0erHNZAAAAAAhFDN/4KyJQ6Ua5eJC+CFiQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame CD05 80 KB
27 KB 45ms
44ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame CD05 0
647 B 26ms
26ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QKLB_BMiwMAAAMA1gAFAQj64ramBhCL5_H6zNG_3wwYv_LU2Pmx9KYaKjYJXiMjk4hAnz8RM_v6voGwnT8ZAAAAQOF61D8hM_v6voGwnT8pXiMJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4hvQFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4MDCpoCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD01MWU2ZDQxYi1iNTVhLTRiNTEtYjE4ZC1mOGRiMjc3MmQ5NzImY21FeHBJZD1MVjEmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA1jloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnwQGVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhI5MTg0NTEyNTQ3NTc5NzkwMTkiCTM4MTg0NjcxNCoEITbwwjo4VTJWaGNtTm9RV1FqT0RRek9EZ3dNell4T1RVd056UWpNak16TmpFNE56TXpNVFUzTmpBNU13PT3AA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXR17rJi4WE_x3ABQDJBQAAAAAAAPA_0gUJCQkMcAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB4b0BdIHDQkRKAEmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=3bb320b60e6f705601d2f53a3002f48b222c35db

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: c38efea9-e768-4acf-befa-065247f076bc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame CD05
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ab2dab19-eac0-42df-a04a-39d5f66d09c8&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=51e6d41b-b55a-4b51-b18d-f8db2772d972&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ca3a22f67c864722b07f36732d1904dd&SNR=1&GV=2&med=10

0
25 B

75ms
75ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ca3a22f67c864722b07f36732d1904dd&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F7E3A4030EA64993892C6D75269B1E6B Ref B: FRA31EDGE0811 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674bd5
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0A88EF6545EA4E2FA6D6CEE291C3AD09 Ref B: MIL30EDGE1318 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674b81
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ca3a22f67c864722b07f36732d1904dd&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 5609 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKrB_BMqwMAAAMA1gAFAQj54ramBhCZ8ZX6kuj43REY9NzxwObI565eKjYJ95R9zapSpj8RURoEEO80pT8ZAAAAgOtRyD8hURoEEO80pT8p95QJJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeKn0BYABAYoBA1VTRJIBA0VVUpgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDoQMKtwJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0yNmYwNjM0My04YjI0LTQwMzEtOWUxZC1jNWFkN2UyOTFhYzAmY21FeHBJZD1MVjMmb0EyRQBUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOCDI2ZoZaALhydHlwZT1udXJsJnRhZ0lkPTI3NzI0OTc0JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZFHp6ZiUzQREf9FMBX29lbmFxX2Zuc3JnbF9veWJweHZhdCZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzEyNzc4NjQ3ODgzOTUxMjg5ODUiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpZMk9URXhNamczTXpjNE1qSWpNak15T0RRNU1EYzFNREEwT0RVeU13PT3AA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF2aCVnsbO2_NWwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFAPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAFFCQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAep9AXSBw0VYwEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=eac56cd899c818beef8b36e116ea846ce809432d&type=nv&nvt=5&jm=1003&px=0&py=494&bw=160&bh=160&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27724974&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 6c55bd41-7c71-4e63-af83-4b249c2652bc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 80E8 76 KB
26 KB 29ms
28ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0erHNZAAAAAAdiBji+W/LT6x1Yk1wSMepQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame 80E8 80 KB
27 KB 45ms
44ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:34 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 80E8 0
647 B 26ms
25ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QKOB_BMjgMAAAMA1gAFAQj64ramBhDJibG_xsCPzRAYq8XxrM-TiaJMKjYJp7ulIIDtlD8Rq9gDH6Dhkz8ZAAAAQDMzwz8hq9gDH6Dhkz8pp7sJJAAxARvwleF6lD8wrZmcDTiYUEC1XkjjA1C6iYq2AViLtJYBYABo9sWyAXiU8QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCpoCaB0w8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1mMDQ2MGI2Ny1lYmM0LTRjYzgtOTBhYS01YTQ5Y2Q2ODQ1OTcmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBmjloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0PgFwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMTE5NjMzNjgzOTY2NDYxNjY0OSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPREF6TXpNeE9UZ3dOVEEyTkRrak1qTXpNakV6TWpnNE1qTTFOemMzTlE9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWhvbXmxMq-uTvABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQCUEZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB5TxBdIHDQkRKAEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=89101d9356fdc5201d9f4c1036e56a2710bee2a6

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: a9ccdb96-8904-4bf2-b754-404caf5fb5a0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 80E8
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=707264a4-77af-4147-a7db-377e95252b61&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=f0460b67-ebc4-4cc8-90aa-5a49cd684597&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=9cc7a556b9f8455eb0e6985ed654380f&SNR=1&GV=2&med=10

0
25 B

72ms
72ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=9cc7a556b9f8455eb0e6985ed654380f&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D3292D5F93534C9AB81AE463EA4DC99A Ref B: AMS04EDGE1211 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674bec
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F25AA68EE181483AADFACEC65CAA342F Ref B: MIL30EDGE1311 Ref C: 2023-08-05T02:18:34Z
x-cdn-traceid: 0.39d53e17.1691201914.48674ba3
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=9cc7a556b9f8455eb0e6985ed654380f&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
quic-version: 0x00000001

GET
H2 200 css
fonts.googleapis.com/ Frame 226D 2 KB
683 B 70ms
70ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/5b127f1a7825086209cb9d14d26e2f86435fb3cd/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b9ffac16148c8938c6d9f2df28a17207f62a7f92d3401a48a58c0b22f17b0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 05 Aug 2023 01:18:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Aug 2023 02:18:34 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 226D 3 KB
749 B 70ms
70ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/5b127f1a7825086209cb9d14d26e2f86435fb3cd/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 05 Aug 2023 02:16:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Aug 2023 02:18:34 GMT

GET
H2 200 sce
eb2.3lift.com/ Frame 226D 37 B
139 B 33ms
31ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sce?block=Custom%20Template%20Code&ref=https%3A%2F%2Fwww.ducumon.click%2F&lvl=3&inv_code=ducumon_me_320x50_472xdefaultx1&e=Double%20iframes
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 sce
eb2.3lift.com/ Frame 226D 37 B
139 B 33ms
32ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sce?block=Custom%20Template%20Code&ref=https%3A%2F%2Fwww.ducumon.click%2F&lvl=3&inv_code=ducumon_me_320x50_472xdefaultx1&e=Fixed%20Parent%201
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 sce
eb2.3lift.com/ Frame 226D 37 B
139 B 34ms
32ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sce?block=Custom%20Template%20Code&ref=https%3A%2F%2Fwww.ducumon.click%2F&lvl=3&inv_code=ducumon_me_320x50_472xdefaultx1&e=Fixed%20Parent%202
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 sce
eb2.3lift.com/ Frame 226D 37 B
139 B 34ms
33ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sce?block=Custom%20Template%20Code&ref=https%3A%2F%2Fwww.ducumon.click%2F&lvl=2&inv_code=ducumon_me_320x50_472xdefaultx1&e=TypeError%3A%20parentElement.parentNode.parentNode.getBoundingClientRect%20is%20not%20a%20function
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 aop
eb2.3lift.com/ 37 B
139 B 34ms
32ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=ducumon_me_320x50_472xdefaultx1&aid=10837199502961204692700&rev=5b127f1&pr=un&bc=0.122&bmid=5563&biid=7589&sid=66529&brid=556417&adid=&crid=189846273&ts=1691201913&bcud=122&ss=12&caid=0&unid=0&domain=www.ducumon.click&ref=https%253A%252F%252Fwww.ducumon.click%252F&rr=creative&fid=18&rb=10&g=0&tmplid=206227&cb=49151
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 sync Show response
eb2.3lift.com/ Frame CFEF 37 B
139 B 36ms
36ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=68912
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/5b127f1a7825086209cb9d14d26e2f86435fb3cd/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:34 GMT

GET
H2 200 dr
eb2.3lift.com/ 37 B
139 B 36ms
36ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dr?inv_code=ducumon_me_320x50_472xdefaultx1&aid=10837199502961204692700&rev=5b127f1&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=37035
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame F1D3 76 KB
26 KB 28ms
28ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0erHNZAAAAAANicbUQ0KURYTpIbR1YA75QU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame F1D3 80 KB
27 KB 46ms
45ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:35 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame F1D3 0
647 B 26ms
25ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QKOB_BMjgMAAAMA1gAFAQj64ramBhCi4K_Y2bjXlWEYr5quuvmT9KUvKjYJjas9sqpSlj8Rk_wg9u40lT8ZAAAAQOF61D8hk_wg9u40lT8pjasJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4-PEFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCpoCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1mZjQyZTVmYi05YWM4LTQyYmMtYTJhZC1mZWQ4ODZjZmIwYmUmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBmjloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0SAFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNzAwMTc5MzE0ODk2ODc1OTMzMCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekkzTnpReU5URTBNemc0TmpJak1qTXlORFUzTXpjME1EQXhOalkzTmc9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYS81tSqjbTIQMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYLNAvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAVLfAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAf48QXSBw0JDSUFJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=d04e6304e8b4abe18157ec97235bf28320a70415

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:34 GMT
an-x-request-uuid: 92ba7165-6f48-4917-a832-fa060b1f0622
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame F1D3
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=dca1484b-7d93-4e0b-bea6-9afec88373ce&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=ff42e5fb-9ac8-42bc-a2ad-fed886cfb0be&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ac317923ed5d4eafa208b0dd429273c6&SNR=1&GV=2&med=10

0
25 B

74ms
73ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ac317923ed5d4eafa208b0dd429273c6&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 28FCDEA4A37D41228110154F04CCDFC0 Ref B: AMS04EDGE1211 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674bff
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D2431BFE91194D7F9EDABF92243B3D9C Ref B: MIL30EDGE1022 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201914.48674bb0
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=ac317923ed5d4eafa208b0dd429273c6&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
quic-version: 0x00000001

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame FEA2 76 KB
26 KB 30ms
28ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0e7HNZAAAAABVl7lGGGCPQ4hCJCEmUkVzQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame FEA2 80 KB
27 KB 48ms
46ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:35 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame FEA2 0
647 B 28ms
26ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QKMB_BMjAMAAAMA1gAFAQj64ramBhD3_tDB-dCTpFsY2ej2tovA0-pLKjYJCJaI_Dl8oD8RDx2dLG5Snz8ZAAAAQOF61D8hDx2dLG5Snz8pCJYJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4j_YFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCq4CaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1hNjVhNDgwZS0zNGE0LTRjY2MtYTlhNy1hOGEyNjkxNjljYjcmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBhjloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_0NAFfZ3ZycS1wYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjU3NzU5MzYwMDA1NTcyMTg0NyIJMzgxODQ2NzE0KgRiaW5nOiRVMmh2Y0hCcGJtZEJaQ014TkRBM05qa3dNamd4TmpBeU16azTAA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWi0_eX0pf6r0nABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAFNwkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHj_YF0gcNCQkkAAAFJgjaBwYBXnwYAOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=ea7c8247cf5fb0566dec9f0072347c81d5c69513

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 3424c6b7-bafe-4e10-8d85-fc175c3229fb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame FEA2
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=154c14c7-99ac-4576-8aa3-624fb3338b9e&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=a65a480e-34a4-4ccc-a9a7-a8a269169cb7&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_4-1-0?&RG=dfe8c3d51d8d4f84a757dad32628bbf2&SNR=1&GV=2&med=10

0
25 B

67ms
67ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_4-1-0?&RG=dfe8c3d51d8d4f84a757dad32628bbf2&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 89A85D040B11492D9CB2E6B87146F2F6 Ref B: FRA31EDGE0705 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674c0a
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AB37C6CFDB3F4EBE900805C956B37010 Ref B: MIL30EDGE1311 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674bb2
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_4-1-0?&RG=dfe8c3d51d8d4f84a757dad32628bbf2&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 150
quic-version: 0x00000001

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 4AB3 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 2dd82b4f-4bf3-4da7-a42a-541972456805
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 th
www.bing.com/ Frame 0CFA 6 KB
6 KB 39ms
39ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7422079078468_1VETZIGH40TYLOT1W4&pid=21.2&c=3&w=200&h=105
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d110d1e1ceeaef2ef6c52e65cb5b4a8b48947874f6194042dcf76c28210d8f04

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:35 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201915.48674bb8
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 6061
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C08B 52 KB
17 KB 42ms
41ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:35 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:37 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 0CFA 0
647 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKKBPBMCgIAAAMA1gAFAQj64ramBhD78t_LhZvmkXQYu-Te3Piypo9BKjYJgQl3KiKOmD8RO3xXqNNTlz8ZAAAAQOF61D8hO3xXqNNTlz8pgQkJJAAxCRv0PgGUPzCi3b0NOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeLD1BYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBcSHiIe01eTle8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBeGGTPoFBAgAEACQBgCYBgC4BgDBBgAAAScs8D_QBsKNBNoGFgoQARAuAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAew9QXSBw0JESoBJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=c10308f26e91cbf32a2d21dc139066beb392ec58&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 44738fce-3b1a-463d-ac2a-f8e1806d8f45
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 11C4 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 602b1f77-400f-45e0-b0d5-d272571bee0b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame CC8C 76 KB
26 KB 29ms
28ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803

Request headers

Referer: https://www.ducumon.click/
Origin: https://www.ducumon.click
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Sat, 05 Aug 2023 02:18:34 GMT
content-encoding: br
last-modified: Fri, 04 Aug 2023 16:08:43 GMT
content-md5: h0yx9KJ7EINr+XMaLuhUjw==
etag: 0x8DB95051343B39B
x-azure-ref: 0e7HNZAAAAAAoVlbgcCNuTr4qaLr78tmMQU1TMDRFREdFMTkwNgA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bfd93c27-f01e-005c-3c3f-c7fd94000000
cache-control: private, max-age=3600
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/239/ Frame CC8C 80 KB
27 KB 45ms
44ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/239/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jul 2023 11:56:12 GMT
Server: AkamaiNetStorage
ETag: "615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Sun, 04 Aug 2024 02:18:35 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ Frame CC8C 0
647 B 26ms
26ms Image
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.ducumon.click%252F&e=wqT_3QKOB_BMjgMAAAMA1gAFAQj64ramBhCm5-DOpafStjYYu-Te3Piypo9BKjYJdmewopnJmj8R4_uNWrhymT8ZAAAAQOF61D8h4_uNWrhymT8pdmcJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4mfEFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCpoCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD02OWU2M2NlNC1jYjU4LTRiMTQtOGVlZC1kNzc3MTc1MWU0N2MmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA2jloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0SAFwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMzkyMTg3MTM2NTQ3Mzg0MjA4NiIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE00TXpneE5qY3dORGN6TVRnak1qTXpOVFl6TnpVM05UWXdOVEl4TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBcukuLaZ_ZO8G8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZKuNPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAVLfAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAeZ8QXSBw0JDSUFJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=4f95716b95cae425ab3a3955ff5ae08aa6bcb23f

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 258b01b6-6c73-4740-81e4-23d3c0e6b5cf
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame CC8C
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0f58a400-207f-4d93-9cbb-810527cc82bb&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=69e63ce4-cb58-4b14-8eed-d7771751e47c&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=8d59b3f6e8da4363bdb68f035d880c53&SNR=1&GV=2&med=10

0
25 B

70ms
70ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=8d59b3f6e8da4363bdb68f035d880c53&SNR=1&GV=2&med=10
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B480F80C502B4BCB9A2BF2AA8DA0D3F3 Ref B: FRA31EDGE0207 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674c1d
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9BBAFA29246C40C588F69827C0DACDF1 Ref B: VIEEDGE1820 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674bbc
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=8d59b3f6e8da4363bdb68f035d880c53&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
quic-version: 0x00000001

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame FBD9 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: cebb64d5-82e9-4d02-9291-f54615427224
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 49A2 0
10 B 31ms
31ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vBZaTg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 8F6F 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: c4b2f05f-d17a-498a-918f-9483560ecf0c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 4CF7 0
665 B 26ms
26ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QL6BvBMegMAAAMA1gAFAQj64ramBhDQrK2L_JmahiIYq8XxrM-TiaJMKjYJwuj8AWRUoj8RH91JaMVpoT8ZAAAAQDMzwz8hH91JaMVpoT8pwugJJAAxARvwleF6lD8wrZmcDTiYUEC1XkjjA1C6iYq2AViLtJYBYABo9sWyAXiU8QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA_ACCpoCaB0w8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03ZDNlNzk3My1mNzRhLTRjYTgtYTM1YS00NDEzYzg5YjgzYWImY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA3jloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0KgFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjQ1MzQ1MTEzODUyMjYzMzgwOCIJMzgxODQ2NzE0KgRiaW5nOiRVMmh2Y0hCcGJtZEJaQ014TkRBM05qa3hNRGczTkRFM016SXjAA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF9r331rWEoLANwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFAPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEBE1EQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeU8QXSBw0JLiYADNoHBggJL3AHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=4becb9424bf73eab4f022cee3275b6faa9d7b8a1&type=nv&nvt=5&jm=1003&px=0&py=377&bw=300&bh=162&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27724973&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: f0304401-81f3-4327-a04c-997114e9cc9d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame B265 0
596 B 38ms
38ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 5fa0d01e-737e-4933-bdbe-ef401c746458
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 061E 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: de8a2985-4d70-46a9-8ffc-3de4fecbadda
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame CBBA 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKlB_BMpQMAAAMA1gAFAQj64ramBhDMpb2DkfzgtCQYq8XxrM-TiaJMKjYJlkctJwAdqT8Rm50E8ozbpz8ZAAAAQDMzwz8hm50E8ozbpz8plkcJJAAxARvwleF6lD8wrZmcDTiYUEC1XkjjA1C6iYq2AViLtJYBYABo9sWyAXjk8QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA5sDCrECaB0w8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1jYzQzMjhlYi1hZTVkLTQzM2ItYWE1YS0zNzRkNTI0N2Y3NDcmY21FeHBJZD1MVjEmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBjjloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_0UwFfb25hYXJlLWVuYXFmdm1yJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjYyMzc3MzI2MDU4NjYzNTk4MCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOelkyT1RFeE1qZzNNemM0TWpJak1qTXlPRFE1TURjMU1EQTBPRFV5TXc9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWUpeHPmOGO1jLABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAQt0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfk8QXSBw0JASIBAQEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=8181da4985f8d3bdcf174a2a8b2cfed0c8cd9cb4&type=nv&nvt=5&jm=1003&px=0&py=283&bw=300&bh=157&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27724973&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 8818ef8c-5546-46fc-b015-7f4dbbcb2cc4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 th
www.bing.com/ Frame CD05 4 KB
5 KB 44ms
44ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.10239280471435_1OC5FXBJNYYZXPST8&pid=21.2&c=3&w=200&h=105
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2b6ea68edc11c437f824a0f5443412ff12ba5a943d910f31946f1f9ff02d8298

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:35 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201915.48674bdf
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 4589
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 87C9 52 KB
17 KB 41ms
41ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:35 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:37 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame CD05 0
647 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKIBPBMCAIAAAMA1gAFAQj64ramBhCL5_H6zNG_3wwYv_LU2Pmx9KYaKjYJXiMjk4hAnz8RM_v6voGwnT8ZAAAAQOF61D8hM_v6voGwnT8pXiMJJAAxCRv0UwGUPzCi3b0NOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeIb0BYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBdHXusmLhYT_HcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAETx4ABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHhvQF0gcNCREnASYM2gcGCAUJdOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=42c0fe46b9e3560b63de8b385badf240624ea42b&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: c225ae61-84c2-4edc-889d-9863378c037d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 86A6 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 2eb2eccb-9976-4144-976e-6a1014fd378e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 4427 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKOB_BMjgMAAAMA1gAFAQj64ramBhCJsMChxZet8EEY-s60-MWcgKYZKjYJjas9sqpSlj8Rk_wg9u40lT8ZAAAAQOF61D8hk_wg9u40lT8pjasJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4vfQFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCpoCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD04MWY4OWU1OC04ZThmLTQxNzYtOTNmNS0wNWYzMzYyNGMzOWYmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA4jloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0SAFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNDc0Njk5MjcyODIwNzc5MjEzNyIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE00TXpneE5qY3dORGN6TXpZak1qTXpOVFl6TnpVM05UWXdOVEl4TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBdarmaef0Jb9dsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZKuNPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAVLfAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAe99AXSBw0JDSUFJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=b617889f8b0334f2f39369caf0df8dca5433c614&type=nv&nvt=5&jm=1003&px=436&py=731&bw=182&bh=90&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274338&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 6ad57ad6-35fa-44d7-a20d-e87ea480d9fb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 2201 0
666 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKNB_BMjQMAAAMA1gAFAQj64ramBhDBzNi93an52X4Yn6vZlsKcsc19KjYJOmZCUQDgnD8R6q2Ys2Zumz8ZAAAAQDMzwz8h6q2Ys2Zumz8pOmYJJAAxARvwleF6lD8wrZmcDTiYUEC1XkjjA1C6iYq2AViLtJYBYABo9sWyAXiv8gWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4MDCp0CaB0w8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03OGMxYTVhYi1mMWVlLTQ3ZWItODdkYS04YTkwZGIzNDRiMWUmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA3jloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnwaXpodnFmcnlieXEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM5MTI5ODkyOTkyMTA0NDA4NjQxIgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak9ETTJNekU1T1RZME5qSXdOVEENFPBxSTNOamd6T1RnM016UT3AA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6QWVYiAUBmAUAoAXU2s6moMW22S3ABQDJBQAFARTwP9IFCQkFC3QAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYBHzQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAev8gXSBw0VYwEmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=c9353c6986a6d9b16798411dd82c1bd71dfeda63&type=nv&nvt=5&jm=1003&px=0&py=94&bw=300&bh=157&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27724973&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 4946e478-f9ce-43bb-be80-7d57be7f884c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 th
www.bing.com/ Frame 80E8 11 KB
11 KB 42ms
41ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7834045291146_1YPXZBVFLDS9KO1SD0&pid=21.2&c=16&roil=0&roit=0.1068&roir=1&roib=0.8932&w=300&h=157
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 850ee64eb74107f1731283ae9bf22a7f51ff815f8c4b60993f4e9afa5a956ee1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:35 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201915.48674c0c
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 11432
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5069 52 KB
17 KB 41ms
41ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:35 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:37 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 80E8 0
648 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKJBPBMCQIAAAMA1gAFAQj64ramBhDJibG_xsCPzRAYq8XxrM-TiaJMKjYJp7ulIIDtlD8Rq9gDH6Dhkz8ZAAAAQDMzwz8hq9gDH6Dhkz8pp7sJJAAxARv0PgHhepQ_MK2ZnA04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4lPEFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApuFTuoCGmh0dHBzOi8vd3d3LmR1Y3Vtb24uY2xpY2svgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBaG9tebEyr65O8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYABTAs8D_QBsKNBNoGFgoQBREdAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB5TxBdIHDQkRKQEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=5e89de91ab9139ed30c21ab641d0220b99fd0bb9&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 25755b95-e6b5-4374-8e5f-f1499635c7d0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 5C8E 0
664 B 28ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKOB_BVjgMAAAMA1gAFAQj64ramBhD77MnTsMz922sYu-Te3Piypo9BKjYJ95R9zapSdj8RURoEEO80dT8ZAAAAQOF61D8hURoEEO80dT8p95R9zapSdj8xAAABG_CVlD8wot29DTiYUEC1XkjjA1C6iYq2AViLtJYBYABo9sWyAXiN9QWAAQGKAQNVU0SSAQNFVVKYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDhAMKmgJodHRwETDwaWJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWY1NTYyMjFhLTc5YzctNDdkMC1hOWU4LTM2MWEyNTU1NzVjYyZjbUV4cElkPUxWMyZvQWQuRQBUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOAGaOWgC4cnR5cGU9bnVybCZ0YWdJZD0yODI3NDMzOCZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGZhlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNzc2MTkBUlg4MDMzODA3OTk1IgkzODE4NDY3MTQqBCE38MI6OFUyVmhjbU5vUVdRak56SXlNalEwTWpJM09UUXdOakVqTWpNeU5EQXlNems0TkRBek1qQTBPUT09wAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFkaHGzqGHh5ltwAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAF6sgf-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB431BdIHDQkRKAEmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=085dd2b3bb508bc961257782b75c903eaa078c7a&type=nv&nvt=5&jm=1003&px=0&py=100&bw=182&bh=90&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274338&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 4009b8db-6c89-405e-aae1-4225a7267ce2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 th
www.bing.com/ Frame F1D3 5 KB
5 KB 36ms
35ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7559306093551_1D89TTDXOC8WN3WMPL&pid=21.2&c=3&w=200&h=105
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f236875e30d1f623b12eaa38ac697b8042e02d2b6b84c112202d1e2e88411bd9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:35 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201915.48674c1a
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 5494
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C938 52 KB
17 KB 40ms
40ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:35 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:37 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame F1D3 0
647 B 28ms
27ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKKBPBMCgIAAAMA1gAFAQj64ramBhCi4K_Y2bjXlWEYr5quuvmT9KUvKjYJjas9sqpSlj8Rk_wg9u40lT8ZAAAAQOF61D8hk_wg9u40lT8pjasJJAAxCRv0PgGUPzCi3b0NOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBePjxBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYS81tSqjbTIQMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYLNAvoFBAgAEACQBgCYBgC4BgDBBgAAAScs8D_QBsKNBNoGFgoQARAuAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAf48QXSBw0JESoBJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=6eb320656bc25391c5123c3e0fed5b3f050e0e8d&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 7e3d6c78-991c-4e4c-977b-44f8bf077e5e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 th
www.bing.com/ Frame FEA2 3 KB
4 KB 40ms
39ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OPE.91k%2bmZHLWKU%2fAg300C300&pid=21.1&w=300&h=300&c=17
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7b938ac78254099d038a1b2fe35358fd5f0115acdadd504d8b86a8aa1e97155c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:35 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201915.48674c27
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 3581
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B9DC 52 KB
17 KB 42ms
41ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:35 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:37 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame FEA2 0
647 B 26ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKIBPBMCAIAAAMA1gAFAQj64ramBhD3_tDB-dCTpFsY2ej2tovA0-pLKjYJCJaI_Dl8oD8RDx2dLG5Snz8ZAAAAQOF61D8hDx2dLG5Snz8pCJYJJAAxCRv0UwGUPzCi3b0NOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeI_2BYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBaLT95fSl_qvScAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAETx4ABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHj_YF0gcNCREnASYM2gcGCAUJdOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=5670d3ad5a4d643b51485352b2d202ec334814e0&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 15f236d7-00a1-406b-b3e0-4ea324821047
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 th
www.bing.com/ Frame CC8C 6 KB
6 KB 111ms
110ms Image
image/jpeg 2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7559527008262_1J4ES5CISILVD1IX3I&pid=21.2&c=17&roil=0&roit=0.1075&roir=1&roib=0.8925&w=200&h=105
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 25344045e1a4ef6c83106f9145a69065214da1fdf91cb6278c549611c871dc9b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:35 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.39d53e17.1691201915.48674c31
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 5777
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 82F1 52 KB
17 KB 40ms
39ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423
Requested by: Host: www.ducumon.click
URL: https://www.ducumon.click/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:35 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:37 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame CC8C 0
647 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKKBPBMCgIAAAMA1gAFAQj64ramBhCm5-DOpafStjYYu-Te3Piypo9BKjYJdmewopnJmj8R4_uNWrhymT8ZAAAAQOF61D8h4_uNWrhymT8pdmcJJAAxCRv0PgGUPzCi3b0NOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeJnxBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBcukuLaZ_ZO8G8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZKuNPoFBAgAEACQBgCYBgC4BgDBBgAAAScs8D_QBsKNBNoGFgoQARAuAQB0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeZ8QXSBw0JESoBJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=8934b949e561ffa13b8b518d341b66886c260ffa&bdref=https%3A%2F%2Fwww.ducumon.click%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F,https%3A%2F%2Fwww.ducumon.click%2F&

Requested by

Host: www.ducumon.click
URL: https://www.ducumon.click/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 4374632d-f988-4974-b16b-dc18b301cf4e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C08B 0
596 B 27ms
27ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: ab3047b9-5c3f-44b1-82a1-38e7084173e7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 0CFA 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKgB_BMoAMAAAMA1gAFAQj64ramBhD78t_LhZvmkXQYu-Te3Piypo9BKjYJgQl3KiKOmD8RO3xXqNNTlz8ZAAAAQOF61D8hO3xXqNNTlz8pgQkJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4sPUFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA5YDCqwCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1kYTliNGIwYi1lMmRlLTQ0OGUtOTRkYS1mMWNiZTJmNmE3NDgmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBkjloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_w5V9lcmlyZWZyaHpmJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTODM2ODcwMDU4NzU2NTkwNjI5OSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekV6TXpFd05EVXdOekkxTXpFak1qTXlNekV6TURZek1EYzFPREF5TUE9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAERXZYiAUBmAUAoAXEh4iHtNXk5XvABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBeGGTPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB7D1BdIHDRVlASYI2gcGAV58GADgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=664ecc174c42f54a264cf5322edff06810204805&type=nv&nvt=5&jm=1003&px=0&py=200&bw=182&bh=90&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274338&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 363cdcbd-e950-49a3-9af2-e39ca52abe85
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 87C9 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: c8a25b09-3921-4dec-8aaf-4c90ed706a7d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 5069 0
596 B 27ms
27ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 22b9481b-87a5-490d-ac0d-f3c5169f2b66
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame CD05 0
665 B 26ms
26ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKLB_BMiwMAAAMA1gAFAQj64ramBhCL5_H6zNG_3wwYv_LU2Pmx9KYaKjYJXiMjk4hAnz8RM_v6voGwnT8ZAAAAQOF61D8hM_v6voGwnT8pXiMJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4hvQFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4MDCpoCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD01MWU2ZDQxYi1iNTVhLTRiNTEtYjE4ZC1mOGRiMjc3MmQ5NzImY21FeHBJZD1MVjEmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA1jloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnwQGVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhI5MTg0NTEyNTQ3NTc5NzkwMTkiCTM4MTg0NjcxNCoEITbwwjo4VTJWaGNtTm9RV1FqT0RRek9EZ3dNell4T1RVd056UWpNak16TmpFNE56TXpNVFUzTmpBNU13PT3AA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXR17rJi4WE_x3ABQDJBQAAAAAAAPA_0gUJCQkMcAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB4b0BdIHDQkRKAEmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=3bb320b60e6f705601d2f53a3002f48b222c35db&type=nv&nvt=5&jm=1003&px=0&py=299&bw=182&bh=90&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274338&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 7ff32e1e-dc3c-4555-b45a-4aecfce392e1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C938 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 3c7d7d7c-5830-4439-b5a3-4f2e16b0f47d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame B9DC 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 7eac7c2a-f9f7-4a19-b8bd-9f56607d3986
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 82F1 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 385b7565-e7d8-467d-bbdc-4c289aa37611
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 80E8 0
665 B 29ms
28ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKOB_BMjgMAAAMA1gAFAQj64ramBhDJibG_xsCPzRAYq8XxrM-TiaJMKjYJp7ulIIDtlD8Rq9gDH6Dhkz8ZAAAAQDMzwz8hq9gDH6Dhkz8pp7sJJAAxARvwleF6lD8wrZmcDTiYUEC1XkjjA1C6iYq2AViLtJYBYABo9sWyAXiU8QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCpoCaB0w8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1mMDQ2MGI2Ny1lYmM0LTRjYzgtOTBhYS01YTQ5Y2Q2ODQ1OTcmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBmjloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0PgFwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMTE5NjMzNjgzOTY2NDYxNjY0OSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPREF6TXpNeE9UZ3dOVEEyTkRrak1qTXpNakV6TWpnNE1qTTFOemMzTlE9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWhvbXmxMq-uTvABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQCUEZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB5TxBdIHDQkRKAEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=89101d9356fdc5201d9f4c1036e56a2710bee2a6&type=nv&nvt=5&jm=1003&px=0&py=471&bw=300&bh=157&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27724973&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 12cfc887-6ff3-44d7-bd71-9e15eb0c97ae
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame F1D3 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKOB_BMjgMAAAMA1gAFAQj64ramBhCi4K_Y2bjXlWEYr5quuvmT9KUvKjYJjas9sqpSlj8Rk_wg9u40lT8ZAAAAQOF61D8hk_wg9u40lT8pjasJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4-PEFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCpoCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1mZjQyZTVmYi05YWM4LTQyYmMtYTJhZC1mZWQ4ODZjZmIwYmUmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBmjloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0SAFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNzAwMTc5MzE0ODk2ODc1OTMzMCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekkzTnpReU5URTBNemc0TmpJak1qTXlORFUzTXpjME1EQXhOalkzTmc9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYS81tSqjbTIQMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYLNAvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAVLfAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAf48QXSBw0JDSUFJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=d04e6304e8b4abe18157ec97235bf28320a70415&type=nv&nvt=5&jm=1003&px=0&py=499&bw=182&bh=90&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274338&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: d845b2c0-6836-4f82-9821-66609852f23d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame FEA2 0
665 B 26ms
26ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKMB_BMjAMAAAMA1gAFAQj64ramBhD3_tDB-dCTpFsY2ej2tovA0-pLKjYJCJaI_Dl8oD8RDx2dLG5Snz8ZAAAAQOF61D8hDx2dLG5Snz8pCJYJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4j_YFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCq4CaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1hNjVhNDgwZS0zNGE0LTRjY2MtYTlhNy1hOGEyNjkxNjljYjcmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBhjloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_0NAFfZ3ZycS1wYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjU3NzU5MzYwMDA1NTcyMTg0NyIJMzgxODQ2NzE0KgRiaW5nOiRVMmh2Y0hCcGJtZEJaQ014TkRBM05qa3dNamd4TmpBeU16azTAA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWi0_eX0pf6r0nABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAFNwkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHj_YF0gcNCQkkAAAFJgjaBwYBXnwYAOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=ea7c8247cf5fb0566dec9f0072347c81d5c69513&type=nv&nvt=5&jm=1003&px=0&py=599&bw=182&bh=90&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274338&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: ebcc2a4c-bc78-4326-b488-664ae6c941b8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame CC8C 0
665 B 26ms
26ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKOB_BMjgMAAAMA1gAFAQj64ramBhCm5-DOpafStjYYu-Te3Piypo9BKjYJdmewopnJmj8R4_uNWrhymT8ZAAAAQOF61D8h4_uNWrhymT8pdmcJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4mfEFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCpoCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD02OWU2M2NlNC1jYjU4LTRiMTQtOGVlZC1kNzc3MTc1MWU0N2MmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA2jloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0SAFwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMzkyMTg3MTM2NTQ3Mzg0MjA4NiIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE00TXpneE5qY3dORGN6TVRnak1qTXpOVFl6TnpVM05UWXdOVEl4TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBcukuLaZ_ZO8G8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZKuNPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAVLfAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAeZ8QXSBw0JDSUFJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=4f95716b95cae425ab3a3955ff5ae08aa6bcb23f&type=nv&nvt=5&jm=1003&px=0&py=0&bw=182&bh=90&sid=6766336941958310472&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274338&sw=1600&sh=1200&pw=1600&ph=4323&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 8f67a9e8-e113-45ab-a233-a8c37715acfa
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 95A3
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=cd37dd7a-efb5-4ea8-ae9c-259d042ea4b1&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=7077f5a0-7f59-4a07-ab98-acca4a9b0e6e&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=2e9ec9bb794d443397203d60975d6d26&tids=15000&med=10

0
25 B

71ms
70ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=2e9ec9bb794d443397203d60975d6d26&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3766D615BD334B0E944DACD9FD371889 Ref B: FRA31EDGE0515 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674c93
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1982B68702EF43018AEFA6E3A5EF82B0 Ref B: MIL30EDGE1308 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674c6e
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=2e9ec9bb794d443397203d60975d6d26&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 94BC 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKEB-iEAwAAAwDWAAUBCPnitqYGEJqx48yktf_mAhgAKjYJujpQkOPheD8RyjdM_GSjdz8ZAAAAgOtRyD8hyg0SACkRJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF4yPIFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDhQMKnAJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD1kY2IxOTA0MC02NDI4LTQ3MDQtYjM3Ni1kZDM2YjhmMDdmOGMmY21FeHBJZD1MVjMmb0FkVW4ZRVRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4UZGNiMTkweloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0SAFlZ29fWllfaTImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhIyMDIwOTY0NjYxMjI1NjE2OTAiCTI0NjQ1MzgzNSoEYmluZzo4VTJWaGNtTm9RV1FqTnpFNU5EazFNekEzTVRZek5EWWpNak15TXpjME9URXdOakE0TXpJM05BPT3AA-CoAcgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFw_zhqKHep7NfwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFAPoFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAE6iAAAABAAGADgBgzyBgIIAIAHAYgHAKAHQcgHyPIF0gcNCQAACQIBJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=277e1d19a3307d50f1212ea57447c3d13bc95ece&type=pv&jm=1400|1003|1421&px=1440&py=50&bw=160&bh=600&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=27724974&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 78432359-8038-4fa4-b633-0f2a3fcbcf18
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=2f00a8be-b860-4498-b33d-48ce4de905df&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=dcb19040-6428-4704-b376-dd36b8f07f8c&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=87e8b16c072e4fdaa0143b55af287ad9&tids=15000&med=10

0
32 B

78ms
78ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=87e8b16c072e4fdaa0143b55af287ad9&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6E2352F7DBF84D7AAAD7DE58C9EAF605 Ref B: FRAEDGE1705 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674cfc
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E4E1B0EE4FE04E7C94ADCE98953F05F6 Ref B: MIL30EDGE1113 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674ce2
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=87e8b16c072e4fdaa0143b55af287ad9&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 95A3 0
665 B 26ms
26ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKNB-iNAwAAAwDWAAUBCPnitqYGENSIodO-7e6uZRgAKjYJuS8eGgC-kD8ReScGmGbPjz8ZAAAAgOtRyD8heQ0SACkRJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeIj1BYABAYoBA1VTRJIBA0VVUpgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDiwMKoQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03MDc3ZjVhMC03ZjU5LTRhMDctYWI5OC1hY2NhNGE5YjBlNmUmY21FeHBJZD1MVjMmb0EyRQBUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOCDcwN4ZaALhydHlwZT1udXJsJnRhZ0lkPTI3NzI0OTc0JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ9DQBZWdvX1pZX2kyX2doYXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3MzA0MjAwMjQyODMzNDA5MTA4IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak56WTRPVGN5TmpVMU56RTJNVE1qTWpNeU9EWTVOamt3T0RNM05UZ3lOZz09wAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfD9nZnpkf2bUMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYADS8k0AbCjQTaBhYKEAURHQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeI9QXSBw0JESkBJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=6993a02d8ed5893594ad9b96436a410ed3c3d801&type=pv&jm=1003&px=0&py=0&bw=160&bh=160&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27724974&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 64f0d924-0d59-4ab8-bea2-9c572f99bb5d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 5609
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ffbb3d59-6850-4bfc-9f83-509bee6e1070&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=26f06343-8b24-4031-9e1d-c5ad7e291ac0&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ed2171c16afe407fa860d1bddd0cc074&tids=15000&med=10

0
32 B

76ms
75ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ed2171c16afe407fa860d1bddd0cc074&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3D7480666E11406AA2105FE1A3BB55B0 Ref B: DUS30EDGE0908 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674d01
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 70B95A4466D24D91B992236D0A9224FC Ref B: VIEEDGE2811 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674ce6
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ed2171c16afe407fa860d1bddd0cc074&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame EFF6 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKGB-iGAwAAAwDWAAUBCPnitqYGEOTJpNLP4efJNxgAKjYJHOzcW_x9oD8RNVq94cVVnz8ZAAAAgOtRyD8hNQ0SBCkcDST0DgExAAAAQOF6lD8wrpmcDTiYUEC1XkjjA1DLrMJ1WIu0lgFgAGj2xbIBeIrxBYABAYoBA1VTRJIBA0VVUpgBAaABAagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4UDCp8CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxMjcwJmF1SWQ9M2VjZWQ4ZDktMTk2NS00NGMzLWI5Y2MtMjY1MWQ0MWEwNDNmJmNtRXhwSWQ9TFYzJm9BZFVuGUVUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOFDNlY2VkOHpaALhydHlwZT1udXJsJnRhZ0lkPTI3NzI0OTc0JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZ9EgBZmdub3lydnFjbmZmJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNDAwNDcxOTM3MTc1MDAyNDQyMCIJMjQ2NDUzODM1KgRiaW5nOjRVMlZoY21Ob1FXUWpOekl6TmpFNU1EWTNOVFV5TWpjak56SXpOakl3T0RNd05UQTNNRFE9wAPgqAHIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMuswnWIBQGYBQCgBfzt1Oiu5ZKZdMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbreA_oFBAgAEACQBgGYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAABOgUBdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHivEF0gcNCQUjBAAABSYI2gcGAV58GADgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=d84ab697c6897f7baaedffa69078c5e0edd0303f&type=pv&jm=1400|1003|1421&px=0&py=82&bw=160&bh=600&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=27724974&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 7050ca67-30af-419a-9d53-8f786afc7cb6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=a61f54ce-1ed2-4b75-ad78-1fcbaf73327c&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=3eced8d9-1965-44c3-b9cc-2651d41a043f&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=fd005494ce304c2db4a4cf2c8e12aad5&tids=1&med=10

0
32 B

79ms
79ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=fd005494ce304c2db4a4cf2c8e12aad5&tids=1&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AFD16EA6E962499D92422E0C3FFC08D4 Ref B: FRA31EDGE0805 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674d03
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E5CA45DBC3BD4DB0B7D88BFDFCB4C070 Ref B: MIL30EDGE1121 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674cef
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=fd005494ce304c2db4a4cf2c8e12aad5&tids=1&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 142
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame FC77 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QLuBuhuAwAAAwDWAAUBCPnitqYGEKOk0fbtxsC1ChgAKjYJSsDdNIMIsz8R4KnSC-MUsj8ZAAAAgOtRyD8h4A0SACkRJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF4y_EFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoD7wIKmgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD03YzlmOGU3Yy0zYzk3LTRhYzktODZkMy0xM2MwOTEzYmFlOTAmY21FeHBJZD1MVjEmb0FkVW4ZRVRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4UN2M5ZjhleloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0FwFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoSNzUwNjk2MTk3NTc3MjY1Njk5IgkyNDY0NTM4MzUqBGJpbmc6JFUyaHZjSEJwYm1kQlpDTXhOREEzTmpVeU9ESTROalExTkRjNcAD4KgByAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATLrMJ1iAUBmAUAoAWA6OuAk5TZ_jPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAZgGALgGAMEGCSIs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYM8gYCCACABwGIBwCgB0HIB8vxBdIHDQkRKAEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=d2ac5601d55e870cdf60078a77a31aa20d3ff2be&type=pv&jm=1400|1003|1421&px=0&py=165&bw=160&bh=600&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=27724974&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 14589734-b683-4199-9cc5-4d1b98c31291
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=42b05b5f-d3cc-4c4b-a49a-5b76f73711a2&cmExpId=LV1&oAdUnit=391270&publisherId=162645330&rId=7c9f8e7c-3c97-4ac9-86d3-13c0913bae90&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4a97222eda484e229472a5cdc6bb0480&tids=3&med=10

0
34 B

85ms
85ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4a97222eda484e229472a5cdc6bb0480&tids=3&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ED79006A9A8D4A48BD0C08D1F844CA03 Ref B: FRA31EDGE0110 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674d06
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 370E464E8EF94B89847EE240EE16CEF1 Ref B: MIL30EDGE1122 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674cf1
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4a97222eda484e229472a5cdc6bb0480&tids=3&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 142
quic-version: 0x00000001

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 96ms
95ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308010101&jk=138438793603560&bg=!09Cl0ITNAAZGOVy5Zjk7ADkAdvg8Wv91s_hh7BnZe3OuX2-S6HPC-AX0j7ODIdOT6bn4qiTs3oVEda4P9oGghJ3JoXvt7zdO5MQCAAACTVIAAAAGaAEHmQKkZspmKC5ZNGRn6yiyzFLLJ2kg7Ky6qcHkHbAf4dWakG8no7KzffksjgTaMVOjrvEQn7MPZzduMcjjis4aXiwfdwOp4o5mY7lNnnD6G3C9Vz0u1fTNnEDao8fq5kMkGgbQmJkEEbOhbSZx4e8rtrYHowiJ3I5jEYCj3eNgt0IAbMJcHJR9f6AAvfORsGbtFGQq7XMP80kO2u91oHb0p_dUdsYgfC4dcJhIVFw5euQKUH_EREDPJpuIdrFPT4BJgHaKRhyifwcVKDoG213SBHL6G7eGJhrZwcnex3tz-4z4YZSiTQr62VTVIDaQZWOnr5jPqpIwAsSucXStP3tpMa9w1KiJNYBaUMVDEDIM9xxotFV4gbcKIrxwZaAi3bw88Y5vmcP09DswWIHf_nUS9SaBIdNvnmBprG0wD6VmaetaO8TnfxsjtPwUlzN3MB0AmswAaqHqeCq4J3U5DtJke8qTTZeYljFIIfkPAzZKL6EC2gToFjAA0X9lXjTp-iNWfBXUvnqa6x46yjExoIQHxWxdKnGTJ7LvaJCHAX2LA14EMYg6q8cVk7u4PFkU_OyRf2WqqhvchxOz8UH4ajU_98oOX1Ll9gLvPc5IRbGq25C6clKxYnjcOltL4U0fhv4mzvqffIsxLWXQVeqYH6GYc45RxSfZgo08xCqZ3CD5AxtOmN9OrKlcOpzuUhCD-cYG-K82mSYS_XhTcX2FzQUXh43rURGA5VbJm-XHEsDKAHJxUEh_YhiCMwL9VcthOEbqkWyp_OQ9HFcHsQ2UpWpfrexNtfLXtSjC68U1p0lINe0TfUORVlCGZlUCUu8YimFd3GjWUheg8ZoZLSE2YRvDMcIKsuqx0zfAZfKRsyqTS8EZvCjq8tcunsNbLcPJXh2SMqsS8nlG1g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3

200

c.gif
www.bing.com/aes/ Frame 4427
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=e21a03f4-4ddb-4a42-8fde-4b38a714ddcc&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=81f89e58-8e8f-4176-93f5-05f33624c39f&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4624b30a0cd44495ade1c6f1f91165dd&tids=15000&med=10

0
32 B

80ms
79ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4624b30a0cd44495ade1c6f1f91165dd&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AB9386B30BB44742A344FF9F0715DE68 Ref B: FRAEDGE1817 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674d27
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D7DE9935E1FC4C58A03536882ED83A17 Ref B: MIL30EDGE1106 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674d12
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4624b30a0cd44495ade1c6f1f91165dd&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H3

200

c.gif
www.bing.com/aes/ Frame CBBA
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=216ebab9-f6e2-4989-b3a0-98780a4d8749&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=cc4328eb-ae5d-433b-aa5a-374d5247f747&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7aa0029971d0446984bced3893d01061&tids=15000&med=10

0
32 B

74ms
73ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7aa0029971d0446984bced3893d01061&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E3AC842976D74D03AB202F54B1867BD7 Ref B: FRA31EDGE0116 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674d28
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3A4665BF9E2A43AB9F193694D4174DD2 Ref B: MIL30EDGE1120 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674d13
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=7aa0029971d0446984bced3893d01061&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H3

200

c.gif
www.bing.com/aes/ Frame 4CF7
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5e7dca4f-fda3-4eb4-bdf6-9a3eba29bd98&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=7d3e7973-f74a-4ca8-a35a-4413c89b83ab&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ff6c989d9d744339912459a5bade9a13&tids=4&med=10

0
33 B

77ms
77ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ff6c989d9d744339912459a5bade9a13&tids=4&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 57FEAA5FD28F451296563018329292B6 Ref B: FRA31EDGE0120 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674d2c
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DA7AC24EE4054F23B2B3F983EB9030E6 Ref B: MIL30EDGE1113 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674d14
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ff6c989d9d744339912459a5bade9a13&tids=4&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 142
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 1B5B 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKDB-iDAwAAAwDWAAUBCPnitqYGENKJvtKOi--WYhgAKjYJbexvxBRBkz8RzlNqh6BKkj8ZAAAAgOtRyD8hzg0SACkRJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF4ovMFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDhAMKmgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD1lMTA2MGJhMS04YjcxLTRiZDMtOGJiOC02YTZjMjZkOWIwYmUmY21FeHBJZD1MVjEmb0FkVW4ZRVRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4UZTEwNjBieloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRngZXJmcmVpciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzcwNzQ1MTc2Nzk3NDMxNDEwNzQiCTI0Aanw0DgzNSoEYmluZzo4VTJWaGNtTm9RV1FqTnpnME56YzRORGcyTnpBeE5qWWpNak16TURJM056UTFOalF5TVRZNU5RPT3AA-CoAcgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAF0t6pl_2Zmu92wAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5o2AUB4AUB8AUA-gUECAAQAJAGAZgGALgGAMEGAR80AADwP9AGwo0E2gYWChAJEhkBdBAAGADgBgzyBgIIAIAHAYgHAKAHQcgHovMF0gcNCREoASYI2gcGAV58GADgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=19fd87cdfe14ef5da2e14f212ccb30e7ef0270ef&type=pv&jm=1400|1003|1421&px=0&py=247&bw=160&bh=600&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=27724974&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: e6f4d4f5-d361-4481-a035-eddff572fe73
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=fe9ebe40-0bab-4536-8338-5f58f789d98f&cmExpId=LV1&oAdUnit=391270&publisherId=162645330&rId=e1060ba1-8b71-4bd3-8bb8-6a6c26d9b0be&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=1d133d8a630e472eb25a8c0662a234be&tids=15000&med=10

0
33 B

72ms
72ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=1d133d8a630e472eb25a8c0662a234be&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5BFAFB5DC05A47A6855B25B2496E927C Ref B: FRA31EDGE0706 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674d43
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3380AA7C291042ABA3FC961199DF8E1A Ref B: MIL30EDGE1311 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674d1f
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=1d133d8a630e472eb25a8c0662a234be&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 1317 0
666 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKXB-iXAwAAAwDWAAUBCPnitqYGEO6_iubpifrULRgAKjYJYub8o-dTlT8R3drJ2-hClD8ZAAAAgOtRyD8h3Q0SACkRJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF4ivcFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDmAMKrgJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD01YTI3MmEzYy1iYWM0LTQ3YjktOWJlZC1hOTIwNTcyMGJlZjImY21FeHBJZD1MVjMmb0FkVW4ZRVRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4UNWEyNzJheloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_wPl9ndnJxLXBiYWdlYnkmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhMzMjkwNDE2NDI3MTA1OTUxNzI2IgkyNAG98NA4MzUqBGJpbmc6OFUyVmhjbU5vUVdRak56azJORFl3Tmpjek5URTJPVEFqTWpNek1UUTBOVFk0TnpjMU1UWTNNdz09wAPgqAHIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBMuswnWIBQGYBQCgBceb6Yq_ydfbGcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEOaNgFAeAFAfAFAPoFBAgAEACQBgGYBgC4BgDBBgEfNAAA8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYM8gYCCACABwGIBwCgB0HIB4r3BdIHDQkRKAEmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=e3690cfd9b601e3f2df493a305c2105b8787a867&type=pv&jm=1400|1003|1421&px=0&py=329&bw=160&bh=600&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=27724974&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 1086b663-c860-4535-8976-9b7c98d25d82
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=f1b434c0-6587-47ce-9b26-c9129f148d21&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=5a272a3c-bac4-47b9-9bed-a9205720bef2&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=911fec7e48fe4aa3915e1e9f914d383f&tids=15000&med=10

0
33 B

72ms
72ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=911fec7e48fe4aa3915e1e9f914d383f&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 96FD2A1AE6BA4F81BC53663543666A5D Ref B: FRA31EDGE0611 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674d50
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DC7F1E1218C145D288F39D099A53B2FE Ref B: VIEEDGE2112 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201915.48674d20
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=911fec7e48fe4aa3915e1e9f914d383f&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame B7BF 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKjB_BMowMAAAMA1gAFAQj54ramBhCLv63h8tHF8XkY9NzxwObI565eKjYJXEeHreGomj8RMeqmMaNTmT8ZAAAAgOtRyD8hMeqmMaNTmT8pXEcJJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDUMuswnVYi7SWAWAAaPbFsgF47vEFgAEBigEDVVNEkgEDRVVSmAEBoAEBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDmgMKsAJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTEyNzAmYXVJZD03MmIyMDAwMi1kNGFhLTRmODAtYjRhYi0yZGU4ZmU2MWM4NGUmY21FeHBJZD1MVjMmb0FkVW4ZRVRwdWJsaXNoZXJJZD0xNjI2NDUzMzAmAQ4UNzJiMjAweloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzQmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_wQF9lcmRocmZnWXJpcnlZMSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzg3ODI4ODg1MDI0Nzk3NzM1NzkiCTI0Ab_w0DgzNSoEYmluZzo4VTJWaGNtTm9RV1FqTnpjeE56SXhOalEyTlRnNU9EUWpNak15T0RrM01UYzROak0zT1RVMU13PT3AA-CoAcgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEEAgAEAEYoAEg2AQoADAAOAK4BADABADIBADaBAIIAeAEAfAEy6zCdYgFAZgFAKAFmMbo3qC50b4jwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXk0wz6BQQIABAAkAYBmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGDPIGAggAgAcBiAcAoAdByAfu8QXSBw0JESgBJgjaBwYBXnwYAOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=de6dbc21d924016386dedcc7cae28d631f9ab477&type=pv&jm=1400|1003|1421&px=0&py=411&bw=160&bh=600&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=native1-18hs&ua=chrome52&pl=win&x=v&tag_id=27724974&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:35 GMT
an-x-request-uuid: 51b05a07-4c43-4fab-ab77-660b94d528c4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391270&auId=0276a8e0-b663-4ad0-802c-c9390fe84cb1&cmExpId=LV3&oAdUnit=391270&publisherId=162645330&rId=72b20002-d4aa-4f80-b4ab-2de8fe61c84e&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=c533beb4ba704659b991c75334775394&tids=15000&med=10

0
33 B

75ms
74ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=c533beb4ba704659b991c75334775394&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6B9C1ACAC48E4425BE03728F66818C97 Ref B: FRA31EDGE0207 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674d4a
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CC28E070D29E49CF8436E895D2558BC2 Ref B: MIL30EDGE1418 Ref C: 2023-08-05T02:18:35Z
x-cdn-traceid: 0.39d53e17.1691201915.48674d21
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=c533beb4ba704659b991c75334775394&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H3

200

c.gif
www.bing.com/aes/ Frame 2201
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=03add599-8905-4fed-b4f6-4d5a475233ec&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=78c1a5ab-f1ee-47eb-87da-8a90db344b1e&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=10a49791dcef47bab024376eb74b7f1b&tids=1&med=10

0
33 B

75ms
75ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=10a49791dcef47bab024376eb74b7f1b&tids=1&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A25D7604FF4F4471A7DBDBA906478F9F Ref B: FRA31EDGE0805 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674d4b
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 675C932CEEB04B0FB9542A3FACA5A91C Ref B: MIL30EDGE1316 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201915.48674d22
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=10a49791dcef47bab024376eb74b7f1b&tids=1&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 142
quic-version: 0x00000001

GET
H3

200

c.gif
www.bing.com/aes/ Frame 5C8E
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=a7d4e25f-a37e-4880-ae6b-8be5a1da81b8&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=f556221a-79c7-47d0-a9e8-361a255575cc&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=8dbd6571dbb14c959cc178533a3aa24e&tids=15000&med=10

0
33 B

69ms
69ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=8dbd6571dbb14c959cc178533a3aa24e&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3B7A67451857405FA91690051651782E Ref B: FRA31EDGE0621 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674d52
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D5FC8562DD664D84ABFBE32379C07507 Ref B: VIEEDGE1918 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201915.48674d23
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=8dbd6571dbb14c959cc178533a3aa24e&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 4AB3 0
597 B 27ms
27ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 9586f578-cefc-4c5b-8569-185abf4f7732
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 11C4 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 3115c8bc-4432-4541-9b9a-6309526c6476
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame FBD9 0
597 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 139869f4-c4b3-4155-9859-f29492454738
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 8F6F 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: b14c4703-4d9a-4187-b60a-cc1f83b9f310
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 5609 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKrB_BMqwMAAAMA1gAFAQj54ramBhCZ8ZX6kuj43REY9NzxwObI565eKjYJ95R9zapSpj8RURoEEO80pT8ZAAAAgOtRyD8hURoEEO80pT8p95QJJPQOATEAAABA4XqUPzCumZwNOJhQQLVeSOMDULqJirYBWIu0lgFgAGj2xbIBeKn0BYABAYoBA1VTRJIBA0VVUpgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDoQMKtwJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0yNmYwNjM0My04YjI0LTQwMzEtOWUxZC1jNWFkN2UyOTFhYzAmY21FeHBJZD1MVjMmb0EyRQBUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOCDI2ZoZaALhydHlwZT1udXJsJnRhZ0lkPTI3NzI0OTc0JnRyYWZmaWNHcm91cD1rbmFxZV8zYxEWCFN1YgkZFHp6ZiUzQREf9FMBX29lbmFxX2Zuc3JnbF9veWJweHZhdCZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzEyNzc4NjQ3ODgzOTUxMjg5ODUiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqTnpZMk9URXhNamczTXpjNE1qSWpNak15T0RRNU1EYzFNREEwT0RVeU13PT3AA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF2aCVnsbO2_NWwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFAPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAFFCQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAep9AXSBw0VYwEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=eac56cd899c818beef8b36e116ea846ce809432d&type=pv&jm=1003&px=0&py=494&bw=160&bh=160&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27724974&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 243736d7-707c-40b3-89bb-25b1d64ae61a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame B265 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 1777cd0f-660f-4648-a8b0-887b5fa2b1b2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 061E 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 348f357d-ef47-48cb-a85b-f6aa70c786ad
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 86A6 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: b387e257-f104-4dee-a5c7-e37fb279ae8c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 4CF7 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QL6BvBMegMAAAMA1gAFAQj64ramBhDQrK2L_JmahiIYq8XxrM-TiaJMKjYJwuj8AWRUoj8RH91JaMVpoT8ZAAAAQDMzwz8hH91JaMVpoT8pwugJJAAxARvwleF6lD8wrZmcDTiYUEC1XkjjA1C6iYq2AViLtJYBYABo9sWyAXiU8QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA_ACCpoCaB0w8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03ZDNlNzk3My1mNzRhLTRjYTgtYTM1YS00NDEzYzg5YjgzYWImY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA3jloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0KgFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjQ1MzQ1MTEzODUyMjYzMzgwOCIJMzgxODQ2NzE0KgRiaW5nOiRVMmh2Y0hCcGJtZEJaQ014TkRBM05qa3hNRGczTkRFM016SXjAA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF9r331rWEoLANwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFAPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEBE1EQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeU8QXSBw0JLiYADNoHBggJL3AHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=4becb9424bf73eab4f022cee3275b6faa9d7b8a1&type=pv&jm=1003&px=0&py=377&bw=300&bh=162&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27724973&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: be64aabe-0b9e-4cbb-a63f-3906f94c5c08
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 0CFA
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=74bc6af1-c0bb-4958-8a94-3349882df400&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=da9b4b0b-e2de-448e-94da-f1cbe2f6a748&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=02589751547c4a7e9b4ef57ac239ae20&tids=15000&med=10

0
33 B

78ms
78ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=02589751547c4a7e9b4ef57ac239ae20&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F26F1C64F57A4C26BEB6ABABEBE09290 Ref B: DUS30EDGE0309 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674d74
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 723AD682F9B04DBE846E1E732A93E583 Ref B: MIL30EDGE1306 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674d65
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=02589751547c4a7e9b4ef57ac239ae20&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C08B 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: e309e1ec-f3f9-4779-9dee-9e43c1f7fb9b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 4427 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKOB_BMjgMAAAMA1gAFAQj64ramBhCJsMChxZet8EEY-s60-MWcgKYZKjYJjas9sqpSlj8Rk_wg9u40lT8ZAAAAQOF61D8hk_wg9u40lT8pjasJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4vfQFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCpoCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD04MWY4OWU1OC04ZThmLTQxNzYtOTNmNS0wNWYzMzYyNGMzOWYmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA4jloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0SAFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNDc0Njk5MjcyODIwNzc5MjEzNyIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE00TXpneE5qY3dORGN6TXpZak1qTXpOVFl6TnpVM05UWXdOVEl4TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBdarmaef0Jb9dsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZKuNPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAVLfAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAe99AXSBw0JDSUFJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=b617889f8b0334f2f39369caf0df8dca5433c614&type=pv&jm=1003&px=436&py=731&bw=182&bh=90&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274338&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 074236a8-0ffb-47b0-b8ba-62bcc7c2bb25
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame CBBA 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKlB_BMpQMAAAMA1gAFAQj64ramBhDMpb2DkfzgtCQYq8XxrM-TiaJMKjYJlkctJwAdqT8Rm50E8ozbpz8ZAAAAQDMzwz8hm50E8ozbpz8plkcJJAAxARvwleF6lD8wrZmcDTiYUEC1XkjjA1C6iYq2AViLtJYBYABo9sWyAXjk8QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA5sDCrECaB0w8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1jYzQzMjhlYi1hZTVkLTQzM2ItYWE1YS0zNzRkNTI0N2Y3NDcmY21FeHBJZD1MVjEmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBjjloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_0UwFfb25hYXJlLWVuYXFmdm1yJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMjYyMzc3MzI2MDU4NjYzNTk4MCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOelkyT1RFeE1qZzNNemM0TWpJak1qTXlPRFE1TURjMU1EQTBPRFV5TXc9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWUpeHPmOGO1jLABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAQt0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfk8QXSBw0JASIBAQEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=8181da4985f8d3bdcf174a2a8b2cfed0c8cd9cb4&type=pv&jm=1003&px=0&py=283&bw=300&bh=157&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27724973&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 4fec92da-4b81-44a1-9cf5-c999ee20dc4d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame CD05
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=ab2dab19-eac0-42df-a04a-39d5f66d09c8&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=51e6d41b-b55a-4b51-b18d-f8db2772d972&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ca3a22f67c864722b07f36732d1904dd&tids=15000&med=10

0
35 B

69ms
69ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ca3a22f67c864722b07f36732d1904dd&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6A4D350391A3413CA86CC5919C34D03C Ref B: FRA31EDGE0715 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674da7
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2F1D0F3871DE492DAC465861ACF9C1D3 Ref B: MIL30EDGE1521 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674d82
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ca3a22f67c864722b07f36732d1904dd&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 2201 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKNB_BMjQMAAAMA1gAFAQj64ramBhDBzNi93an52X4Yn6vZlsKcsc19KjYJOmZCUQDgnD8R6q2Ys2Zumz8ZAAAAQDMzwz8h6q2Ys2Zumz8pOmYJJAAxARvwleF6lD8wrZmcDTiYUEC1XkjjA1C6iYq2AViLtJYBYABo9sWyAXiv8gWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4MDCp0CaB0w8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD03OGMxYTVhYi1mMWVlLTQ3ZWItODdkYS04YTkwZGIzNDRiMWUmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA3jloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnwaXpodnFmcnlieXEmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM5MTI5ODkyOTkyMTA0NDA4NjQxIgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak9ETTJNekU1T1RZME5qSXdOVEENFPBxSTNOamd6T1RnM016UT3AA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6QWVYiAUBmAUAoAXU2s6moMW22S3ABQDJBQAFARTwP9IFCQkFC3QAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYBHzQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAev8gXSBw0VYwEmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=c9353c6986a6d9b16798411dd82c1bd71dfeda63&type=pv&jm=1003&px=0&py=94&bw=300&bh=157&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27724973&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 6e15e191-6bd1-4673-8c3f-6799a79e47cd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 80E8
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=707264a4-77af-4147-a7db-377e95252b61&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=f0460b67-ebc4-4cc8-90aa-5a49cd684597&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=9cc7a556b9f8455eb0e6985ed654380f&tids=15000&med=10

0
35 B

79ms
79ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=9cc7a556b9f8455eb0e6985ed654380f&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 08578FC6D797445EBECF2B55DC2234D5 Ref B: FRA31EDGE0110 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674db3
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0020DA48B515487C9FB2925787232684 Ref B: MIL30EDGE1221 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674d92
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=9cc7a556b9f8455eb0e6985ed654380f&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H3

200

c.gif
www.bing.com/aes/ Frame CC8C
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=0f58a400-207f-4d93-9cbb-810527cc82bb&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=69e63ce4-cb58-4b14-8eed-d7771751e47c&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=8d59b3f6e8da4363bdb68f035d880c53&tids=15000&med=10

0
35 B

73ms
73ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=8d59b3f6e8da4363bdb68f035d880c53&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8E42CFAEA4544FCD86A285A89116107A Ref B: FRA31EDGE0510 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674db5
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DE3C03E0E7054B5582D1F5932A1AA136 Ref B: MIL30EDGE1306 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674d93
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=8d59b3f6e8da4363bdb68f035d880c53&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 5C8E 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKOB_BVjgMAAAMA1gAFAQj64ramBhD77MnTsMz922sYu-Te3Piypo9BKjYJ95R9zapSdj8RURoEEO80dT8ZAAAAQOF61D8hURoEEO80dT8p95R9zapSdj8xAAABG_CVlD8wot29DTiYUEC1XkjjA1C6iYq2AViLtJYBYABo9sWyAXiN9QWAAQGKAQNVU0SSAQNFVVKYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKbhU7qAhpodHRwczovL3d3dy5kdWN1bW9uLmNsaWNrL4ADAIgDAZADAJgDF6ADAaoDhAMKmgJodHRwETDwaWJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWY1NTYyMjFhLTc5YzctNDdkMC1hOWU4LTM2MWEyNTU1NzVjYyZjbUV4cElkPUxWMyZvQWQuRQBUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOAGaOWgC4cnR5cGU9bnVybCZ0YWdJZD0yODI3NDMzOCZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGZhlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNzc2MTkBUlg4MDMzODA3OTk1IgkzODE4NDY3MTQqBCE38MI6OFUyVmhjbU5vUVdRak56SXlNalEwTWpJM09UUXdOakVqTWpNeU5EQXlNems0TkRBek1qQTBPUT09wAPYBMgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4zMS4yMDQuMTUyLjIxMagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFkaHGzqGHh5ltwAUAyQUAAAAAAADwP9IFCQkJDHgAANgFAeAFAfAF6sgf-gUECAAQAJAGAJgGALgGAMEGCSUs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB431BdIHDQkRKAEmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=085dd2b3bb508bc961257782b75c903eaa078c7a&type=pv&jm=1003&px=0&py=100&bw=182&bh=90&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274338&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 0b45d3a5-0b0a-4a71-9896-437716bacfae
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame F1D3
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=dca1484b-7d93-4e0b-bea6-9afec88373ce&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=ff42e5fb-9ac8-42bc-a2ad-fed886cfb0be&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ac317923ed5d4eafa208b0dd429273c6&tids=15000&med=10

0
35 B

70ms
70ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ac317923ed5d4eafa208b0dd429273c6&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D617723E8D7C4046B8D0F0932ADA629F Ref B: FRA31EDGE0714 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674dbd
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2B63F6DBC71F4E62B8DFB40415059604 Ref B: VIEEDGE3314 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674d99
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=ac317923ed5d4eafa208b0dd429273c6&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H3

200

c.gif
www.bing.com/aes/ Frame FEA2
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=154c14c7-99ac-4576-8aa3-624fb3338b9e&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=a65a480e-34a4-4ccc-a9a7-a8a269169cb7&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=dfe8c3d51d8d4f84a757dad32628bbf2&tids=4&med=10

0
35 B

72ms
72ms

Image
text/plain

2a02:26f0:480:22::1726:62f9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=dfe8c3d51d8d4f84a757dad32628bbf2&tids=4&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C831D685CD0A45EFBA32500965BFCF78 Ref B: FRA31EDGE0707 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674dbb
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 05 Aug 2023 02:18:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FBC44423A6784DC78508C8248327B1C0 Ref B: MIL30EDGE0912 Ref C: 2023-08-05T02:18:36Z
x-cdn-traceid: 0.39d53e17.1691201916.48674d9a
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=dfe8c3d51d8d4f84a757dad32628bbf2&tids=4&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 142
quic-version: 0x00000001

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 87C9 0
597 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: dd60d0f0-fd54-4133-8499-e963e2865847
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 5069 0
597 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 4a3a7ef3-d588-44b6-b933-f9ddbff991b9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C938 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 463e0c87-f913-4feb-b10d-504f4e653031
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame B9DC 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 85c64619-31ce-4e86-9069-edae2ce8664a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 0CFA 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKgB_BMoAMAAAMA1gAFAQj64ramBhD78t_LhZvmkXQYu-Te3Piypo9BKjYJgQl3KiKOmD8RO3xXqNNTlz8ZAAAAQOF61D8hO3xXqNNTlz8pgQkJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4sPUFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA5YDCqwCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1kYTliNGIwYi1lMmRlLTQ0OGUtOTRkYS1mMWNiZTJmNmE3NDgmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBkjloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_w5V9lcmlyZWZyaHpmJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTODM2ODcwMDU4NzU2NTkwNjI5OSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekV6TXpFd05EVXdOekkxTXpFak1qTXlNekV6TURZek1EYzFPREF5TUE9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAERXZYiAUBmAUAoAXEh4iHtNXk5XvABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBeGGTPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB7D1BdIHDRVlASYI2gcGAV58GADgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=664ecc174c42f54a264cf5322edff06810204805&type=pv&jm=1003&px=0&py=200&bw=182&bh=90&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274338&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: a3075205-a226-466e-99a6-9983efd0f558
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 82F1 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2002423&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2002423

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 85b606e2-470e-4aae-bad9-cc79f6b5ce3e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 80E8 0
665 B 27ms
27ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKOB_BMjgMAAAMA1gAFAQj64ramBhDJibG_xsCPzRAYq8XxrM-TiaJMKjYJp7ulIIDtlD8Rq9gDH6Dhkz8ZAAAAQDMzwz8hq9gDH6Dhkz8pp7sJJAAxARvwleF6lD8wrZmcDTiYUEC1XkjjA1C6iYq2AViLtJYBYABo9sWyAXiU8QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCpoCaB0w8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1mMDQ2MGI2Ny1lYmM0LTRjYzgtOTBhYS01YTQ5Y2Q2ODQ1OTcmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBmjloAuHJ0eXBlPW51cmwmdGFnSWQ9Mjc3MjQ5NzMmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0PgFwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMTE5NjMzNjgzOTY2NDYxNjY0OSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPREF6TXpNeE9UZ3dOVEEyTkRrak1qTXpNakV6TWpnNE1qTTFOemMzTlE9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWhvbXmxMq-uTvABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQCUEZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB5TxBdIHDQkRKAEmDNoHBggFCXTgBwDqBwIIAPAHlJAQiggCEACVCAAAgD-YCAHACAA.&s=89101d9356fdc5201d9f4c1036e56a2710bee2a6&type=pv&jm=1003&px=0&py=471&bw=300&bh=157&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27724973&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 6e3bc3e7-cfb6-4c08-90fd-945164284cc5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame CD05 0
665 B 26ms
26ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKLB_BMiwMAAAMA1gAFAQj64ramBhCL5_H6zNG_3wwYv_LU2Pmx9KYaKjYJXiMjk4hAnz8RM_v6voGwnT8ZAAAAQOF61D8hM_v6voGwnT8pXiMJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4hvQFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4MDCpoCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD01MWU2ZDQxYi1iNTVhLTRiNTEtYjE4ZC1mOGRiMjc3MmQ5NzImY21FeHBJZD1MVjEmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA1jloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRnwQGVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhI5MTg0NTEyNTQ3NTc5NzkwMTkiCTM4MTg0NjcxNCoEITbwwjo4VTJWaGNtTm9RV1FqT0RRek9EZ3dNell4T1RVd056UWpNak16TmpFNE56TXpNVFUzTmpBNU13PT3AA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXR17rJi4WE_x3ABQDJBQAAAAAAAPA_0gUJCQkMcAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGCSMs8D_QBsKNBNoGFgoQCRIZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB4b0BdIHDQkRKAEmCNoHBgFefBgA4AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=3bb320b60e6f705601d2f53a3002f48b222c35db&type=pv&jm=1003&px=0&py=299&bw=182&bh=90&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274338&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 5225d29b-6aaf-4877-ab14-183f22efe5d1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame CC8C 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKOB_BMjgMAAAMA1gAFAQj64ramBhCm5-DOpafStjYYu-Te3Piypo9BKjYJdmewopnJmj8R4_uNWrhymT8ZAAAAQOF61D8h4_uNWrhymT8pdmcJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4mfEFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCpoCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD02OWU2M2NlNC1jYjU4LTRiMTQtOGVlZC1kNzc3MTc1MWU0N2MmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA2jloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0SAFwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMzkyMTg3MTM2NTQ3Mzg0MjA4NiIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE00TXpneE5qY3dORGN6TVRnak1qTXpOVFl6TnpVM05UWXdOVEl4TVE9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBcukuLaZ_ZO8G8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBZKuNPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAVLfAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAeZ8QXSBw0JDSUFJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=4f95716b95cae425ab3a3955ff5ae08aa6bcb23f&type=pv&jm=1003&px=0&py=0&bw=182&bh=90&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274338&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 9afeabb9-5113-428e-85b2-bf3af82e920a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame F1D3 0
665 B 26ms
25ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKOB_BMjgMAAAMA1gAFAQj64ramBhCi4K_Y2bjXlWEYr5quuvmT9KUvKjYJjas9sqpSlj8Rk_wg9u40lT8ZAAAAQOF61D8hk_wg9u40lT8pjasJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4-PEFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCpoCaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1mZjQyZTVmYi05YWM4LTQyYmMtYTJhZC1mZWQ4ODZjZmIwYmUmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBmjloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0SAFlcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNzAwMTc5MzE0ODk2ODc1OTMzMCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekkzTnpReU5URTBNemc0TmpJak1qTXlORFUzTXpjME1EQXhOalkzTmc9PcAD2ATIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMzEuMjA0LjE1Mi4yMTGoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBYS81tSqjbTIQMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYLNAvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAVLfAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAf48QXSBw0JDSUFJgzaBwYIBQl04AcA6gcCCADwB5SQEIoIAhAAlQgAAIA_mAgBwAgA&s=d04e6304e8b4abe18157ec97235bf28320a70415&type=pv&jm=1003&px=0&py=499&bw=182&bh=90&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274338&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 8c93ee47-741a-4dde-8178-ddde8acb0b5e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame FEA2 0
665 B 29ms
29ms Ping
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.ducumon.click%2F&e=wqT_3QKMB_BMjAMAAAMA1gAFAQj64ramBhD3_tDB-dCTpFsY2ej2tovA0-pLKjYJCJaI_Dl8oD8RDx2dLG5Snz8ZAAAAQOF61D8hDx2dLG5Snz8pCJYJJAAxCRvwlZQ_MKLdvQ04mFBAtV5I4wNQuomKtgFYi7SWAWAAaPbFsgF4j_YFgAEBigEDVVNEkgEDRVVSmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIaaHR0cHM6Ly93d3cuZHVjdW1vbi5jbGljay-AAwCIAwGQAwCYAxegAwGqA4QDCq4CaHR0cBEw8GliaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1hNjVhNDgwZS0zNGE0LTRjY2MtYTlhNy1hOGEyNjkxNjljYjcmY21FeHBJZD1MVjMmb0FkLkUAVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBhjloAuHJ0eXBlPW51cmwmdGFnSWQ9MjgyNzQzMzgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_0NAFfZ3ZycS1wYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjU3NzU5MzYwMDA1NTcyMTg0NyIJMzgxODQ2NzE0KgRiaW5nOiRVMmh2Y0hCcGJtZEJaQ014TkRBM05qa3dNamd4TmpBeU16azTAA9gEyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjMxLjIwNC4xNTIuMjExqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWi0_eX0pf6r0nABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAFNwkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHj_YF0gcNCQkkAAAFJgjaBwYBXnwYAOAHAOoHAggA8AeUkBCKCAIQAJUIAACAP5gIAcAIAA..&s=ea7c8247cf5fb0566dec9f0072347c81d5c69513&type=pv&jm=1003&px=0&py=599&bw=182&bh=90&sf=1&sid=6766336941958310472&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28274338&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.ducumon.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:36 GMT
an-x-request-uuid: 6b73c65f-6310-4080-9764-6f1652d0d86b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.ducumon.click
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 94E4 37 B
139 B 35ms
33ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:37 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 978E 281 B
554 B 114ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E2AA 52 KB
17 KB 40ms
39ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 / Show response
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 7900 61 B
245 B 407ms
49ms Document
text/html 162.55.233.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=667932
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.29.233.55.162.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 05 Aug 2023 02:18:31 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6D12 281 B
554 B 97ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 50EE 52 KB
17 KB 42ms
41ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 79DB 37 B
139 B 32ms
32ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:37 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6575 281 B
554 B 96ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 211B 37 B
139 B 32ms
31ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:37 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A11C 52 KB
17 KB 40ms
39ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame BC74 37 B
139 B 32ms
31ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:37 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7F1A 52 KB
17 KB 32ms
32ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 25A5 281 B
554 B 96ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F960 52 KB
17 KB 36ms
36ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame E76D 37 B
139 B 32ms
32ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:37 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3EC6 281 B
554 B 97ms
33ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C974 281 B
554 B 99ms
33ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 1326 37 B
139 B 32ms
32ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:37 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7EE4 52 KB
17 KB 39ms
39ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame E2AA 0
597 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: f707dd5d-d9cb-430f-863d-65fa8c09f81d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9CCC 52 KB
17 KB 40ms
40ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 1D4D 37 B
139 B 32ms
32ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:37 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7155 281 B
554 B 71ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 50EE 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: 3d1d7426-d6f0-40fd-a902-11451b9af3a2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 7F1A 0
596 B 27ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: 824e37cb-a0df-44f8-87d6-ad3c7b40697f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame A11C 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: ecf903a8-de56-40f8-ac0c-84deedaf3109
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame F960 0
596 B 26ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: 2660dfb9-0d35-4e0b-8d41-78d7b4dce7de
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 978E 34 KB
10 KB 33ms
32ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6D12 34 KB
10 KB 32ms
32ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4AB6 281 B
554 B 42ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E470 52 KB
17 KB 39ms
39ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 9962 37 B
139 B 32ms
31ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:37 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 7EE4 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: b58db4ec-74e5-435e-984a-7491b1129d08
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DAC0 52 KB
17 KB 40ms
39ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 02AB 281 B
554 B 33ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6575 34 KB
10 KB 36ms
32ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H2 200 / Show response
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 6E1D 61 B
245 B 74ms
49ms Document
text/html 162.55.233.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=7092825113
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.29.233.55.162.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 05 Aug 2023 02:18:31 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4432 281 B
554 B 32ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F410 52 KB
17 KB 40ms
40ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 9CCC 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: 29405097-7806-4525-8a2c-d2d460642e1f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 25A5 34 KB
10 KB 37ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2320 281 B
554 B 32ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2D21 52 KB
17 KB 40ms
39ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame EC3D 52 KB
17 KB 41ms
40ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 98F1 281 B
554 B 32ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3EC6 34 KB
10 KB 37ms
36ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2A99 281 B
554 B 32ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C880 52 KB
17 KB 39ms
39ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8AB8 52 KB
17 KB 41ms
40ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0ACA 281 B
554 B 50ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7435 52 KB
17 KB 65ms
40ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4D0B 281 B
554 B 53ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F563 281 B
554 B 56ms
33ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9269 52 KB
17 KB 67ms
39ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FD1C 281 B
554 B 56ms
33ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame EB5F 52 KB
17 KB 69ms
40ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 978E
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKXDYCCE-9-JO9W

0
652 B

198ms
129ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKXDYCCE-9-JO9W
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 02:18:37 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C5E940CFC132416386C4941BF1895BFF Ref B: DUS30EDGE0916 Ref C: 2023-08-05T02:18:37Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYCI6GNogPjyWCVT4jmVQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKXDYCCE-9-JO9W
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 978E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEbgkUeLW4DYmYubfPeFeYM&google_cver=1

0
239 B

136ms
33ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEbgkUeLW4DYmYubfPeFeYM&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEbgkUeLW4DYmYubfPeFeYM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 978E 70 B
265 B 140ms
44ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 978E
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/aXtnbeCEkZcRPd1D_E4u8w?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NVj.yaBE2oL0X8SewntRbBOtzNO2QPqnSHLyAA--~A

0
239 B

34ms
33ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NVj.yaBE2oL0X8SewntRbBOtzNO2QPqnSHLyAA--~A
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 05 Aug 2023 02:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NVj.yaBE2oL0X8SewntRbBOtzNO2QPqnSHLyAA--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 978E
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmY4Y2M3ZGEwN2Y0NWMxMjIwNjBmMzU4N2U5MTdmYjJiOTM1MzVjMQ

170 B
188 B

69ms
68ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmY4Y2M3ZGEwN2Y0NWMxMjIwNjBmMzU4N2U5MTdmYjJiOTM1MzVjMQ

Protocol

Server

142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmY4Y2M3ZGEwN2Y0NWMxMjIwNjBmMzU4N2U5MTdmYjJiOTM1MzVjMQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 978E
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=qgFNBTNKSyeylOTU3U7wng&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qgFNBTNKSyeylOTU3U7wng

43 B
479 B

108ms
108ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qgFNBTNKSyeylOTU3U7wng

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Aug 2023 02:18:38 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XKKK4MRHD5H0CX8BVY13
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=qgFNBTNKSyeylOTU3U7wng
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 978E
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtYRFlDQ0UtOS1KTzlX
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEklp6TeBCFPYd_XVI7cFbI&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtYRFlDQ0UtOS1KTzlX&google_push=

170 B
188 B

68ms
68ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtYRFlDQ0UtOS1KTzlX&google_push=

Protocol

Server

142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtYRFlDQ0UtOS1KTzlX&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 978E
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=L7lScyVeT7eslssFbvyQBA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=L7lScyVeT7eslssFbvyQBA

43 B
720 B

121ms
121ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=L7lScyVeT7eslssFbvyQBA

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Aug 2023 02:18:38 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KKAAMDMYQ996K846WE21
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=L7lScyVeT7eslssFbvyQBA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 / Show response
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame FB96 61 B
246 B 51ms
47ms Document
text/html 162.55.233.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=8589329125
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.29.233.55.162.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 05 Aug 2023 02:18:31 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 84A1 281 B
554 B 54ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0D31 52 KB
17 KB 69ms
40ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7155 34 KB
10 KB 37ms
36ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C974 34 KB
10 KB 32ms
32ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4AB6 34 KB
10 KB 66ms
36ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 02AB 34 KB
10 KB 86ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame E470 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: 4228f281-aa62-4247-827b-d36223519dd8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame DAC0 0
596 B 27ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: ea0b4d48-28bc-4651-9009-6d1c388a6257
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4432 34 KB
10 KB 54ms
36ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2320 34 KB
10 KB 58ms
34ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 98F1 34 KB
10 KB 59ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2A99 34 KB
10 KB 54ms
35ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame F410 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: 70ce56f8-1dba-4b8f-a873-e4879e3764c5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 2D21 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: 1cd5a42c-8250-4ca8-8edf-7cbb895ce962
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame EC3D 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: af3afb1e-a44e-4b44-b0f8-694e6fb670e0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C880 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: b27288ee-b33c-480f-a0e3-f1d0806780db
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0ACA 34 KB
10 KB 38ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4D0B 34 KB
10 KB 37ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F563 34 KB
10 KB 37ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FD1C 34 KB
10 KB 37ms
36ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 77A9 52 KB
17 KB 40ms
40ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5D95 281 B
554 B 32ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C6E2 52 KB
17 KB 41ms
41ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0EC9 281 B
554 B 32ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 84A1 34 KB
10 KB 61ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 8AB8 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: ab3fe265-966a-4937-a5ff-ecfe381c8968
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 389F 281 B
554 B 39ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B84E 52 KB
17 KB 40ms
39ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 7435 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: c444c7d5-0a7c-4e77-9642-8acfc965012f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 9269 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: e495b665-a9cc-435b-a218-55a648becd41
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame EB5F 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: 11fdec12-1ccc-4d43-8066-0581d1759435
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 0D31 0
596 B 28ms
28ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: 79b71b56-1c64-4415-9d86-24b0ed3c14e0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5D95 34 KB
10 KB 37ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0EC9 34 KB
10 KB 37ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 389F 34 KB
10 KB 37ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 6732 37 B
139 B 32ms
31ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:37 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 249D 281 B
554 B 32ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 70E7 52 KB
17 KB 39ms
39ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 / Show response
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 9238 61 B
245 B 50ms
50ms Document
text/html 162.55.233.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1950916273
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.29.233.55.162.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 05 Aug 2023 02:18:31 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 9841 281 B
554 B 32ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame AC7A 52 KB
17 KB 41ms
41ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 88C5 281 B
554 B 33ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame A955 37 B
139 B 32ms
31ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:37 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C44D 52 KB
17 KB 40ms
39ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CE6CLHD4YS&_ono=1&gtm=45je3820&_p=1016053721&cid=1451542700.1691201912&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1691201912&sct=1&seg=0&dl=https%3A%2F%2Fwww.ducumon.click%2F&dt=Ducumon%20-%20The%20Next%20Gen%20to%20Give%20entertainment%20that%20best%20suits%20you%2C%20all%20for%20free!&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CE6CLHD4YS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ducumon.click/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ducumon.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 77A9 0
595 B 29ms
29ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: 5c26eb13-c1f4-42ed-ae82-2ed0915d7f00
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C6E2 0
596 B 27ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: a404aad3-868d-41ff-ab9a-e904b7cdd9f3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame B84E 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: 861624ab-cef6-4fd5-a864-f2d6ee8e36dc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CE78 52 KB
17 KB 40ms
40ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B2DF 281 B
554 B 32ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 5E1B 37 B
139 B 32ms
32ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:37 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 03D7 281 B
554 B 32ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8665 52 KB
17 KB 42ms
42ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 249D 34 KB
10 KB 37ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9841 34 KB
10 KB 37ms
36ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 88C5 34 KB
10 KB 37ms
36ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 70E7 0
597 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: b81d33b6-4333-4f65-a9bb-4b36b8096488
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame AC7A 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: 9cfb5fc9-460e-44f2-84bf-20481c5e86c3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C44D 0
596 B 26ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: eb1aca68-f0a9-44d9-9e97-4802d3a14ef0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame BFFC 281 B
554 B 32ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 05A3 52 KB
17 KB 41ms
41ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 931C 37 B
139 B 32ms
32ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:37 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B2DF 34 KB
10 KB 37ms
36ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 03D7 34 KB
10 KB 37ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame CE78 0
596 B 26ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: 78e40a6f-95cc-465b-b3e0-48267daf35f4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 8665 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:37 GMT
an-x-request-uuid: 96448be4-0917-4cc6-a568-ec48fbe3056f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2EA0 52 KB
17 KB 41ms
41ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 066D 281 B
554 B 32ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:37 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BFFC 34 KB
10 KB 37ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21893
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6F53 281 B
554 B 32ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:38 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame CC36 37 B
139 B 32ms
32ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:38 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 83C0 52 KB
17 KB 40ms
39ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:38 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 05A3 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 56b4cde7-7852-4c3a-b74b-57ed6139917c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 95D4 281 B
554 B 40ms
39ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:38 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame FD09 37 B
139 B 32ms
32ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:38 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4A3F 52 KB
17 KB 40ms
39ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:38 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 066D 34 KB
10 KB 37ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21892
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame E73B 37 B
139 B 32ms
32ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:38 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 890F 281 B
554 B 32ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:38 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2839 52 KB
17 KB 41ms
41ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:38 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6F53 34 KB
10 KB 37ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21892
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 2EA0 0
596 B 26ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 4a6bc1fa-4a9a-4efd-ba94-0241c19c3eb4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 83C0 0
597 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 698fc499-9982-49f0-bdde-90e39dd95331
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 95D4 34 KB
10 KB 37ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21892
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 890F 34 KB
10 KB 37ms
36ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21892
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 648C 52 KB
17 KB 42ms
41ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 05 Aug 2023 02:18:38 GMT
ETag: "623de86a-cf34"
Expires: Sun, 06 Aug 2023 02:18:40 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame D668 37 B
139 B 33ms
32ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 05 Aug 2023 02:18:38 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5461 281 B
554 B 32ms
32ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.ducumon.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Aug 2023 02:18:38 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 4A3F 0
597 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 47966a96-99aa-4aba-b7b3-36c9c73b5f9d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 2839 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 1aa1a8cc-ee48-4f3b-bc59-276f36e04047
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5461 34 KB
10 KB 37ms
37ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 02:18:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2023 08:23:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21892
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 05 Aug 2023 08:23:30 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 648C 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: b93e23c7-6b4d-4b3c-b4b4-5e259c2b58b2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame E2AA 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 1b2e676b-2953-408b-bacb-a34ac110dc6f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 50EE 0
597 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 340bd0fe-33b4-4067-ab57-dc73179b4db6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 7F1A 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: cabc23df-b431-4adc-a454-9578ee60f575
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame A11C 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 94c276dc-5ad7-4089-854f-19f49afa6553
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame F960 0
597 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 85046665-40c9-4787-9771-74270fbb87d4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 7EE4 0
596 B 26ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 21698aa7-e1e4-483e-9e4f-321aa89d57ef
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 9CCC 0
597 B 26ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 50797fe9-7d63-4a77-b513-35ddf648ba33
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame E470 0
596 B 27ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: edd77b4b-911d-4db1-8aa7-329afa16fb9d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame DAC0 0
596 B 28ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: b204c2fe-ac24-4052-a8b1-8d233d413c88
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame F410 0
596 B 27ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 85f75cf5-5cf6-45d4-8eef-ddec50736e51
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 2D21 0
596 B 44ms
43ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: f2ecb16d-7c34-4b25-a920-04849da2d9e2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame EC3D 0
596 B 27ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 9d18b7e2-97b1-44ee-b60d-75e72349181e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C880 0
596 B 27ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 830ebcae-cb68-4644-a233-d822f95f2c70
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 8AB8 0
596 B 28ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 4ccf27a8-a84d-4425-8b3e-3abe4f8e2f09
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 7435 0
596 B 28ms
27ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 2131fe08-933d-4d74-bdf6-b6a9e69859ed
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 9269 0
595 B 26ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: d0e0b391-b022-43e8-a1b2-b74ac5f42dec
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame EB5F 0
596 B 26ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: ec19c089-1a32-45f3-86eb-7cd3a42a9d91
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 0D31 0
596 B 28ms
26ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: a0b5f785-f499-42f4-a611-37fc2a181a12
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 77A9 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 7194c91c-2eea-4802-bffd-461b86f95061
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C6E2 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 0e74eb69-a1ba-4129-a6df-dda8a8e7e0f2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame B84E 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 524753ee-640d-43e2-b550-51e0a390552e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 70E7 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 25a4c60a-7ad8-49c6-8957-d188dbedbb3a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame AC7A 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: e0ac5489-4791-4a4c-83f6-7be39474068d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame C44D 0
596 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 7930bd6e-753c-466b-9a28-23c5382843d6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame CE78 0
596 B 28ms
27ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: 1b8ebf46-749a-4ccb-858f-e6491e75cfca
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 8665 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:38 GMT
an-x-request-uuid: d6357902-af0a-456b-ae4a-5682f1f3c9f3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 05A3 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:39 GMT
an-x-request-uuid: 23a97ce7-3fc2-4156-b4f1-67d0f227ac0b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 2EA0 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:39 GMT
an-x-request-uuid: cf6651f8-a71a-433e-9a17-5059b670a698
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 83C0 0
595 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:39 GMT
an-x-request-uuid: 389171d2-20a1-4a0d-9c24-e55db1210d1a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 4A3F 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:39 GMT
an-x-request-uuid: 536d2016-17c1-4d34-b884-6fec9533fae5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 2839 0
596 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:39 GMT
an-x-request-uuid: 204c4bdb-ce1e-4f27-9a22-bd7d05089fb6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 648C 0
595 B 28ms
28ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Aug 2023 02:18:39 GMT
an-x-request-uuid: 68c1d2d2-a0d8-4c17-9ca3-c25a43ecfaef
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.152.211; 31.204.152.211; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kvt.sddan.com
URL: https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.ducumon.click%2F

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ducumon.click/	1970-01-20 13:46:45	Name: wpprogeotargeting Value: %7B%22country_code%22%3A%22NL%22%2C%22country_name%22%3A%22Netherlands%22%2C%22subdivision_code%22%3Anull%2C%22subdivision_name%22%3Anull%2C%22city_name%22%3Anull%2C%22postal_code%22%3Anull%2C%22latitude%22%3A52.5%2C%22longitude%22%3A5.75%2C%22timezone%22%3A%22Europe%5C%2FAmsterdam%22%2C%22metro_code%22%3Anull%2C%22accuracy_radius%22%3A100%2C%22continent_name%22%3A%22Europe%22%7D
www.ducumon.click/	1970-01-20 14:29:53	Name: _pbjs_userid_consent_data Value: 3524755945110770
.ducumon.click/	1970-01-20 15:56:17	Name: sharedid Value: d6aead9c-be09-459f-a185-a5dc76e1b8de
.zeotap.com/	1970-01-20 22:32:17	Name: zc Value: c9aa7be3-c9d4-452f-64d9-85a5685358f1
.zeotap.com/	1970-01-20 13:48:08	Name: zsc Value: %8C%2A%DA%04%8F%B5V%0ED%27%AF%CD%F2%CC%5C%A1%11%91%A1%F9%EA%DD%ED%E9%A5%F3S%C8%00%87%24%89g%400%C2%9F%8AV%0C%B4%22W%5C%2Csm%D7%87Zm%1C%AEiw%DAR%1E%05%C4%8D%DE%5C%1E%1A%E3S%8Eh%CAK%19%DEK%AFz%C9%F2%A3%BA+%14U
.ducumon.click/	1970-01-20 23:22:41	Name: _ga Value: GA1.1.1451542700.1691201912
.quantserve.com/	1970-01-20 23:16:56	Name: mc Value: 64cdb178-7c9f9-73012-408b7
.ducumon.click/	1970-01-20 23:11:10	Name: __qca Value: P0-1406726379-1691201912362
.doubleclick.net/	1970-01-20 23:08:17	Name: IDE Value: AHWqTUlBrWQ_OyqOHj7Jka7KY-WKEU7wjnw5O9eZDxMWHNzQUTWxKlL41ZkyEX7LAaA
.ducumon.click/	1970-01-20 23:08:17	Name: __gads Value: ID=007925b4884499c2:T=1691201912:RT=1691201912:S=ALNI_MZJh4sbGCTd1kKTuu4kQDBxT7w_BQ
.ducumon.click/	1970-01-20 23:08:17	Name: __gpi Value: UID=00000c4c2e425fe5:T=1691201912:RT=1691201912:S=ALNI_MZBQTjuJ2yYh1sqKWs4BT1eT4gUOQ
.ducumon.click/	1970-01-20 23:22:41	Name: _ga_CE6CLHD4YS Value: GS1.1.1691201912.1.0.1691201912.60.0.0
adtrack.adleadevent.com/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 9FC54D150466C174912E5199B1F8E822A79961F45959205F48155F06FB9BD61C957639C62B5256CD101C7B5617B87EC222DB6810D5FA7F2601127727C3997A195B0D3022C0
.rubiconproject.com/	1970-01-20 22:32:17	Name: khaos Value: LKXDYCCE-9-JO9W
.rubiconproject.com/	1970-01-20 22:32:17	Name: audit Value: 1\|naVuGyos1qq5odvvBV8zvufhqFI7AU9Uad321cYfjPIyqUxkjByg3sJPom9sh56WJv3qB7stw4VTkJzHrnpJjArbIwfHC7qXIZE5xoQF+eG+xUA9sgf/4dzpQ7vzkXQ/
.adnxs.com/	1970-01-20 15:56:17	Name: icu Value: ChgI95t6EAoYAiACKAIw-uK2pgY4AkACSAIQ-uK2pgYYAQ..
.adnxs.com/	1970-01-20 15:56:17	Name: uuid2 Value: 3408046926892600623
.bing.com/	1970-01-20 23:08:17	Name: MUID Value: 3F360E10CBEE660F32A71D74CA3367BA
.yahoo.com/	1970-01-20 22:32:39	Name: A3 Value: d=AQABBH2xzWQCEGhsWZ-S9TjG14Bteq_WIBgFEgEBAQECz2TXZAAAAAAA_eMAAA&S=AQAAAggPkQ3NrN-D21NRHOjKGns
.linkedin.com/	1970-01-20 22:32:17	Name: bcookie Value: "v=2&aa78d436-7ade-45b3-892c-349afe524f45"
.linkedin.com/	1970-01-20 18:05:53	Name: li_gc Value: MTswOzE2OTEyMDE5MTc7MjswMjGJu2NLB9AFU06vCnpIt6Qj2hHtvG8ouqz8SZjGhGO2Ow==
.linkedin.com/	1970-01-20 13:48:08	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2625:u=1:x=1:i=1691201917:t=1691288317:v=2:sig=AQGQ34A40EoF0MRKBH-KOQlYOvpZ4TqL"
.amazon-adsystem.com/	1970-01-20 23:22:41	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 19:32:17	Name: ad-id Value: A4j5XVrclEPdq1RSD4rc53M

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://p.cpx.to/p//px.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.ducumon.click/ Message: Access to XMLHttpRequest at 'https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.ducumon.click%2F' from origin 'https://www.ducumon.click' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.ducumon.click%2F Message: Failed to load resource: net::ERR_FAILED
rendering	warning	URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=7281821691201912728 Message: WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering	warning	URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=7281821691201912728 Message: WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering	warning	URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=7281821691201912728 Message: WARNING: Too many active WebGL contexts. Oldest context will be lost.
rendering	warning	URL: https://sourserve.com/t.js?i=dngtej48zud812zd87r36&cb=7281821691201912728 Message: WARNING: Too many active WebGL contexts. Oldest context will be lost.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3e937318ce7243d3184050141a4c7d94.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs-simple.com
acdn.adnxs.com
ads.themoneytizer.com
adsdk.microsoft.com
adtrack.adleadevent.com
adx.adform.net
ajax.googleapis.com
ams3-ib.adnxs.com
bidder.criteo.com
c.tmyzer.com
c2shb.pubgw.yahoo.com
cdn.adnxs.com
ced.sascdn.com
choices.trustarc.com
cm.g.doubleclick.net
csi.gstatic.com
d2zur9cc2gf1tx.cloudfront.net
dcdn.adnxs.com
ducumon.click
eb2.3lift.com
eus.rubiconproject.com
f3f6i6e3.stackpathcdn.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
hb.adpone.com
i.clean.gg
ib.3lift.com
ib.adnxs.com
id5-sync.com
img.3lift.com
kvt.sddan.com
lb.eu-1-id5-sync.com
match.adsrvr.org
mwzeom.zeotap.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prg.smartadserver.com
px.ads.linkedin.com
redcarpat.com
region1.analytics.google.com
rules.quantcount.com
s.amazon-adsystem.com
s.richaudience.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
shb.richaudience.com
sourserve.com
spl.zeotap.com
stats.g.doubleclick.net
sync.richaudience.com
tag.leadplace.fr
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
www.bing.com
www.ducumon.click
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
kvt.sddan.com
108.138.17.108
108.138.17.37
13.248.245.213
13.32.99.84
141.95.98.65
142.250.181.226
145.239.192.166
15.197.193.217
151.139.128.10
157.90.3.144
162.19.138.116
162.55.101.208
162.55.233.29
18.156.195.47
18.194.94.253
18.66.122.28
184.30.16.183
184.30.22.30
185.86.139.116
185.89.210.90
2.16.107.153
2001:4860:4802:32::36
2600:9000:223c:c800:6:44e3:f8c0:93a1
2602:803:c003:200::45
2606:4700:10::6816:1957
2606:4700:20::681a:8a9
2606:4700:20::681a:a19
2607:f8b0:4012:81e::2003
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:21::14
2620:1ec:46::63
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::2001
2a00:1450:400c:c06::9a
2a02:2638:d::a
2a02:2638:d::d
2a02:26f0:480:22::1726:62f9
2a02:6ea0:c700::10
2a05:d018:d29:3605:c921:7369:53d4:6471
2a06:98c1:3120::3
2a06:98c1:3121::3
34.95.69.49
37.157.2.234
51.75.86.98
52.208.148.0
52.209.73.195
52.222.214.4
52.46.155.104
54.38.64.100
65.9.7.64
67.220.224.144
69.173.144.138
69.173.144.139
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0122bb0ec690b62cf7251b0672f30872776c83d7eba04ab714678825ce912361
012710d3589c5a3d4593c906b9fea443e306806e3b7b7268f78f5c5fceadce1b
02bcb140c724f564c8d4f9c624e6bb4d8f1d2734dd5cd8ae313de7c5bfcaf73f
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
053825f9812c8939087ef626ec0f3598e8f2560a6a79340489ae46b5c62b264b
061d197b740a294ffb97ecf80a1dd5a410ba9a67a3e6b777ee344352f8898acd
06b7462536903ae4d86abe8f1ceb0f4849958a43005c7e58d24fb4e5f2d246d2
072fbeed19523e70bda2f20a695392b643c9212bd7272a326a5e6a6e060b9f8f
073f2d09f13230ba4e634a2a2da71c535a6b5f72b8e151b1b371429e9d69a675
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
09b81e1bdf01672c993e3f5009b9ee66d00eb6164ade3a9c8d67cf73b09d5a14
0add8fcb5a583b1c16238fbe9d0de17c6272726b42be17fdcd9b4686ef5287d1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9ffac16148c8938c6d9f2df28a17207f62a7f92d3401a48a58c0b22f17b0b4
0f65a9a5652d99cc3e798d8a1ff35ac8f0527ff4e72673a80a009679e09c93ae
0fc3360ce0759964a57972566e1209b2942637c0ca5ae4304899cf97dd7d6cec
10bfa5464ab3925807fabf354e7ff92d8123ed43596a0953a70f9ba5dcde07ab
12faf22005bec68fb8d3db2afa60d1586b2e9733eeb247336d78fbb4ff738e15
1417946a14c7a05e3b2b32bc2349994a9c09f0c29fd317fff0236da9f8f9f892
1741f36a3116e0262697b1e4805ecdfdd53ea9088933ad8016ba38066b0d7421
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1da72996af1fa0bf3a79f8c021db0f3c02ba8b3b3fc4e14159ddea0e30e26ab2
1dc48f458e6c28751bf7f56340fbfcb6291333c9085d5d6dcb62036dddf2e724
1e5940fc890fe7e744e96d1639b5270df569fa48aed4be2e6e0b52ed495c1995
21fa8cbcd0bd7baead27834fe9c1ffe51903fb431bc297a0a06b7d09772c3951
22ef378a698e130d688cd1f8a8a11fab09b6ee381813d0983a7f3caa56c166b4
2382d8e36db9a3c8daa5bf013cf613c07d78cc37d2bc9a04db9d311926b81284
25344045e1a4ef6c83106f9145a69065214da1fdf91cb6278c549611c871dc9b
25cb63150e157225b72ab00456c9007a8f9de63b4da4a7f9b7a06eb21283b0cb
262b8ab4e1800fb51410f01aa7d3df0f3231bafc546a23674627d511fae4cbba
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2b6ea68edc11c437f824a0f5443412ff12ba5a943d910f31946f1f9ff02d8298
2d4c8d2e2ba6cb0248e65805b942c5b9a8ef06cfc1b305c120075d391ff0fbc0
2edfb4e2b0b907b22ca228f45f169c8d3a4fa66104917f66e7291497079a9fa3
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
30ac2fe51a08ecba2469e4c2bd6665d1373d2d99784312b6afeaef4e7f5d54dc
3127b2900c8ef9b9f31accc3cc2efe1953cde4d1b13b8a155a871af73a46601c
312b067b01f64e9f6efa97ef8c7391cbad5c7e4e814c2d0d0fd214ba521956d9
314239c0951006468f0c6db2d927690ce7f623ce86544796a5aeea93e36c7456
33184878ac6c694422a00ee3901397f97669717adc656dcec1a34de32e968438
3459779243b2a81d508c56eeaee78a7260d03f85cf1a7ce831617ca42b185bc1
35db0e7967140c42e23202a877b559ba7970d95a7915d8659b9742b34ef14ee0
3693cc12cfc29f8ba7659362631d3fd514c01934cc390c0b00f5b29c4ad064b1
371d5dadac385366265574330de652d3b97d0646391835f0fd53936ef1cf7725
3782d61e0afd889a3d6feee93c15c851e3db02c0bce034e886fcda143a7c8ca3
38ae75caeb50353f91350cdb3c3ecb9c736eac86f161376295bd4c39ed76e591
3a35b3a789cc4a8f56e3adae741e471b8f28614b24198fecbe60b8b85b69127e
3a494cb8a3fc5345ca81844d27d3e0834aa754aeaa0056f1710a1df56acd983c
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b
3d5f29ab920873be58a1cb51277d06b8b08c11916e05c69035c7fac877708e10
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d69ef3d37bb5b58826d5c53bf94b5979cec458092df135df34db345f00e2bad
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405db8c604929240731226264a88b5ceeb6bba6e2c2cacf76ab0b9bc53a2480a
42daf128a797f05b9f2ad36dcf94d33e5441cd9de806d0c95494abefff3d4230
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44259d035de9d34107a8e641cdb9ab84dc700a4367cdb149e78f286ebe503166
44383d0c7580f1f36178ccde234a9ecfc6b5f976ff98f2bc6d7b061b892323f7
443fdb6f2f8d2ee31f2effb89a2a1a57e963ed76bd1e2fd9ff385b509c9527b4
44ee3420c4a6a39f3619cc3150b0bfd559c688e900f044dd988f844f20882e89
45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2
4629bd7aed5f6ceb6d6ce47042f3d875dc1548c58a7f9879ca4a78c3fc05f3e7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b
4966cdeebe522ea379f7beeacb9228f180ec14b999272819045971858f46a347
498f9823c8b2f290df9ea5a7f01d23320aa9cb5cfe77e278e6b590bd57e73030
4a529371457621b23bdf1667f0804d085589acffaf8d2729ae51660d444d8d4c
4b216df192272c5df4cf9df3d4fd8993b5292e7853b420e0ad8829a97d186ed8
4bfec0d9a1a3e8806adbb6f164d312aaed994cfff3a77bfef2d3cde0afd02405
4cff760f94167adbbe64d443a69f778c7d52a1741d4885bf9af88a75d223c99e
4ea9b9226782535bcb7d58507682bbc32872cc81d64738b59ed25fd614562c19
4f61525c435935afe56cf850326d30eddbac45d82f9ec281cc2554eb570efff3
5093fcecf0faa378b923db608fc49f872347770d9d802e76b232a2284f487e55
51ccf0ba6f97f7f8c16d0e51644aac50ea3ce3542b5d083486883562afbf9bee
51f982065039f2184f088c3510cb673a2af3c047b9f0d57ec7e1f95e973de626
53bace9855d7fc13840102f36fdde9855a2931b857115c429ee9d39350386ad2
5507d4789324dcb0db30f9a7b8480b815ece9b0e1f2eca83c5e547670d95eec6
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58badb5b493752ca8afa9788630acbe1975cd8236824bfb2e01e3ef56fa722b3
58db1fe7dca9c9ab7024401aac5a2d7490a70792caadaa3f73a429dc75f7c9e1
5ba402d4fff181e491b7361a6d1f608cb1dd74c12776b60299cbd171346dcd31
5ba5eee7c41c9c4d83a70300e29fcb68d426ed78e26d984f8d0758cc069d9e02
5c2c4d971a83d95495d3a3bb926e3a45ec0a8e12b432d9a1c80171600c8dc0da
5c9a31cff4131bfa107071f5a4426fd5fefbcdaca9187a46514eb451f5ebbae6
5dae896bb6619fee2842fbf57b2f68425693760e409d51daa3485d527d3b4ab3
5e6f10f24e5a6b558a783cb5987f4f99e5262cacb69e0db96a47eee87bd3230b
5f9eab8ad5485ccef3019096c01b9bda7c30ba98b21fb348ee983112accabb68
611451a55d13c93f1da349a3c1b4b1b20424a2cc371a9a0f2203465eeb16d051
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c9418d536f51e7419c9a27af9dfe8d6ea69ee060b473c53b4f7cad36d1e9db
61eeaf3752ec4a775d833ab1ffe79787a750f59cb9c2933aad9cc276a36eb5fb
61f653a4ee3f1ea54d9136e4771aeacec086bac68300f70cdc85b18291372795
647894e92f71c82668df312fe6d0071985f95566ecb862a1fce81d22c4aeea2b
69abb1b8af004cb630bbfd95a8986e30d78dd7256ce28afb7c03c455ab046d83
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad
6a04f704f1ff8f018568020f67b9a9a4eb47a0c1029358b195de73feefd36153
6bc69a3495661d6ce5cda5d9fddbdccb1e46471929448319834330deb5422874
6cf11ffaf063b0874ee655c1e08da85c510b1c9fc5cb2b793c5e4b04fcb02d5f
6d460eb1d9f21ad5bb0addf8d85f30ee0ca7bc69483a9395a97dca54611e1d1a
6dcb70227dbc7f39789f278bf9aff1ee74352c034c1a3404568bd95eca78cde7
72437ce3aabb652ee4c5c7c75e96fdfbbc40f31f5c97863c07921a040745e0df
7273f57cb98afcde27ee9b06f4321f8ed5e89c699d6248af4ad34f54cc5daec1
76159e62f0aa757670084bcf637554ecbce058a98467688d5d3e94e6f022d537
7662b416cae2e4b8d072bad8ef551a81665c9615868c62f5376da5af632a05f1
7b763a2b16aebb89ef2048c7a908b54464b98d1368c0e92ed406670be305e578
7b938ac78254099d038a1b2fe35358fd5f0115acdadd504d8b86a8aa1e97155c
7c729fba24807127e139d6ca76ec4773de19ae3cb227e509e9e7d73d2b82afdc
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7cdfd01427c9728e29c377236bcb4ba87adefd9be0ef21c7fddaf83edc9985a6
804901b8936d0a61c01f049a217f91541f21325471babec37d7f0c054222c850
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
850ee64eb74107f1731283ae9bf22a7f51ff815f8c4b60993f4e9afa5a956ee1
891b450bc9c1540873ef9d8e417573bebb8a04d5da713bfc5f269a1f4ffde175
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e648b19e3033f455f5108fbdd15143c12bd7bc14bf6d7bd589a3b15afdb1c47
8ef6e6dfd4d82f26303e757b5895d9c9aac7424484bc74cf386055d1bb3e940f
8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e
9122535ebff7a9fa340f326c989bd8147beaff944aefed16a4425c9c27e423bf
91d8cb6f9e04c4e878e377fe4eed417464f1831b0166e83f18b7a3b872f2f1f8
91ed17c3b043cee9b58ecc7118a3d5ab8f09f5d5d4ab7485f762f9140600d3bd
9320751e4da06f2dd1b89ee717a245516095ea7f2985b2e33947b9a7f2e829f1
94ff72f0e7d4d5fb406082c4572aeb6514c4e32266aec78e93edbb03e9cf9628
954309f6fff8b00faddd8b89b52990d9ee23a1c56bb7c71ee630d77973090e96
95b642f67cd22e16edcc8466f6de5cf0cf4a96549aad8979d9dfdf58536fdc82
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
994ba1984d953316ab73b4f808f41308ad665b4663aee139a45b093e063049d5
9a94553c5a6b5a952d3ec3584962dfad0128ac5e7b17c21a5bbdf20930c4ffb8
9bcfface27a9414dd7d2cff2c9bb8fad69b7cc2cc7b3f5d50fbf6aa769b0af1f
9c1d26e3e6f9b15bece5f1912bd35e4be904829d6c6dc7e73010e1d8cc8c764f
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2c6cf939f490f199869ea850ab0a1824c3423db9f16c6f77d5f4bf2a791438d
a37b4efb6a9302af7a2491021d7099b80296373698860e06f0bcf9f5cbee0948
a493c8e5b9a6398b6493864a3ae9098a14ca62fb67b8d267a333e36a1ff24803
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
ab555aad6c626fa576b7a412f40ce9591ec513e2fd23edfa252ef1a08ff83421
ab9c951192e3d82483102403fdea591bb542141b38848938c0d0562397a59c5f
ac5c27609769d5d680d34c90abbb626b715d4b6cd0f039e3db17f3e6db1eba66
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ae0aeaefd739ffd2451c5a5b09dd6ed0c63b2c11032a9418abbd61e6c3ca96df
af314566bc1963e9d748aa55507f7a6e15ef3b9025465be5b6a4a02e0e844fc0
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b02e100224262ce6979ae8de6cb7c5d06e9c360647b2740f813fd7ef7a353caf
b09569c29ce1eaff4d4b26f902188a7f679223d58a7f5d1e5f7b17aab6833c49
b210b71bba3b288718f4969a33919967a425e81aef7906edae1d4e378ee71ab5
b310519d44fa013665530fd9cf01d70df48afd54123282c9dde9daacea7a7f80
b4165879a7706c713e9de5c5c04e251e3518792544d239ae14f9cc9bba1512b5
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b5639e8e502c469e91cfcbcda3032e32478a3752dc66a691e75abc6adcaebeb9
b68e7016eaed979935279ad89af1b38ba8799ac2d6d8b3a477f80213c1e0c92b
b8b33913a23c1d4dd4ea1afb1d398b2f740a219166a6f47ec1c485b2b30c6f16
b90c9f73a6fda98b1fed2fd0a20dbce821faad29f60ec174457ad903b4d48a3f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd41d19426503aa64ae4d28ad783b7e4c7c0408e10170928039b3e9b5a19f202
bee477c0b0407fc387a3a212180c68f34f9f6a078a0636bd8da5e9e992bf4a30
bef2e7a0999a8ed5b749118f3ada9d15172393ed5610d67be4ec2abee63f87b2
c0df6138992189efffefdbe9173df743253fecb3f07ffeae59a5296597680667
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c760874839bcf780432a463be364665c1c48dc35b9f904e2939fe48880cfb184
c9efc5367a0f3b463c175da7c2911c6b5be44af90135346f0f86fa63843c1ee0
cc1edad6e7746ed1aba933a7a0773ecb235ba0bd35a46ee42b941ad1b7be529b
cd935de441d2a800babe5cbf659a431e0ff7c2bb5208bacc4f4a7f5e9d2f8fd0
cddfbbc7335cfb5e6c37a5f08d39e179ff23416660b636237475a55a09c15476
cf54dfec005ccc9a151de3efd873abcd176a13a671fee685e8d2332f9bf7f35c
cfb829354040f367c2c97ee3716d87f194c6d2a23ecfdd4901d7c22e3b8be3b6
d098cba4343ea4111852815ebe9dca7c79d69ca280b99825415448f380c2b4dd
d0d8dfbe45c07bd5eaf7d33ce5a3af604e44743fd4d4b9a1ea2aa5dc770ba4da
d0ebf114b50c8b83d066ef42db568332577ca860396f8409342f4115e88deb6b
d110d1e1ceeaef2ef6c52e65cb5b4a8b48947874f6194042dcf76c28210d8f04
d16112de269a3f5822da76f3412ed43dd4540764ea961c9385e91321b4b45479
d1d2823e3d018e19c124753405ef6312aad5f348b7aaec9f4e1af05a76fd67d1
d2748ded1f3035b6044d2a26843d4420bf3aed71da9aec6ca1384f790c935168
d33722d6a09db17e5929e7b73daa8fa28d97ba111658ae050fe0abc7958f510a
d3f7a1c58c2789ee03c553e493ad4b16fb2b910bd89348875b359e583d32752b
d57fbc235bc44d7c61a913a90036523ffe75072ff80951e3dd254c263fab64ca
d6956ba361d8d8516e40604e443adac177abf6462fb9ea41d10c5a03ccb39e2c
d78168f7d30e6d8b8cea98e125e6e9a80d0bc9ab2d00750161952b9afbe79107
d9ecfd47d629e25ef1e52f36bc1fe2dfd3c9468b37ead58ebee4ae68eaafc55e
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dcdc80f7fa04398b96b356bf8f318a58771d41fcb25360c98fa065d1f6ec956e
dd8c24f457f989f67d0d9e61256da604cf3c0478dae1dcc77bc9f7a150573efb
de961d9a1ae4dc41c14f0454663f8adc6db10f8fed40c59fb080a0af24f08ee7
decd3e00bfc13030f28794df73f7d63c5805ec9ea326485280e5ed5cb68c9476
df1e08ae6a51b0ea6b8bbbfc3f67c04931b9fe9d53e4a3aef2eef33a468a436b
e0b3aefa598882f7c3da24fb2b50d0f6435b5f16d7745a5194c20c88d5664f7a
e18e34f4a4668641d99eb32ed26dac4a448e5421e749821fad57ac394b934abc
e1fb28d0995684b1fc8ea8763c09d3f38d10f3252e95f859a5c2cc61bb406d72
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e267ca092b7d8b7d64f4412c7957453439e8e767be7fd33103b392fb7d0d2d04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4845804e91a17e87dd8cd9156fc4667accaa692bc2bca52c817fded1755b9c9
e5d16f5e7abb7c947ab0e9e19d902cfeabfa176b7b0c75ed1516505ddd0acfdd
e683c8ec53a11b2ac15b574e80515c7bd25dec1ddc1705bbd1ecdfdc946b4084
e75799976a8a373241ee5b3f81e70ec1b10faa3f850403c91dc7b4a29db2e114
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec82b34f1e3e6f9e2409d243a07090a7290b678059a174463431d6b413840e95
ed1ac176c57c5c2b5236745714f9299f66323972795422a7cd50ababcdf8eb9f
ed2cf15d31dbb39bec3e590eee1406f6d375c55dfdeceebb91081a4fd061f427
edd9c8a0725b706beb492f3e8f79ef2f5ec97b354a27ef33685dcc0010bd59d1
edea5feb53a5426d489c790abcfdc019b861eb384f3d7e28f3753fb59e809dc8
ee40c28d24dbb2db5b064313eb226e48633a30bc92ab3e13b01ab3d6636571c6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789
f236875e30d1f623b12eaa38ac697b8042e02d2b6b84c112202d1e2e88411bd9
f251442a522836fd793db82c2ad392df69ab88bd365f0e721e9342a286c74494
f2659c49ddc850b9c1992082cd7b0f55ba2571d922d873b5e135e65d4ce1f9b1
f338bedd25e2695c0878c4f3f01727d079008753714b4e4dccda935e360acebc
f513b472e507126a912116f108035b149ba1c09a8b200eaa807eba7eddf0a3f6
f582716fe8acd952971127b53734bb58efb6eee67179a0284de4e3a22631f988
f6c5b35ce0823603474903bc0a070cc2479aecb69b03e7b0c787e228646f959d
fa19563e6dd52a6e0a826365b0f1a1960710ff942f072d390ebcde8b303326c9
faccfaad26a779f9ca9fc6bff49ba999f081c513f1e9d4693e090aed5de7d86f
fb822c7ee364efb363931e6365d63ddbcac4589d1e3c2867cbf3571809d6f67b
fe000543be696bf9a6e05b1cf8906ce355c6a469653b1b44fcaa19245fdcea39

www.ducumon.click Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

869 Requests

94 %HTTPS

45 %IPv6

44 Domains

69 Subdomains

58 IPs

7 Countries

8611 kBTransfer

25502 kBSize

24 Cookies

5 Outgoing links

Page URL History

Redirected requests

869 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ducumon.click Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

869
Requests

94 %
HTTPS

45 %
IPv6

44
Domains

69
Subdomains

58
IPs

7
Countries

8611 kB
Transfer

25502 kB
Size

24
Cookies

869 HTTP transactions
4 data transactions