urlscan.io logo urlscan.io
SecurityTrails logo

www.mtgassist.com Open in urlscan Pro
107.154.165.29  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Submission: On May 02 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 96 IPs in 9 countries across 60 domains to perform 312 HTTP transactions. The main IP is 107.154.165.29, located in United States and belongs to INCAPSULA, US. The main domain is www.mtgassist.com. The Cisco Umbrella rank of the primary domain is 271444.
TLS certificate: Issued by R3 on March 15th 2022. Valid for: 3 months.
This is the only time www.mtgassist.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 107.154.165.29 19551 (INCAPSULA)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 151.139.128.11 20446 (STACKPATH...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
21 142.250.181.226 15169 (GOOGLE)
2 108.138.7.28 16509 (AMAZON-02)
5 185.33.221.89 29990 (ASN-APPNEX)
1 13.32.99.122 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2a02:26f0:350... 20940 (AKAMAI-ASN1)
7 52.49.221.146 16509 (AMAZON-02)
1 3.67.109.223 16509 (AMAZON-02)
1 2 147.75.38.124 54825 (PACKET)
3 34.98.64.218 15169 (GOOGLE)
6 52.29.29.160 16509 (AMAZON-02)
2 178.250.2.131 44788 (ASN-CRITE...)
2 185.64.189.112 62713 (AS-PUBMATIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 72.251.249.14 29791 (VOXEL-DOT...)
1 185.255.84.151 200271 (IGUANE-)
6 2602:803:c004... 26667 (RUBICONPR...)
7 185.86.138.16 201081 (SMARTADSE...)
10 18.156.195.47 16509 (AMAZON-02)
9 34.226.74.25 14618 (AMAZON-AES)
1 3.232.80.154 14618 (AMAZON-AES)
1 1 23.88.75.188 24940 (HETZNER-AS)
1 35.172.49.77 14618 (AMAZON-AES)
2 178.162.133.149 60781 (LEASEWEB-...)
2 23.35.236.201 16625 (AKAMAI-AS)
2 18.156.0.31 16509 (AMAZON-02)
4 108.138.3.177 16509 (AMAZON-02)
1 34.225.54.194 14618 (AMAZON-AES)
1 23.32.59.34 16625 (AKAMAI-AS)
1 18.157.121.66 16509 (AMAZON-02)
2 4 2.18.234.233 16625 (AKAMAI-AS)
1 185.94.180.124 35220 (SPOTX-AMS)
1 46.105.202.126 16276 (OVH)
3 141.95.99.210 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 185.64.190.78 62713 (AS-PUBMATIC)
14 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
3 ()
1 176.9.26.250 24940 (HETZNER-AS)
1 5 74.121.143.246 30419 (MEDIAMATH...)
2 2.18.233.201 16625 (AKAMAI-AS)
1 151.101.65.108 54113 (FASTLY)
4 185.33.221.88 29990 (ASN-APPNEX)
4 52.48.249.60 16509 (AMAZON-02)
5 3.33.220.150 16509 (AMAZON-02)
2 23.205.235.133 16625 (AKAMAI-AS)
2 9 23.35.236.247 16625 (AKAMAI-AS)
1 23.35.236.188 16625 (AKAMAI-AS)
1 1 18.134.84.24 16509 (AMAZON-02)
2 185.59.220.198 60068 (CDN77 ^_^)
1 5 88.99.165.19 24940 (HETZNER-AS)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
1 1 3.122.83.195 16509 (AMAZON-02)
3 37.157.5.142 198622 (ADFORM)
10 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 178.250.2.135 44788 (ASN-CRITE...)
2 178.250.0.162 44788 (ASN-CRITE...)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 37.157.5.72 198622 (ADFORM)
3 5 209.54.180.144 16509 (AMAZON-02)
1 3 69.173.144.138 26667 (RUBICONPR...)
4 4 69.173.144.139 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 4 142.250.186.66 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 2620:1ec:22::14 8068 (MICROSOFT...)
1 35.244.174.68 15169 (GOOGLE)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 151.101.130.49 54113 (FASTLY)
1 2 142.250.185.70 15169 (GOOGLE)
1 2 52.45.92.187 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 178.250.0.157 44788 (ASN-CRITE...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 54.36.108.3 16276 (OVH)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 6 78.46.111.106 24940 (HETZNER-AS)
4 216.200.232.253 30419 (MEDIAMATH...)
1 2 104.111.239.217 16625 (AKAMAI-AS)
1 185.85.15.31 200107 (KL-EXT)
312 96
17    107.154.165.29 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.165.29.ip.incapdns.net
www.mtgassist.com
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
hb.vntsm.com
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:10::ac43:2483 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
21    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
2    108.138.7.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-28.fra56.r.cloudfront.net
ats.rlcdn.com
5    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net
geo.privacymanager.io
1    2600:9000:2250:6600:0:1651:6140:21 (United States)

ASN16509 (AMAZON-02, US)
d1oykxszdrgjgl.cloudfront.net
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
6    2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
7    52.49.221.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-221-146.eu-west-1.compute.amazonaws.com
ice.360yield.com
1    3.67.109.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-109-223.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
venatusmedia-d.openx.net
u.openx.net
6    52.29.29.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-29-160.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
4    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
6    2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
7    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
10    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
9    34.226.74.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-74-25.compute-1.amazonaws.com
track1.aniview.com
1    3.232.80.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-80-154.compute-1.amazonaws.com
go1.aniview.com
1    23.88.75.188 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de
csync.loopme.me
1    35.172.49.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-49-77.compute-1.amazonaws.com
sync.aniview.com
2    178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    108.138.3.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-177.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    34.225.54.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-54-194.compute-1.amazonaws.com
pbs.aniview.com
1    23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    18.157.121.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-121-66.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
4    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
3    141.95.99.210 (France)

ASN16276 (OVH, FR)
PTR: ns3213307.ip-141-95-99.eu
id5-sync.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
12    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
14    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
11    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
googleads.g.doubleclick.net
3    (None, )

ASN- ()
www.mtgassist.com
1    176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de
hal9000.redintelligence.net
5    74.121.143.246 (United States)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
2    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
4    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ams1-ib.adnxs.com
4    52.48.249.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-249-60.eu-west-1.compute.amazonaws.com
track.venatusmedia.com
5    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
9    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    18.134.84.24 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-24.eu-west-2.compute.amazonaws.com
1f2e7.v.fwmrm.net
2    185.59.220.198 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-723.bunnyinfra.net
cdn1.vntsm.com
5    88.99.165.19 (Magdeburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de
hal900028.redintelligence.net
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    3.122.83.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-83-195.eu-central-1.compute.amazonaws.com
ghent-aws-fr.bidswitch.net
3    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
10    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
5    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
4    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    2a05:d018:d29:3602:1744:43d5:1f:d994 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
5994599.fls.doubleclick.net
2    52.45.92.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-92-187.compute-1.amazonaws.com
um2.eqads.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    2607:f8b0:4004:82f::2003 (Washington, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    54.36.108.3 (France)

ASN16276 (OVH, FR)
PTR: ns3112796.ip-54-36-108.eu
cdn.contentspread.net
1    2a00:1450:4001:4c::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
rr4---sn-4g5e6nzs.googlevideo.com
1    2a00:1450:4001:16::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
rr4---sn-4g5ednd7.googlevideo.com
1    2a00:1450:400c:c08::71 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
s.youtube.com
6    78.46.111.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de
ad.ad-srv.net
ad27.ad-srv.net
4    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
1    185.85.15.31 (Germany)

ASN200107 (KL-EXT, CH)
media.kaspersky.com
Apex Domain
Subdomains		 Transfer
33 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 165
pubads.g.doubleclick.net — Cisco Umbrella Rank: 486
cm.g.doubleclick.net — Cisco Umbrella Rank: 194
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 77549
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
229 KB
30 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
142 KB
20 mtgassist.com
www.mtgassist.com — Cisco Umbrella Rank: 271444
174 KB
18 criteo.net
static.criteo.net — Cisco Umbrella Rank: 634
pix.eu.criteo.net — Cisco Umbrella Rank: 8363
csm.eu.criteo.net — Cisco Umbrella Rank: 8397
201 KB
18 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2089
track1.aniview.com — Cisco Umbrella Rank: 2037
go1.aniview.com — Cisco Umbrella Rank: 5060
sync.aniview.com — Cisco Umbrella Rank: 2487
pbs.aniview.com — Cisco Umbrella Rank: 74320
282 KB
16 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 438
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 957
eus.rubiconproject.com — Cisco Umbrella Rank: 518
pixel.rubiconproject.com — Cisco Umbrella Rank: 320
token.rubiconproject.com — Cisco Umbrella Rank: 632
19 KB
14 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 770
ups.analytics.yahoo.com — Cisco Umbrella Rank: 281
ads.yahoo.com — Cisco Umbrella Rank: 1116
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 393
3 KB
11 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 2549
pixel.mathtag.com — Cisco Umbrella Rank: 1149
sync.mathtag.com — Cisco Umbrella Rank: 401
8 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 217
cdn.adnxs.com — Cisco Umbrella Rank: 1295
ams1-ib.adnxs.com — Cisco Umbrella Rank: 6691
acdn.adnxs.com — Cisco Umbrella Rank: 561
60 KB
9 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 280
s.amazon-adsystem.com — Cisco Umbrella Rank: 271
45 KB
8 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 436
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 510
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507
dsum.casalemedia.com — Cisco Umbrella Rank: 1218
8 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 741
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 15009
ads.eu.criteo.com — Cisco Umbrella Rank: 8360
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10603
gum.criteo.com — Cisco Umbrella Rank: 368
mug.criteo.com — Cisco Umbrella Rank: 3014
56 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 63
www.google.com — Cisco Umbrella Rank: 5
2 KB
7 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1298
2 KB
7 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1411
2 KB
6 ad-srv.net
ad.ad-srv.net — Cisco Umbrella Rank: 36808
ad27.ad-srv.net — Cisco Umbrella Rank: 236322
8 KB
6 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38932
hal900028.redintelligence.net — Cisco Umbrella Rank: 346243
9 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 158
219 KB
6 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 914
685 B
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
imasdk.googleapis.com — Cisco Umbrella Rank: 384
ajax.googleapis.com — Cisco Umbrella Rank: 278
365 KB
5 adform.net
track.adform.net — Cisco Umbrella Rank: 4096
s1.adform.net — Cisco Umbrella Rank: 7432
35 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 327
2 KB
5 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 419
ads.pubmatic.com — Cisco Umbrella Rank: 420
image6.pubmatic.com — Cisco Umbrella Rank: 557
12 KB
5 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 14746
cdn1.vntsm.com — Cisco Umbrella Rank: 167510
378 KB
4 gstatic.com
fonts.gstatic.com
csi.gstatic.com
24 KB
4 venatusmedia.com
track.venatusmedia.com — Cisco Umbrella Rank: 24147
496 B
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1449
id5-sync.com — Cisco Umbrella Rank: 617
13 KB
4 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 622
3 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 543
4 KB
3 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 61018
42 KB
3 openx.net
venatusmedia-d.openx.net — Cisco Umbrella Rank: 27353
u.openx.net — Cisco Umbrella Rank: 693
596 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1705
mp.4dex.io — Cisco Umbrella Rank: 2170
24 KB
3 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1246
id.rlcdn.com — Cisco Umbrella Rank: 536
api.rlcdn.com Failed
71 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
21 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14897
1 KB
2 googlevideo.com
rr4---sn-4g5e6nzs.googlevideo.com — Cisco Umbrella Rank: 89000
rr4---sn-4g5ednd7.googlevideo.com — Cisco Umbrella Rank: 108425
2 MB
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 3345
563 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 532
646 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 685
2 KB
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 888
889 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
608 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1318
15 B
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 642
70 KB
1 kaspersky.com
media.kaspersky.com — Cisco Umbrella Rank: 141555
17 KB
1 youtube.com
s.youtube.com — Cisco Umbrella Rank: 710
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 212
3 KB
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2683
187 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 409
708 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
5 KB
1 bidswitch.net
ghent-aws-fr.bidswitch.net — Cisco Umbrella Rank: 11587
1 KB
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 4019
511 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 248
17 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8752
792 B
1 spotxchange.com
search.spotxchange.com — Cisco Umbrella Rank: 413
1 KB
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 787
270 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4132
889 B
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 527
508 B
1 cloudfront.net
d1oykxszdrgjgl.cloudfront.net
40 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1327
593 B
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 17187
741 B
312 60
Domain Requested by
20 www.mtgassist.com www.mtgassist.com
d1oykxszdrgjgl.cloudfront.net
18 securepubads.g.doubleclick.net hb.vntsm.com
securepubads.g.doubleclick.net
www.mtgassist.com
14 tpc.googlesyndication.com d1oykxszdrgjgl.cloudfront.net
5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
imasdk.googleapis.com
tpc.googlesyndication.com
12 pagead2.googlesyndication.com securepubads.g.doubleclick.net
srcdoc
tpc.googlesyndication.com
www.mtgassist.com
10 static.criteo.net d1oykxszdrgjgl.cloudfront.net
ads.eu.criteo.com
static.criteo.net
www.mtgassist.com
10 c2shb.ssp.yahoo.com hb.vntsm.com
9 track1.aniview.com player.aniview.com
7 prg.smartadserver.com hb.vntsm.com
player.aniview.com
7 ice.360yield.com hb.vntsm.com
player.aniview.com
6 pix.eu.criteo.net ads.eu.criteo.com
6 www.googletagservices.com d1oykxszdrgjgl.cloudfront.net
5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
6 fastlane.rubiconproject.com hb.vntsm.com
6 btlr.sharethrough.com hb.vntsm.com
player.aniview.com
6 player.aniview.com d1oykxszdrgjgl.cloudfront.net
www.mtgassist.com
5 googleads.g.doubleclick.net
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 hal900028.redintelligence.net 1 redirects www.mtgassist.com
d1oykxszdrgjgl.cloudfront.net
hal900028.redintelligence.net
5 match.adsrvr.org player.aniview.com
ssum-sec.casalemedia.com
hb.vntsm.com
5 tags.mathtag.com 1 redirects www.mtgassist.com
d1oykxszdrgjgl.cloudfront.net
5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
5 ib.adnxs.com hb.vntsm.com
player.aniview.com
acdn.adnxs.com
4 sync.mathtag.com www.mtgassist.com
5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
sync.mathtag.com
4 ad.ad-srv.net 2 redirects www.mtgassist.com
ad.ad-srv.net
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
um2.eqads.com
4 cm.g.doubleclick.net 2 redirects ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 track.venatusmedia.com hb.vntsm.com
4 ams1-ib.adnxs.com d1oykxszdrgjgl.cloudfront.net
cdn.adnxs.com
4 www.google.com d1oykxszdrgjgl.cloudfront.net
5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
4 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com d1oykxszdrgjgl.cloudfront.net
4 ads.stickyadstv.com 2 redirects player.aniview.com
4 c.amazon-adsystem.com www.mtgassist.com
c.amazon-adsystem.com
4 ap.lijit.com hb.vntsm.com
www.mtgassist.com
5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
3 cdn.contentspread.net hal900028.redintelligence.net
ad.ad-srv.net
3 csi.gstatic.com imasdk.googleapis.com
3 pixel.rubiconproject.com 1 redirects
3 track.adform.net 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
www.mtgassist.com
s1.adform.net
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 imasdk.googleapis.com www.mtgassist.com
d1oykxszdrgjgl.cloudfront.net
3 adservice.google.com d1oykxszdrgjgl.cloudfront.net
www.mtgassist.com
5994599.fls.doubleclick.net
3 id5-sync.com cdn.id5-sync.com
player.aniview.com
hb.vntsm.com
3 www.google-analytics.com www.mtgassist.com
www.google-analytics.com
3 hb.vntsm.com www.mtgassist.com
hb.vntsm.com
2 www.awin1.com 1 redirects ad.ad-srv.net
2 ad27.ad-srv.net ad.ad-srv.net
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 5994599.fls.doubleclick.net 1 redirects d1oykxszdrgjgl.cloudfront.net
2 sync-tm.everesttech.net 2 redirects
2 s1.adform.net www.mtgassist.com
2 gum.criteo.com 1 redirects d1oykxszdrgjgl.cloudfront.net
2 csm.eu.criteo.net ads.eu.criteo.com
2 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
2 cdn1.vntsm.com www.mtgassist.com
2 js-sec.indexww.com www.mtgassist.com
ssum-sec.casalemedia.com
2 eus.rubiconproject.com www.mtgassist.com
eus.rubiconproject.com
2 pixel.mathtag.com d1oykxszdrgjgl.cloudfront.net
www.mtgassist.com
2 ups.analytics.yahoo.com www.mtgassist.com
ssum-sec.casalemedia.com
2 ads.pubmatic.com www.mtgassist.com
2 sync.go.sonobi.com www.mtgassist.com
2 hbopenbid.pubmatic.com hb.vntsm.com
player.aniview.com
2 bidder.criteo.com hb.vntsm.com
player.aniview.com
2 venatusmedia-d.openx.net hb.vntsm.com
player.aniview.com
2 prebid.a-mo.net 1 redirects hb.vntsm.com
2 script.4dex.io d1oykxszdrgjgl.cloudfront.net
2 i.clean.gg d1oykxszdrgjgl.cloudfront.net
2 ats.rlcdn.com www.mtgassist.com
2 maxcdn.bootstrapcdn.com www.mtgassist.com
maxcdn.bootstrapcdn.com
2 fonts.googleapis.com www.mtgassist.com
cdnjs.cloudflare.com
1 media.kaspersky.com ad.ad-srv.net
1 s.youtube.com
1 rr4---sn-4g5ednd7.googlevideo.com
1 rr4---sn-4g5e6nzs.googlevideo.com 1 redirects
1 ajax.googleapis.com hal900028.redintelligence.net
1 yt3.ggpht.com
1 mug.criteo.com
1 fonts.gstatic.com fonts.googleapis.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 id.rlcdn.com
1 px.ads.linkedin.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 ads.yahoo.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 ghent-aws-fr.bidswitch.net 1 redirects
1 ads.eu.criteo.com 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com www.mtgassist.com
1 1f2e7.v.fwmrm.net 1 redirects
1 acdn.adnxs.com www.mtgassist.com
1 u.openx.net www.mtgassist.com
1 cdn.adnxs.com d1oykxszdrgjgl.cloudfront.net
1 hal9000.redintelligence.net d1oykxszdrgjgl.cloudfront.net
1 s0.2mdn.net www.mtgassist.com
1 image6.pubmatic.com ads.pubmatic.com
1 adservice.google.de d1oykxszdrgjgl.cloudfront.net
1 cdn.id5-sync.com www.mtgassist.com
1 search.spotxchange.com player.aniview.com
1 prebid-server.rubiconproject.com player.aniview.com
1 htlb.casalemedia.com player.aniview.com
1 pbs.aniview.com
1 sync.aniview.com www.mtgassist.com
1 csync.loopme.me 1 redirects
1 go1.aniview.com player.aniview.com
1 hb-api.omnitagjs.com hb.vntsm.com
1 mp.4dex.io hb.vntsm.com
1 tlx.3lift.com hb.vntsm.com
1 d1oykxszdrgjgl.cloudfront.net hb.vntsm.com
1 geo.privacymanager.io ats.rlcdn.com
1 stats.g.doubleclick.net www.google-analytics.com
1 hb.vntsm.io hb.vntsm.com
0 api.rlcdn.com Failed hb.vntsm.com
312 110

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.diabolictutor.com
Subject Issuer Validity Valid
www.hoffmancreative.mtgassist.com
R3		 2022-03-15 -
2022-06-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-14 -
2023-04-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.360yield.com
Amazon		 2021-07-28 -
2022-08-26		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.a-mo.net
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
cdn.id5-sync.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
redintelligence.net
R3		 2022-03-29 -
2022-06-27		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.venatusmedia.com
Amazon		 2022-02-23 -
2023-03-24		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-13 -
2022-06-09		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-19 -
2022-06-18		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-10 -
2022-07-04		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
contentspread.net
R3		 2022-03-31 -
2022-06-29		 3 months crt.sh
ad-srv.net
R3		 2022-03-29 -
2022-06-27		 3 months crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh

This page contains 38 frames:

Primary Page: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Frame ID: B9B516EB3A3816A52D48A8D6CAAB274A
Requests: 142 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Frame ID: 2F9ABDF5C2A16A5EC922B9CCEAB5554A
Requests: 13 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1651493642983-960676122315-005456-005-006906&biddername=56&pid=5f2063121d82c82557194737&key=faf6d696-327f-4ab3-ade0-873b3c00a04c
Frame ID: 31ED237F5F0526C80B1FFAD067F9508C
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1651493642983-960676122315-005456-005-006906%26biddername%3D60%26key%3D%5BUID%5D
Frame ID: 605AD853D8F30F77F063034CFF0C7967
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=
Frame ID: DCB83391BE008A9C12AB672CA997E61E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160552&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1651493642983-960676122315-005456-005-006906%26biddername%3D1%26key%3D
Frame ID: 9648EBCB38156C00004D421750A05A64
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1651493642983-960676122315-005456-005-006906%26biddername%3D18%26key%3D%24UID
Frame ID: F1826AEB9A5B8A2693C3717174AEB1CB
Requests: 1 HTTP requests in this frame

Frame: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D52A2525F1BB4B54736138E964D6EA71
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Frame ID: 91F4387A0A68826F927DA198712901C5
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 26804EA51F6248DA90194E9B0F38444C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 524E64EB919B5579841A433461FCC181
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 89280590C21B4765671A272F0A114873
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQxxCVLtHO1BHWoXejGUCW4p4k2kXq1qZTmhU1MoYMfVoGQ2Wu2Ee2pS8ap_qi0U_udqCxLt45zQ55qLyBAc2IMR8LbCpimAeyC3W1yNucWU3uboACx4xiz0cj8JNX4Yguso5GKF2Q6fSNYYgAlVmox0BYuG9PzGkeubW1Bdn1ywSLviRWkj6kDm7w2aGzAyiIcQSQV21V-fjKo_xQqApUaaLEnF3AxkqSbS-3QnBZO41sZvLk06WADHBf3SFJMgWXZS5Z3jkU7f3RPqP-8EBWf5PB9aadOX_GLBGjLfiMvB_XJZDIe9fh06xa947IielPPGdDHkln71jhHm6Zwg&sai=AMfl-YQqQerI_yvd3UV17ieviadtnsHpEwNUnBZ5mRVQSB2hIEZTRXEa2fTgJqJghpFKx_lFgWp2Gl346I4HYTJY-vjy3p2Sf1688G4cH7gZZIQ8Lx9ZE-Nsu6fEbnpUlgI&sig=Cg0ArKJSzMD4C1FRntWMEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DAEB7D6CE56826B26077F22C4D5811DC
Requests: 3 HTTP requests in this frame

Frame: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BBA58772F95BC58E9D2945EAC5032E3F
Requests: 10 HTTP requests in this frame

Frame: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0497A9096274C363229A563E73177197
Requests: 12 HTTP requests in this frame

Frame: blob://https://www.mtgassist.com/10fa640f-f9db-4ce3-804e-5a642d593d6a
Frame ID: 64271A98332E2985D0CFAB4BD52BDD22
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPhy-TqX_KlJxzfEfPKByQftLBGXmDCV_-LJ2jAbxkOVIhQr06IiG0Qkv0MLhYd3OTeFL2wGhUxhYJNKWLJXs1t9M4_s84-k8jXvDkBe_8z6WW1goz1Q8ey3gO4XEF3gFb8PWIzoGgsCqypZUditNKWm5xhtS3DrQvKd0AeSnttoCYfK2K2hUB7FDbMyj122-SFOB5MS0NJec-gx_uonAD43KJJtrLt4RsV405DSJOZqHpqphowVD8AeZcjpnCDJCzBtnYm30rjsQx0fqAoV-XHSvjBkeHbytRjllhTku51vH0Vx3XhXHUgJuuN83O9_158-xfv7Junz_lVe83lQ&sai=AMfl-YSJBzpTv45X1oBKZV7g_jUq74wJHpGCl8oeT1MQTLj9RioJCbRyOpdGfwcK4_yo3XUeJy2r_JjpbKc2zL80t4RZf0jQN5NBFn19P1C46W6K26pn4cG7CnqtmV9pecUa&sig=Cg0ArKJSzOzxK2MhDhXZEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DE1D2BE2B87208398CF932CDB12FA81B
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcARdvsYqZIqah9Ce-GMdQdTkwtM_38ied_FZ91-KQz0em_HWQqpXw-05rKhfksrH1uP8xBucXfJEq_3c7VEWlfJKArbHTRiGAniGB_5ivDVbXqIIgDGcjc6rSgzNh6M7kFmt-4UgVSM-iaAWEjSEb6kOSMC94shqSwLe24SwJ9nG39iGbG5Swetmj9m-4vlN6i5aztOdLlpYHgNEMONcs9ae-BkJVcrYWTQSGkBaEg266A0iD7DFf7KOD4SpewowHcnEiEkYvpveuh3zm05wzBaKRMn3nLi3EMdka0aaDaTQ0tH6m1ImfkKU8vHfgmOV7JDKQ2IV-TlPfHu6VnA&sai=AMfl-YSl7cB2poHBILss7kJ7gWBZtTjKn0tmhEQz0mZnNHJkKq7_uamx53FtEliXU95GUceq6pA3hGE_CzD_Ni-Fcz9zvWzoBVseG3oAu1d8hLLdeGMqnKgpkaeY6yUK2WsJ&sig=Cg0ArKJSzM0zDYYOxi23EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D4729EB9A0475AA45E9B26BED6C656C9
Requests: 3 HTTP requests in this frame

Frame: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9E52A7F126ACD4BCC032AE4EA0AFDD85
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Frame ID: FC18F996994E99BBF951A0D82A190259
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9DF02A2957175BB32A45876FA342389E
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 7FFEFC39B5F0BCABA44D903FD96B4115
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4DA41958C6C4B752B2B8855705FBAF18
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B5812864630A465768E4AFDCFC027168
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.mtgassist.com/70f8fc14-0383-4fe9-adf9-2cfa6abd5327
Frame ID: 2FC289D5701B873CF66D2CD716CEBA04
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.mtgassist.com/b05d3c41-6e39-4fbd-a517-5308832761cf
Frame ID: 09DBE9AAD769C22D770689BE6590662C
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Frame ID: 3825EBC58A1D1782893EDC529F57FF01
Requests: 20 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtgassist.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 91BF073C2377B2D3D7C5AE3CD6CCCB92
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.mtgassist.com
Frame ID: ECA89678385B002B1999EBD0B6DE25A8
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPrUtaDlwPcCFR4cBgAd5L0L4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1432727364580.877
Frame ID: A98B653E94332E5901C0446DFE21AF9C
Requests: 2 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=23203200099418100951427011947028&a=f800686b
Frame ID: AA686158EA4D026C9965ADD33A72075C
Requests: 6 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: EF8B5DAA1064E111AC70E2490AF0AD03
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13386848&gdpr_consent=&us_privacy=
Frame ID: D8C26462A106DE0E1C0FC1FB99847288
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 5A33EA2BAF3C3612C402F13E7A770456
Requests: 3 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=nv4fll3xpam7&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYm_LCwAKx2MGUIF2_wZysQ%26exch_seat%3D6986995588%26mt_aid%3D8589085817903287329%26mt_id%3D8043938%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_cid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCg1x0C8tvYtWyJqDa7_UPgMi9qAaM2Y2bXPyg_8ddwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQngAgCoAwGqBLACT9DKp_6Tu1cgMUp87KQJKY8HX9sBzURcCUKMyskWgBr0s55nw4RI-VJQQhvIb4FMivKaN521T5LHfGVsHh8esQryHYbpXhZySS5mL2Fb8EC1_JPd1bktI9w0h5e411sdeXkJ3S-9SJ6IAHpzQ_HYkLxIN-B__kXe3jGxKDUWa44rTxd1vmmXn7WwSutf2l-iazMYZegepS-NYhtr217l7eBxdy_zDVEQGQ_nnnH_OcsDgowsxlZy7xskbXLQoBdsIWQV-smkO1ZlNOR8n10A7Fk_9vCIT4wYAQCBbOw-mf-FVBW9a8qm5hd-FcfuIy3eBoi-pHZqw5X_mEV1wXtzj6XjIqw_q-z2lfklwp5Fhhx7Q8dKMcsZf2D8wAe-Hzof7y2j71aHCORhr8iNQ2z3WeAEAYAGxuSVuN2Pyc-XAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi04MzM1NzY4MjQ2ODcwODA3-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0MXpsxkYfOmItIRJUyOyB7VRyqhQ%2526client%253Dca-pub-5781531207509232%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8589085817903287329&random=8589085817903287329&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:adx&extVar[]=MM_DOM_RTB:www.mtgassist.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.mtgassist.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mtgassist.com&uidRedirect=1
Frame ID: D970013265E855E7FB6A36C2F739E55A
Requests: 4 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=2ejum3p2es36&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=10c17ccc9833tj_4NLPxs_oTY_C7KwXLgUUofkiwRYQWoytoZZ1tsnlW10KFAtYj1kfIkdDUsidtGWYhUjK98rrJNKnSxYBvHC7aR-8jLyYWIZOPmdTKjEVbzYjj6XayjCoXEToY6StI_IeJ8d62M0q7gVVfacRuWQB9cWBwoVhHzO3DrgF-BEDRwNXfxwySNr&subid=26008500102591401530483011947027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fpevsgqtobneeew2%3Ftprde%3D&uidRedirect=1
Frame ID: 2A9DB0503F6662428E74089230FAF328
Requests: 5 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/iframe?mt_uuid=7526626f-cb0c-4200-a714-19a2c358c1b7&no_iframe=1&synclist=4&mt_lim=1&type=1&gdpr=1&gdpr_consent=li&source=bidder
Frame ID: 690C983F48EBC251018403588EABC9DF
Requests: 2 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519511&v=14098&q=379074&r=559379&pv=1&pref1=81352100102592101649447011947027
Frame ID: C6A4C322A8FE0B1C5140D1D5A3DA64D6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Advanced Card Search - MTG Assist

Page URL History Show full URLs

  1. https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php Page URL
  2. https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

312
Requests

92 %
HTTPS

34 %
IPv6

60
Domains

110
Subdomains

96
IPs

9
Countries

5171 kB
Transfer

10074 kB
Size

54
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php Page URL
  2. https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1651493642983-960676122315-005456-005-006906%26biddername%3D56%26pid%3D5f2063121d82c82557194737%26key%3D%7Bdevice_id%7D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1651493642983-960676122315-005456-005-006906&biddername=56&pid=5f2063121d82c82557194737&key=faf6d696-327f-4ab3-ade0-873b3c00a04c
Request Chain 105
  • https://prebid.a-mo.net/cchain/0?gdpr=1&us_privacy=1---&cb=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D1%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://pbs.aniview.com/setuid?bidder=amx&gdpr=1&gdpr_consent=&uid=ad27140b-8145-473c-a672-2b3ad06cb770&gdpr=1&us_privacy=1---
Request Chain 151
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTkRZM1kyUm1aalF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1ODkwODU4MTQ2NzA2ODk4NzAvNjYyMjM5My80NTYyMzEyLzEzL1BlbXpRQWFSM0I1dVJGREFuYjNKUDZYeEtaczQyYjY5VTVxYkdxMHdIMU0vMS8xMy8wLzAvOTU2ODAzLzM2NDQ4ODg4MzgvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzg1ODkwODU4MTQ2NzA2ODk4NzAvenJoLzAvMTM5MC81OS85OTkvMzIyLzIxNy42NC4xNTEuMC8wLjAwMC8xNjUxNDkzNjQyLzE2NTE1MDYyNDIvMTMvODA2Lw/b7M9uRKi0RFm7Xn_wcetZp71fxE&nodeid=1624&group=zrh&auctionid=8589085814670689870&shardkey=8589085814670689870&sid=4562312&cid=6622393&bp=a_bahafd&nfy_act=LD5wew&bfip=185.29.133.161&type=imp&client=c2s HTTP 302
  • https://tags.mathtag.com/ck-confirm?bid_id=8589085814670689870&node_id=1624&exch_id=13
Request Chain 169
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f7fe32b67b851fc991e8045bed6fb8&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l15ce_7093111190532475155 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 174
  • https://hal900028.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=02c2444f36&subid=&uid=105548d9529f109e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8589085814670689870%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&ancestorOrigins=https%3A%2F%2Fwww.mtgassist.com&random=1624281809086&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900028.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=02c2444f36&subid=&uid=105548d9529f109e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8589085814670689870%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&ancestorOrigins=https%3A%2F%2Fwww.mtgassist.com&random=1624281809086&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 195
  • https://ghent-aws-fr.bidswitch.net/imp/0.0518/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R48267044_Qrtbwp_R_I_WAUCTION__PRICE_X-RqQ__LjhARflGKpTuyH9exzPV-__e8e1lN0_Qrtbdata_RUJbjWetggPJHFIqkh6__bls9B7djCJpK-HwH26QARF__cPIjVHZ0tpx34Yh4lz2BYx-6cNfl5vbankWLiIpKupLUMvEClbVLZtCpq2tMA1GKXgRuNakfUByE7NCwc1KTVP14KJjm763pjGUZTNX7lxXRWByUPfLZBQLROf1bg6QppLYHk3tlKJZJTxBD20s0ygDdyy0PoKkWM3xFR37TKE0O8IiKpDXjxyFQLMVb2a6WhTKIBl9-gB__sjjdyrh3tp78YxBSGWzhUJYUIDWAtjANrZH9p3vnXMKAGEhttfaHlo1_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/IZEPzD91nIo_XdLskLqh82ue2qWr7f-2lx4jK8ZBue7xOljDOdICX8IBEgFg7E8HKjRa1PDqeqS_jrDMKxXvukU16GCdCg3E4j4FfJYFlmusIEeZRDwNIoR-A_ylS-SPfxtTtYmIm8bdm0WcFoOyTz9qgliUTn8a5Gttk2qRo4fqdFl-xEz1L6m_osQqHCBIMM58ewviI9RqrNePa0F3NZFHmdYIJ3mlgaItc_cr612uUHRQ40TbpvUfjtoc6mGjacNx4bzDOc-IlilA3pwwLPmROylZxeMqKRY6qtkTTZUKN5QqfHod7oVeFby8pjxcqqWOR6hQzp5PgZ36gCQo_QqyPF0jTDHbxRaDsuLiB3S1tTLzT2nJ3-g--IXP--d1yCMGmGoaVCQeBvyGIy9XVowY5G32Gs-lcYjcpzrZMCOda2vDZKix_Jm5VsFSX2YFIK6PKvzLT3Fcx7hOs-SGdZDX18ldA8orwwYVwANAGEyfjLdJDt2Ha5z8fF9RPBNTzILkxDUSy6V4___shbDi73uSbTRtM8Ir63vdRb11OaHZOEV3wIuLttE5mV0pI55BqJh_hkGBYjCwVnln_O4bweED2zFjmqe5oRcJRGQOsDyZlwUiMAoPKAoFiH2XUhIZTkDEVbDGnQP9pRC-tMBfm1Z0Je9B-lyKg-MUFp7wBkTd9m9ImJ2KiCOMpUYFXY9gdsfQTAIbKwGIYaG6Ov3WkVE9ZHBUq4P-4TxFheX9AGBBZVbgxPU7PaA4z5uqkUMWyH8_KDaX19qD7mwKCKGDRPRqVf_VhIJ6bXyRx6BPoOZO4cSL7t7jafNZz_i7fEVgUgGWpEYWo-5EKkuD8o_efCjuTNaHS2z5fQeCWc__esJNAaxY1Nr8FmVliq9FQAH-N3fZPhiieyjsf-TWw_a7hnl9b05E4HSAyosNGG3VUeVqvhtVVA-57A3zwLzvUKN6wa4XMb5_KoNyxVVdiwpoq1G-dwgiuNeKeQwQrwUyuNUv5qNssG7svmPPnIX1bIEj98N1rjmtKdVNc4N5-GtUgptqbUeJQvMtiHP2T13PAVptujameVA5suMkqHaJZjtN63M/ HTTP 302
  • https://track.adform.net/adfscript/?bn=48267044;rtbwp=0.0518-RqQ_LjhARflGKpTuyH9exzPV-_e8e1lN0;rtbdata=UJbjWetggPJHFIqkh6_bls9B7djCJpK-HwH26QARF_cPIjVHZ0tpx34Yh4lz2BYx-6cNfl5vbankWLiIpKupLUMvEClbVLZtCpq2tMA1GKXgRuNakfUByE7NCwc1KTVP14KJjm763pjGUZTNX7lxXRWByUPfLZBQLROf1bg6QppLYHk3tlKJZJTxBD20s0ygDdyy0PoKkWM3xFR37TKE0O8IiKpDXjxyFQLMVb2a6WhTKIBl9-gB_sjjdyrh3tp78YxBSGWzhUJYUIDWAtjANrZH9p3vnXMKAGEhttfaHlo1;OOBClickTrack=
Request Chain 214
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtgassist.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtgassist.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 228
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=f1Wt_rWkSfW93TnJ3MKd5Q&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=f1Wt_rWkSfW93TnJ3MKd5Q
Request Chain 229
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2OOOA4D-6-MB7A&sigv=1&esig=2~99aa77d23a83dd1c491cd8e7e66c4ab672f66ef0
Request Chain 230
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDRiMzkwNzkyZWNlZjllZDkyZDcxZDRjMDc2ZmNjODcyOTE0NjI4ZA
Request Chain 231
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gGilDVSq0m0O_SDnzelFbQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3985725241610440854
Request Chain 232
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJtStiXXfEBZ_ftfXXsYSGI&google_cver=1
Request Chain 233
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2OOOA4D-6-MB7A
Request Chain 236
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ym-LDMW3j-Wtzw549MkP6AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECkeFwHAmQHjC1y2Bqdl7Eg&google_cver=1&gdpr=1
Request Chain 238
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym_LDMW3j_Wtzw549MkP6AAABIwAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym_LDMW3j_Wtzw549MkP6AAABIwAAAIB&dcc=t
Request Chain 240
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1651580044&gdpr=1
Request Chain 241
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=Ym-LDQAY5FU-tQAy HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ym-LDQAY5FU-tQAy&gdpr=1&_test=Ym-LDQAY5FU-tQAy
Request Chain 245
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1432727364580.877 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPrUtaDlwPcCFR4cBgAd5L0L4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1432727364580.877
Request Chain 248
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 251
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mtgassist.com&sn=ChromeSyncframe&so=0&topUrl=www.mtgassist.com&cw=1&lsw=1&topicsavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=64ErEXxhVjdqR2JlZThDRURMU2RKVUpmQUhpVjhONmZMYjFXL09sNUZTb294UTBPckI4WVVhTTNnYkZoMTNrYjR5ZGlzSnlXVE9nMXIxd3JJd3RKZDA1bGF3WlBDZ2NkN1NhbGluVVBVbUU3bTl5aFpxVFdLQzk4eUc2cGphNmoyWXZ1Ry9tL0paaTJncm05K0pmNFhuak9xSE9kM3J3Wm1haFQxcE1yb2dlRzE2TWViY0F6MjFRZFpNRTZmcG42U0t2cXByS3R0a0FsMTQyS3IyZ1JYenhIcmFFODVGdEtCc3ljTlJneVBXNTJOc3N0dVFRclJlbCtMdlQrcDl1SlJkVkRnSlR6NHRnUXBKZHNJM2ZKZHV1N2xsUT09fA&cppv=2
Request Chain 265
  • https://rr4---sn-4g5e6nzs.googlevideo.com/videoplayback?expire=1651522444&ei=DMtvYrPKKNrVgQfxo6KICg&ip=217.64.151.6&id=cddeb8a4634b8d56&itag=22&source=youtube&requiressl=yes&mh=y0&mm=31&mn=sn-4g5e6nzs&ms=au&mv=m&mvi=4&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=54.706&lmt=1644614271274037&mt=1651493581&txp=4532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAP9Ws34UHH2xTYz5e0Tjs2O19eePcNJ6VfabyLfB5J4IAiBM9ZuScEpGXj9I9DevIUBysLe6eM2Zkhg2zohc8CfP8w==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPlBaf7OgsACTaqwq4PK_w6SCBR8qM9yb44aluxDuLY8AiABjn6LabxBpMCLy1Vpw8BSbN8k_iMQzjD5DKajfTbalQ==&cpn=nRLeHMyjbfnmuwTL HTTP 302
  • https://rr4---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1651522444&ei=DMtvYrPKKNrVgQfxo6KICg&ip=217.64.151.6&id=cddeb8a4634b8d56&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=54.706&lmt=1644614271274037&txp=4532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAP9Ws34UHH2xTYz5e0Tjs2O19eePcNJ6VfabyLfB5J4IAiBM9ZuScEpGXj9I9DevIUBysLe6eM2Zkhg2zohc8CfP8w==&cpn=nRLeHMyjbfnmuwTL&redirect_counter=1&rm=sn-4g5ede7z&req_id=d59ff32d13da36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=y0&mip=2001:ac8:20:3b00:1011:b648:806c:f52d&mm=31&mn=sn-4g5ednd7&ms=au&mt=1651493585&mv=m&mvi=4&pl=49&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJx1sfAXLYFyc8AT1iUe3SB4S7AFgLWLGhymj2xPi6UHAiEAtGVwpN2NE-edMHRNI81GdUuOa7oSUErcr2DMC5F1DWA%3D
Request Chain 295
  • https://ad.ad-srv.net/request.php?zone=nv4fll3xpam7&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYm_LCwAKx2MGUIF2_wZysQ%26exch_seat%3D6986995588%26mt_aid%3D8589085817903287329%26mt_id%3D8043938%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_cid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCg1x0C8tvYtWyJqDa7_UPgMi9qAaM2Y2bXPyg_8ddwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQngAgCoAwGqBLACT9DKp_6Tu1cgMUp87KQJKY8HX9sBzURcCUKMyskWgBr0s55nw4RI-VJQQhvIb4FMivKaN521T5LHfGVsHh8esQryHYbpXhZySS5mL2Fb8EC1_JPd1bktI9w0h5e411sdeXkJ3S-9SJ6IAHpzQ_HYkLxIN-B__kXe3jGxKDUWa44rTxd1vmmXn7WwSutf2l-iazMYZegepS-NYhtr217l7eBxdy_zDVEQGQ_nnnH_OcsDgowsxlZy7xskbXLQoBdsIWQV-smkO1ZlNOR8n10A7Fk_9vCIT4wYAQCBbOw-mf-FVBW9a8qm5hd-FcfuIy3eBoi-pHZqw5X_mEV1wXtzj6XjIqw_q-z2lfklwp5Fhhx7Q8dKMcsZf2D8wAe-Hzof7y2j71aHCORhr8iNQ2z3WeAEAYAGxuSVuN2Pyc-XAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi04MzM1NzY4MjQ2ODcwODA3-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0MXpsxkYfOmItIRJUyOyB7VRyqhQ%2526client%253Dca-pub-5781531207509232%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8589085817903287329&random=8589085817903287329&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:adx&extVar[]=MM_DOM_RTB:www.mtgassist.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.mtgassist.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mtgassist.com HTTP 302
  • https://ad.ad-srv.net/request.php?zone=nv4fll3xpam7&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYm_LCwAKx2MGUIF2_wZysQ%26exch_seat%3D6986995588%26mt_aid%3D8589085817903287329%26mt_id%3D8043938%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_cid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCg1x0C8tvYtWyJqDa7_UPgMi9qAaM2Y2bXPyg_8ddwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQngAgCoAwGqBLACT9DKp_6Tu1cgMUp87KQJKY8HX9sBzURcCUKMyskWgBr0s55nw4RI-VJQQhvIb4FMivKaN521T5LHfGVsHh8esQryHYbpXhZySS5mL2Fb8EC1_JPd1bktI9w0h5e411sdeXkJ3S-9SJ6IAHpzQ_HYkLxIN-B__kXe3jGxKDUWa44rTxd1vmmXn7WwSutf2l-iazMYZegepS-NYhtr217l7eBxdy_zDVEQGQ_nnnH_OcsDgowsxlZy7xskbXLQoBdsIWQV-smkO1ZlNOR8n10A7Fk_9vCIT4wYAQCBbOw-mf-FVBW9a8qm5hd-FcfuIy3eBoi-pHZqw5X_mEV1wXtzj6XjIqw_q-z2lfklwp5Fhhx7Q8dKMcsZf2D8wAe-Hzof7y2j71aHCORhr8iNQ2z3WeAEAYAGxuSVuN2Pyc-XAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi04MzM1NzY4MjQ2ODcwODA3-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0MXpsxkYfOmItIRJUyOyB7VRyqhQ%2526client%253Dca-pub-5781531207509232%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8589085817903287329&random=8589085817903287329&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:adx&extVar[]=MM_DOM_RTB:www.mtgassist.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.mtgassist.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mtgassist.com&uidRedirect=1
Request Chain 303
  • https://ad.ad-srv.net/request.php?zone=2ejum3p2es36&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=10c17ccc9833tj_4NLPxs_oTY_C7KwXLgUUofkiwRYQWoytoZZ1tsnlW10KFAtYj1kfIkdDUsidtGWYhUjK98rrJNKnSxYBvHC7aR-8jLyYWIZOPmdTKjEVbzYjj6XayjCoXEToY6StI_IeJ8d62M0q7gVVfacRuWQB9cWBwoVhHzO3DrgF-BEDRwNXfxwySNr&subid=26008500102591401530483011947027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fpevsgqtobneeew2%3Ftprde%3D HTTP 302
  • https://ad.ad-srv.net/request.php?zone=2ejum3p2es36&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=10c17ccc9833tj_4NLPxs_oTY_C7KwXLgUUofkiwRYQWoytoZZ1tsnlW10KFAtYj1kfIkdDUsidtGWYhUjK98rrJNKnSxYBvHC7aR-8jLyYWIZOPmdTKjEVbzYjj6XayjCoXEToY6StI_IeJ8d62M0q7gVVfacRuWQB9cWBwoVhHzO3DrgF-BEDRwNXfxwySNr&subid=26008500102591401530483011947027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fpevsgqtobneeew2%3Ftprde%3D&uidRedirect=1
Request Chain 308
  • https://www.awin1.com/cshow.php?s=2519511&v=14098&q=379074&r=559379&pv=0&pref1=81352100102592101649447011947027 HTTP 302
  • https://media.kaspersky.com/de/affiliates/22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_234x60.png

312 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
signin.php
www.mtgassist.com/selfdefensive/chasefix/secure/494161211/ 		212 B
546 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
212
content-type
text/html
x-iinfo
12-98511488-0 0NNN RT(1651493640023 98) q(0 -1 -1 0) r(0 -1) B10(4,314,0) U18
_Incapsula_Resource
www.mtgassist.com/ 		176 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
3800831a2d4781bd5a823ceaf19e2269a0bf8f3b19fea75b0f8f7f7da8c89cdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
25883
content-type
application/javascript
_Incapsula_Resource
www.mtgassist.com/ 		29 B
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/_Incapsula_Resource?SWHANEDL=8382754845368945664,8159407846290489538,2655587446521098190,739840
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
29
content-type
application/javascript
Primary Request signin.php
www.mtgassist.com/selfdefensive/chasefix/secure/494161211/ 		49 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
Apache /
Resource Hash
10f231669f0f7b205fcc97c62715b525b2e91f78341c6b18fea15c0728365580

Request headers

Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 02 May 2022 12:14:01 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
x-cdn
Imperva
x-iinfo
12-98511488-98511532 NNNN CT(122 126 0) RT(1651493640023 200) q(0 0 2 -1) r(3 5) U11
_Incapsula_Resource
www.mtgassist.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mtgassist.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9774187769072047
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
_Incapsula_Resource
www.mtgassist.com/ 		0
0
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:400italic,400,700
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9cfba3921ecf4ed58d1edcae260479e69f486b21478826d518c32a8146bcbd52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 02 May 2022 12:14:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 02 May 2022 12:14:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 May 2022 12:14:01 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
824427
cdn-cachedat
2021-04-22 23:44:46
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
6fe5f73414fdf46214178563ab4206d4
cf-ray
7050ac9bde7601e3-ZRH
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
styles_v24.css
www.mtgassist.com/styles/ 		41 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/styles/styles_v24.css
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
e0d154e31e8804876ba7c8569938d629ffce434940c956481c07bc40133c5088

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:00 GMT
content-encoding
gzip
last-modified
Thu, 17 Jun 2021 11:49:57 GMT
x-cdn
Imperva
etag
"f7827aa4"
content-type
text/css
x-iinfo
12-98511488-0 0CNN RT(1651493640023 765) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=2344689, public
content-length
10397
expires
Sun, 29 May 2022 15:32:09 GMT
jquery-ui-1.10.4.custom.min.css
www.mtgassist.com/js_scripts/jquery/css/flick/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/js_scripts/jquery/css/flick/jquery-ui-1.10.4.custom.min.css
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
163cd32347b0ab98e2cd60e11b9659dea33237338d2151e5d7985bda94e69359

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:00 GMT
content-encoding
gzip
last-modified
Thu, 18 May 2017 14:43:03 GMT
x-cdn
Imperva
etag
"2c5db065"
content-type
text/css
x-iinfo
12-98511488-0 0CNN RT(1651493640023 766) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=2344774, public
content-length
6349
expires
Sun, 29 May 2022 15:33:34 GMT
ad-manager.min.js
hb.vntsm.com/v3/live/ 		991 KB
289 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
c30f2c703bba46d1b7113ae88bd27837794279be28382f10c784bc40f3de0a1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:01 GMT
Content-Encoding
gzip
Venatus-CDN-HB-Rule-Version
1.1
X-IP
217.64.151.6
Content-Length
294893
Last-Modified
Thu, 28 Apr 2022 11:57:53 GMT
Cache-Control
max-age=301
ETag
"e8610bfb8379a4d5eabb5eccea7926e7"
X-HW
1651493641.cds211.lo4.hn,1651493641.cds211.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Geo, Content-Type,x-bl,x-geo-subdivision
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision
X-Geo
DE
mtgassist-logo-rev.png
www.mtgassist.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mtgassist.com/images/mtgassist-logo-rev.png
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
76aed71dd53c1b95006fab01d4e9c26b12917fe7bddfbd9cf9f8d1edb285cae2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:00 GMT
last-modified
Tue, 15 Jun 2021 15:24:55 GMT
x-cdn
Imperva
etag
"fb4b95e7"
content-type
image/png
x-iinfo
12-98511488-0 0CNN RT(1651493640023 767) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31288691, public
content-length
2858
expires
Sat, 29 Apr 2023 15:32:11 GMT
plus.png
www.mtgassist.com/images/ 		299 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mtgassist.com/images/plus.png
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/styles/styles_v24.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
070ff3266929b3d35ef13250d3f34a568caa8798e1ec1d05da6cfa6d86f214e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/styles/styles_v24.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:00 GMT
last-modified
Tue, 15 Jun 2021 15:24:55 GMT
x-cdn
Imperva
etag
"6436f152"
content-type
image/png
x-iinfo
12-98511488-0 0CNN RT(1651493640023 837) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31288701, public
content-length
299
expires
Sat, 29 Apr 2023 15:32:21 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6892
date
Mon, 02 May 2022 10:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 02 May 2022 12:19:09 GMT
jquery-1.11.1.min.js
www.mtgassist.com/js_scripts/jquery/js/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/js_scripts/jquery/js/jquery-1.11.1.min.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
a181a613a6eeab77259b1d6537f82fd28f4cb38fa41e43af8d1677a3542e74bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:00 GMT
content-encoding
gzip
last-modified
Thu, 18 May 2017 14:42:35 GMT
x-cdn
Imperva
etag
"e0d00a6c"
content-type
application/javascript
x-iinfo
12-98511488-0 0CNN RT(1651493640023 876) q(0 -1 -1 -1) r(1 -1)
cache-control
max-age=2344691, public
content-length
33161
expires
Sun, 29 May 2022 15:32:11 GMT
jquery-ui-1.10.4.custom.min.js
www.mtgassist.com/js_scripts/jquery/js/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/js_scripts/jquery/js/jquery-ui-1.10.4.custom.min.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
5399c388f01bcc2570da65a867e326faa27d8c3edc8733ba79991622e0f8a579

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:00 GMT
content-encoding
gzip
last-modified
Thu, 18 May 2017 14:42:36 GMT
x-cdn
Imperva
etag
"7f85ec3d"
content-type
application/javascript
x-iinfo
12-98511488-0 0CNN RT(1651493640023 878) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=2344691, public
content-length
60407
expires
Sun, 29 May 2022 15:32:11 GMT
jquery.lazyload.min.js
www.mtgassist.com/js_scripts/jquery/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/js_scripts/jquery/jquery.lazyload.min.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
ad7d8319a77e1c991ddde63231363c86f7b2d6e930294cbb98e4cc1cd8a3e9c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:00 GMT
content-encoding
gzip
last-modified
Thu, 18 May 2017 14:41:42 GMT
x-cdn
Imperva
etag
"66d35607"
content-type
application/javascript
x-iinfo
12-98511488-0 0CNN RT(1651493640023 880) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=2344691, public
content-length
1238
expires
Sun, 29 May 2022 15:32:11 GMT
scripts_v9.js
www.mtgassist.com/js_scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/js_scripts/scripts_v9.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
8e02885d1f79469ee0011840af2062d3a20b915af1a2949e729563440d227f94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:00 GMT
content-encoding
gzip
last-modified
Sat, 23 Apr 2022 12:30:50 GMT
x-cdn
Imperva
etag
"a81ef59a"
content-type
application/javascript
x-iinfo
12-98511488-0 0CNN RT(1651493640023 882) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=2344691, public
content-length
1654
expires
Sun, 29 May 2022 15:32:11 GMT
_Incapsula_Resource
www.mtgassist.com/ 		148 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mtgassist.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=4&cb=419435814
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
ae3224c2db8bfa6370eeb9b8e669a60a771ef1dcca97bf6b97c78bfad48f4e5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
21290
content-type
application/javascript
ad_placeholder_sm.gif
www.mtgassist.com/images/ 		607 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mtgassist.com/images/ad_placeholder_sm.gif
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/styles/styles_v24.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
b8b84045ab761b4387ff0de8a05ebe71cbd7edd7a6cd9ea801155f87c189b9a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/styles/styles_v24.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:00 GMT
last-modified
Tue, 15 Jun 2021 15:24:55 GMT
x-cdn
Imperva
etag
"13f47831"
content-type
image/gif
x-iinfo
12-98511488-0 0CNN RT(1651493640023 899) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31288691, public
content-length
607
expires
Sat, 29 Apr 2023 15:32:11 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin
https://www.mtgassist.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:01 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
age
6393354
cdn-proxyver
1.02
cdn-cachedat
12/27/2021 09:53:28
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64464
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
9a86b4e22fdd9cf6ab780e086b8db118
accept-ranges
bytes
cf-ray
7050ac9c7e34cc46-ZRH
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ui-bg_flat_75_ffffff_40x100.png
www.mtgassist.com/js_scripts/jquery/css/flick/images/ 		75 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mtgassist.com/js_scripts/jquery/css/flick/images/ui-bg_flat_75_ffffff_40x100.png
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/js_scripts/jquery/css/flick/jquery-ui-1.10.4.custom.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
7a12bcefbd71667211185313fb2258501463408c5aaa407ca129cdfb66cc3a7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/js_scripts/jquery/css/flick/jquery-ui-1.10.4.custom.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:00 GMT
last-modified
Thu, 18 May 2017 14:44:09 GMT
x-cdn
Imperva
etag
"70b406a8"
content-type
image/png
x-iinfo
12-98511488-0 0CNN RT(1651493640023 934) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=31288702, public
content-length
75
expires
Sat, 29 Apr 2023 15:32:22 GMT
_Incapsula_Resource
www.mtgassist.com/ 		1 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mtgassist.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5819883859580135
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.165.29 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.165.29.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 11:50:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 02 May 2022 12:50:09 GMT
603cde5988cbff67a6738951.enc
hb.vntsm.com/v2/live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/603cde5988cbff67a6738951.enc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
BunnyCDN-KC1-910 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ref_url
Access-Control-Request-Method
GET
Origin
https://www.mtgassist.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Access-Control-Allow-Headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Type
application/octet-stream
Date
Mon, 02 May 2022 12:14:01 GMT
Server
BunnyCDN-KC1-910
Transfer-Encoding
chunked
X-HW
1651493641.cds232.lo4.hn,1651493641.cds232.lo4.sl
cdn-cache
HIT
cdn-pullzone
131999
cdn-requestcountrycode
CA
cdn-requestid
de2f86865da9324e346be447b9e69388
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
x-bl
0 0
content.html
hb.vntsm.io/ 		32 B
741 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:01 GMT
cf-cache-status
HIT
age
2967
cf-ray
7050ac9dab5a23f7-ZRH
content-length
32
x-amz-id-2
Oru2M1u4MvFw3iNsDlFcXHMdn9svpLpwu2/SZYGAM03ZLRDJR0emzCMhqTcEcFDhCTBR+X/HUq8=
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
Z0CHBDYWDAFPNBC8
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, origin, Origin
cache-control
max-age=14400
accept-ranges
bytes
content-type
text/html
603cde5988cbff67a6738951.enc
hb.vntsm.com/v2/live/ 		109 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/603cde5988cbff67a6738951.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
BunnyCDN-KC1-910 /
Resource Hash
729080883e35ad5e2b60cf343ac3a14d454b6f4b99b26ee257646a6dc8d9a682

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
ref_url
aHR0cHM6Ly93d3cubXRnYXNzaXN0LmNvbS9zZWxmZGVmZW5zaXZlL2NoYXNlZml4L3NlY3VyZS80OTQxNjEyMTEvc2lnbmluLnBocA==

Response headers

Date
Mon, 02 May 2022 12:14:02 GMT
Access-Control-Allow-Methods
GET, OPTIONS
cdn-edgestorageid
910
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
Transfer-Encoding
chunked
cdn-cachedat
04/28/2022 12:02:33
cdn-pullzone
131999
Connection
keep-alive
Content-Encoding
br
Server
BunnyCDN-KC1-910
Access-Control-Allow-Headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
Last-Modified
Sun, 13 Mar 2022 20:21:06 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
ETag
W/"7a92e0aa98fc3c60c4d6c9a1b77ebd11"
Vary
Accept-Encoding
X-HW
1651493641.cds232.lo4.hn,1651493642.cds232.lo4.sl
Content-Type
text/plain
cdn-cache
STALE
x-bl
0, 0
Cache-Control
public, max-age=86400
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cdn-requestid
ef4e796673cb6053b9662737930b95f6
Access-Control-Allow-Credentials
true
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1342743711&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&ul=en-us&de=UTF-8&dt=Advanced%20Card%20Search%20-%20MTG%20Assist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAAAjAAAAAC~&jid=897263402&gjid=1007816037&cid=1590815441.1651493642&tid=UA-9030056-5&_gid=1096837154.1651493642&_r=1&_slc=1&z=1208866322
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-9030056-5&cid=1590815441.1651493642&jid=897263402&gjid=1007816037&_gid=1096837154.1651493642&_u=KGBAAAAiAAAAAC~&z=1422851771
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 02 May 2022 12:14:01 GMT
content-type
text/plain
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
e6b6d3682b37472ecaa0b339f8c68859a158bbb12ad02f36e0231249c2ae7922
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28551
x-xss-protection
0
server
sffe
etag
"1202 / 155 of 1000 / last-modified: 1651490013"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 02 May 2022 12:14:02 GMT
ats.js
ats.rlcdn.com/ 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
br
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
31241
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Mon, 02 May 2022 07:39:10 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA56-P6
content-type
application/x-javascript
x-amz-cf-id
QmB4vgb99T5udQSvhKQPXjZxUQMhaAgUJJfjz423nY6O8eyJArViUg==
prebid
ib.adnxs.com/ut/v3/ 		57 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:02 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
34e3fe6c-b720-4ac8-aa5c-0bc33d02c2ea
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.mtgassist.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
57
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pubads_impl_2022042601.js
securepubads.g.doubleclick.net/gpt/ 		367 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
43700b9800ddc7b26ee1bf46a878b942908a720bd48a1809163d3a26de2944c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 11:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127613
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 02 May 2023 11:33:37 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		102 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mtgassist.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6217a6683781067bee8963328bc5b9faa318bcfa1d2a5452640318473e3f7169
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 12:14:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94
x-xss-protection
0
expires
Mon, 02 May 2022 12:14:02 GMT
/
geo.privacymanager.io/ 		28 B
593 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 05:03:59 GMT
via
1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront), 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
age
25803
x-amzn-requestid
8cbd560a-4046-489c-825a-0a8ed68169ec
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-626f663f-365714066fb7d04d1d61b72c;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA60-P3
x-amz-apigw-id
Rezp6GwqDoEFWyg=
content-length
28
x-amz-cf-id
jubkSdo8YJUEI00bQQnDo3WrmBc_JYdQYX-YsfVOAZ3K4TZeM7y9lw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
script.js
d1oykxszdrgjgl.cloudfront.net/ 		115 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1oykxszdrgjgl.cloudfront.net/script.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:6600:0:1651:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6660f3c2212e9b1c8852f57f35951d03e30d6c9d65595dc7088db04a6a0c6e3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:08:06 GMT
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 14:51:59 GMT
server
AmazonS3
age
357
etag
W/"4a60b3665fed5cca859a94b8b64ae458"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
SXfuTsnE7kT9egwq-B9Bax5NMH-3IHrkd3v2uuHoAxtY_qPBpNpCIg==
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.mtgassist.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 02 May 2022 12:14:02 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
localstore.js
script.4dex.io/ 		483 B
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1805692
x-amz-request-id
tx0c810f9b689a43feb0d6c-0062543d8e
x-amz-id-2
tx0c810f9b689a43feb0d6c-0062543d8e
last-modified
Mon, 11 Apr 2022 14:37:55 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnKTyAsqK46%2B1%2FlmEtXJkxzMM6QgKpJMKK2E1aBMkzKoya63iZw%2F9T%2FITG8rQgAM5utWQcOFgh3BDIZTJv6uBpnHveg%2B%2FvP8ICP7MfKcC8Qt211gMTfilBT1jKhV6vNHZNPSgtvVXu3kjSRV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1649687875786561
cf-ray
7050aca149030f5e-MXP
player.js
player.aniview.com/script/6.1/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5f2063121d82c82557194737
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1e5d98f91f8e7be1e8fd176b3d85a0fdab01571c60d031652ad3151085b9eb45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu-7_TbJMOBGUmKXistNBXufBPR2Y669kawBxU-DPr6cGdBjFymvlQR4eZDSZLj3vtIOxvm3GvDBZ2XYBJfinsaXaB7o0m5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9622
last-modified
Sat, 30 Apr 2022 11:07:10 GMT
server
UploadServer
etag
"2ca75fa4d366ca465fc774121ed3386a"
vary
Accept-Encoding
x-goog-hash
crc32c=RayWOg==, md5=LKdfpNNmykZfx3QSHtM4ag==
x-goog-generation
1651316830744888
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9622
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 02 May 2022 12:19:02 GMT
hb
ice.360yield.com/ 		99 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22127ec17dc0f5bfa3%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%22603cde5988cbff67a6738951%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a203c1f7-b51b-489a-a22e-bebff08be1c3%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22240ad68de3d31e%22%2C%22pid%22%3A%2222440554%22%2C%22tid%22%3A%2234807fbe-b0a2-466e-a759-8056ce6ef324%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%2C%7B%22w%22%3A200%2C%22h%22%3A200%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.221.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-221-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c18bf742d43f5001e3fbed77a9b8fad628f55c0722b37018254eeee14adfeb31

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:02 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
99
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hb
ice.360yield.com/ 		100 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22128caa4a400e04c8%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%22603cde5988cbff67a6738951%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a203c1f7-b51b-489a-a22e-bebff08be1c3%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2225868f140c8c322%22%2C%22pid%22%3A%2222440554%22%2C%22tid%22%3A%22001f90ae-62b7-42fc-869b-47e6604ecc32%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.221.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-221-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9497456fe888329a8f11cc7ee747eb5f3667017ad2131010f3c0445d3434df4e

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:02 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
100
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hb
ice.360yield.com/ 		100 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22129ed6dbd97bdade%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%22603cde5988cbff67a6738951%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a203c1f7-b51b-489a-a22e-bebff08be1c3%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2226752793f2fc982%22%2C%22pid%22%3A%2222440554%22%2C%22tid%22%3A%2225107f26-cfb8-4f80-893d-5101a200ae3d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.221.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-221-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d0f68fdcfdafa1d8fa2041ef6341bcdad37d1ba0dfb8bad18c6976b5936c2fbd

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:02 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
100
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hb
ice.360yield.com/ 		100 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2213092ad5f6ac8aa4%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%22603cde5988cbff67a6738951%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a203c1f7-b51b-489a-a22e-bebff08be1c3%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2227bd12949d74d55%22%2C%22pid%22%3A%2222440554%22%2C%22tid%22%3A%22805bd878-9058-4354-9876-c83661fd2cd8%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.221.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-221-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
82fd992226fd8c7b227fe0b42c2bcf53ee85d798f89fee3f39f0df41f0b710e4

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:02 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
100
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hb
ice.360yield.com/ 		100 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22131cb057b698b4ca%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%22603cde5988cbff67a6738951%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a203c1f7-b51b-489a-a22e-bebff08be1c3%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22283e1a81ec5fc56%22%2C%22pid%22%3A%2222440554%22%2C%22tid%22%3A%22a840e7b5-881f-4c01-9461-7f93cde987df%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.221.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-221-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6cd502a8668a696e39591d71dd2006dcb29e89b608d4a3fe916e53ab8d94eb08

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:02 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
100
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hb
ice.360yield.com/ 		99 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%221329412ed9b75caf%22%2C%22version%22%3A%227.6.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%22603cde5988cbff67a6738951%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a203c1f7-b51b-489a-a22e-bebff08be1c3%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2229be7ff27aef4d%22%2C%22pid%22%3A%2222440554%22%2C%22tid%22%3A%2243ecbb6e-ee75-4686-b9bf-e72da9cfd1b6%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.221.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-221-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ed1c0c1cdd860aba33271f99aabf84e07c2ee798e3c7b483d2187f41c4e1624d

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:02 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
99
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
auction
tlx.3lift.com/header/ 		19 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.6.0&referrer=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&tmax=2000
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.109.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-109-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:02 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/ 		0
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:02 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
211
vary
origin, Accept-Encoding
arj
venatusmedia-d.openx.net/w/1.0/ 		73 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://venatusmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=34807fbe-b0a2-466e-a759-8056ce6ef324%2C001f90ae-62b7-42fc-869b-47e6604ecc32%2C001f90ae-62b7-42fc-869b-47e6604ecc32%2C25107f26-cfb8-4f80-893d-5101a200ae3d%2C25107f26-cfb8-4f80-893d-5101a200ae3d%2C25107f26-cfb8-4f80-893d-5101a200ae3d%2C805bd878-9058-4354-9876-c83661fd2cd8%2Ca840e7b5-881f-4c01-9461-7f93cde987df%2C43ecbb6e-ee75-4686-b9bf-e72da9cfd1b6&nocache=1651493642427&pubcid=ec6a122a-5cc4-4bbb-a7a8-9feac04db17f&schain=1.0%2C1!venatusmedia.com%2C603cde5988cbff67a6738951%2C1%2C%2C%2C&aus=160x600%2C200x200%7C970x90%2C728x90%7C970x90%2C728x90%7C320x100%2C300x100%2C320x50%2C300x50%7C320x100%2C300x100%2C320x50%2C300x50%7C320x100%2C300x100%2C320x50%2C300x50%7C300x250%7C300x250%7C300x250&divids=1000-606199aee8fdeb39324f4e8e-1%2C1001-60c8acd1933f122cc723a728-1%2C1001-60c8acd1933f122cc723a728-1%2C1002-60c8add5933f122cc723a72a-1%2C1002-60c8add5933f122cc723a72a-1%2C1002-60c8add5933f122cc723a72a-1%2C1003-60c8adfd933f122cc723a72e-1%2C1004-60c8ae0f933f122cc723a731-1%2C1005-60c8ae19933f122cc723a733-1&aucs=%2C%2C%2C%2C%2C%2C%2C%2C&auid=539871855%2C539871861%2C539871863%2C539871860%2C539871858%2C539871856%2C539871857%2C539871857%2C539871857
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
208c463eeb39ad507407b8dce2dc448ead822040627ce2d1ce8e5d3054772fab

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:02 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.mtgassist.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:02 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:02 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:02 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:02 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:02 GMT
access-control-allow-credentials
true
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cea49a136c78be3548459ed926e5e8eb640b23540a3959645dbef2b7d762d964
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 May 2022 12:14:02 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6589de20-367f-45b7-9e07-5593fd8a5313
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.mtgassist.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=49750743074
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 12:14:01 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mtgassist.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
translator
hbopenbid.pubmatic.com/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		0
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7050aca1ef47cc42-ZRH
x-err
Parsing the Prebid Request. ads.txt not fetchable or parsable
expires
0
bid
ap.lijit.com/rtb/ 		95 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.6.0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
72c17699bea85355e109d6f5fff3075fe116f25218c43aa42cac5b589b50993c

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 May 2022 12:14:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.mtgassist.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		538 B
889 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&PublisherDomain=https%3A%2F%2Fwww.mtgassist.com
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
0edddd93864a2a7f63d3aad8f36b7efa8b43341feaea904a7438dacdb39c568c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:02 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mtgassist.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
12
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
538
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		239 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=9&alt_size_ids=13&rp_schain=1.0,1!venatusmedia.com,603cde5988cbff67a6738951,1,,,&eid_pubcid.org=a203c1f7-b51b-489a-a22e-bebff08be1c3%5E1&rf=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&tk_flint=pbjs_lite_v6.6.0&x_source.tid=34807fbe-b0a2-466e-a759-8056ce6ef324&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6968131587638007
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
12724de89d2a37c61afe715489221b16707e682eff9acd3840a48b07623ecbb4

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:02 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.mtgassist.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
239
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		259 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=2&alt_size_ids=55&rp_schain=1.0,1!venatusmedia.com,603cde5988cbff67a6738951,1,,,&eid_pubcid.org=a203c1f7-b51b-489a-a22e-bebff08be1c3%5E1&rf=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&tk_flint=pbjs_lite_v6.6.0&x_source.tid=001f90ae-62b7-42fc-869b-47e6604ecc32&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.804474682792268
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2aefb6bf71b3962323adb8a111ac0dfb824523bd7a7f1384a04cd20bb9e28477

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:02 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.mtgassist.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
259
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		264 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=19&alt_size_ids=43%2C44%2C117&rp_schain=1.0,1!venatusmedia.com,603cde5988cbff67a6738951,1,,,&eid_pubcid.org=a203c1f7-b51b-489a-a22e-bebff08be1c3%5E1&rf=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&tk_flint=pbjs_lite_v6.6.0&x_source.tid=25107f26-cfb8-4f80-893d-5101a200ae3d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4639512343963512
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c6667b27a86ac23a367455040e0f24fe43f2495f05c20bf6000bde9ab030632e

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:02 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.mtgassist.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
264
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=15&rp_schain=1.0,1!venatusmedia.com,603cde5988cbff67a6738951,1,,,&eid_pubcid.org=a203c1f7-b51b-489a-a22e-bebff08be1c3%5E1&rf=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&tk_flint=pbjs_lite_v6.6.0&x_source.tid=805bd878-9058-4354-9876-c83661fd2cd8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4214601297046392
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b189f27c6f3637f74c86eb930e2ad5e30b6b3163de6535cd4cb6f48eb87faa88

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:02 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.mtgassist.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=15&rp_schain=1.0,1!venatusmedia.com,603cde5988cbff67a6738951,1,,,&eid_pubcid.org=a203c1f7-b51b-489a-a22e-bebff08be1c3%5E1&rf=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&tk_flint=pbjs_lite_v6.6.0&x_source.tid=a840e7b5-881f-4c01-9461-7f93cde987df&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8097363498157122
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8ec9bf9d53b623bd771405dd29fb5c8ffa5e6283dada217fa8998c08bbf8b522

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:02 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.mtgassist.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=15&rp_schain=1.0,1!venatusmedia.com,603cde5988cbff67a6738951,1,,,&eid_pubcid.org=a203c1f7-b51b-489a-a22e-bebff08be1c3%5E1&rf=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&tk_flint=pbjs_lite_v6.6.0&x_source.tid=43ecbb6e-ee75-4686-b9bf-e72da9cfd1b6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.16989178201853483
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
37c44114a58e74df558f428fb349f6680ced7d4e2ff8bf01bac5edb5f16cbaea

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:02 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.mtgassist.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:01 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:02 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:01 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:02 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:01 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:02 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a969d4401777748c6904e246dff02a0&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
c58a111fd2860f93c351a6f171376d39c1f42c40ad5f47ad6eb20875da357e0f

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mtgassist.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a96956701777748ce2a4e20cfb002e0&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
f33150cd05f3a9d23726a15067e03693187bfa238bd6ed389bf95e7f992ea826

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mtgassist.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a969d4401777748c6904e2136d8029f&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
ee855f3ccb82320c60a41dc81036c550100edacdd84f274ff47f764d3e11d72d

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mtgassist.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a96956701777748ce2a4e2b12be02e5&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
162b1208a0de40191e59a9117e69f9b0a8eb0cdf69d33977e43cc9aa1483392d

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mtgassist.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a96956701777748ce2a4e2b12be02e5&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
cabf1fea7267e97d6f32fefa55907ee0feefa98b89b553b4ee86ac465699e096

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mtgassist.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a96956701777748ce2a4e2d47ef02e6&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
624c0f78f96e997479fd6fbfe1879d0aea79682739bda26274db3f3d4a990663

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mtgassist.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a96956701777748ce2a4e2d47ef02e6&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
a3cbcd2fa2f9b8da2ef98034da44f3b35396886994573f8db4203604ac304d6a

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mtgassist.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a96907201777748ca014e23a617029f&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
ff328469342c1e074efa84b7f514ef2379c6f8526bd3c3f2a8afd0ee9f3da461

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mtgassist.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a96907201777748ca014e23a617029f&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
15ecaff1214b5e817498b8ea0eb587407bfaf13608cd59803fd249c2d2aa8247

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mtgassist.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e092dc66502d6&pos=8a96907201777748ca014e23a617029f&cmd=bid&secure=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
c96ee0c808964796354172829915fe82c3fe8d3e32fbeafab37ed1af1606046a

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.mtgassist.com
access-control-allow-credentials
true
content-length
62
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
245478
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txb8a1aae320ed4c55991fe-0062543e6f
x-amz-id-2
txb8a1aae320ed4c55991fe-0062543e6f
last-modified
Mon, 11 Apr 2022 14:37:55 GMT
server
cloudflare
etag
W/"e88bab2e9c57f44732eeec31ca508d70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrvunaAyx6t7fDbsn6B7qKTD9j%2FgElwEZ9A2WrkpN6fn%2F5xotOKz25pqkz4c2s1y5xF%2B9hdPUyFdztatZ8n0HEVJw8xr1smUDoJ%2FrggkZRnghCZx0CczG%2Flz2l4sCu0tfHjhlHGjPWzMUfcy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1649687874851815
cf-ray
7050aca1dca083ba-MXP
access-control-allow-headers
Authorization
AVmanager.js
player.aniview.com/script/6.1/ Frame 2F9A 		370 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
90885ecbd565f2511e2704714a6bdb36dbd4697faff1f766abe7c3ae55b40bc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv6Nc_beqfAAEIhck-wZCKHYB3_ksL-jnEb7b2ssn_t87BIPRMffSXHjFO49B8XwrCnPhMfPCZ2Y2pjR200Hdw47g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
106360
last-modified
Sat, 30 Apr 2022 11:07:10 GMT
server
UploadServer
etag
"cb4c7f8a5e3003118790fdf78ac870e4"
vary
Accept-Encoding
x-goog-hash
crc32c=ACIT8Q==, md5=y0x/il4wAxGHkP33ishw5A==
x-goog-generation
1651316830569023
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
106360
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 02 May 2022 12:19:02 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5f2063121d82c82557194737&cid=605878f5f30a503e1331208a&e=playerLoaded&cb=1651493642551
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.mtgassist.com&sn=&ic=0&tgt=0&app=&wi=481&he=301&test=&d36=6.2.16&apppkg=&fv=3&proto=https&pid=5f2063121d82c82557194737&cid=605878f5f30a503e1331208a&stagid=&stplid=&e=inventory&vi=100&cb=1651493642632
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/ 		29 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&AV_PUBLISHERID=5f2063121d82c82557194737&AV_CHANNELID=605878f5f30a503e1331208a&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.mtgassist.com&AV_DADPOS=3&AV_PLACEMENT=5&d36=6.2.16&responsive=1&sver=2&avtoken=642631&AV_WIDTH=481&AV_HEIGHT=301&AV_DNT=0&cb=1651493642661
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.80.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-80-154.compute-1.amazonaws.com
Software
/
Resource Hash
2533c1b185a7e0421556b09be87d52b121d17b9a220e62e031040af7218d8020

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 20 Apr 2022 22:27:23 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 31ED
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1651493642983-960676122315-005456-005-006906%26biddername%3D56%26pid%3D5f2063121d82c82557194737%26key%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1651493642983-960676122315-005456-005-006906&biddername=56&pid=5f2063121d82c82557194737&key=faf6d696-327f-4ab3-ade0-873b3c00a04c
0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1651493642983-960676122315-005456-005-006906&biddername=56&pid=5f2063121d82c82557194737&key=faf6d696-327f-4ab3-ade0-873b3c00a04c
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.49.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-49-77.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 02 May 2022 12:14:03 GMT

Redirect headers

content-length
0
date
Mon, 02 May 2022 12:14:03 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1651493642983-960676122315-005456-005-006906&biddername=56&pid=5f2063121d82c82557194737&key=faf6d696-327f-4ab3-ade0-873b3c00a04c
server
_
us
sync.go.sonobi.com/ Frame 605A 		0
478 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1651493642983-960676122315-005456-005-006906%26biddername%3D60%26key%3D%5BUID%5D
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, private
Content-Length
0
Content-Type
text/plain; charset=utf8
Date
Mon, 02 May 2022 12:14:03 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Server
sonobi-go
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
X-Xss-Protection
0
uc.html
sync.go.sonobi.com/ Frame DCB8 		555 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
1d86ad203d9f732075a57918233257f12d7689499451b75db4bf8318b54b50d3

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 02 May 2022 12:14:03 GMT
Server
sonobi-go
Transfer-Encoding
chunked
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9648 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160552&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1651493642983-960676122315-005456-005-006906%26biddername%3D1%26key%3D
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=76274
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 12:14:03 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 03 May 2022 09:25:17 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame F182 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1651493642983-960676122315-005456-005-006906%26biddername%3D18%26key%3D%24UID
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 02 May 2022 12:14:03 GMT
X-Sovrn-Pod
ad_ap1ams1
occ
ups.analytics.yahoo.com/ups/58543/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
server
ATS/9.1.0.46
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://www.mtgassist.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
avpb6.15.0.js
player.aniview.com/script/6.1/ Frame 2F9A 		344 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb6.15.0.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
282e6548c56f8ae5d6c8eac90942853dabd60a2c5d332233cd564e870b223e1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduVo0aT9LNQ56VTV7vwhTmog0RBFXEiprIRliIHTr8baBQX-ZjGJLevv6p8iDn59wNJjpqy2L0dumYgNHHFYJFO
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
104578
last-modified
Sat, 30 Apr 2022 11:07:10 GMT
server
UploadServer
etag
"06757336219c6d8c7306fd2eaeb24d3d"
vary
Accept-Encoding
x-goog-hash
crc32c=26QwyA==, md5=BnVzNiGcbYxzBv0urrJNPQ==
x-goog-generation
1651316830609059
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
104578
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 02 May 2022 12:19:03 GMT
avpb6.15.0a0.js
player.aniview.com/script/6.1/ Frame 2F9A 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb6.15.0a0.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
af6b452dbae06aa2a3016b05bc4407282edfb4334a5ac070c7f98f0c6284c1db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtU8ELv3DMn8eq25lab9W45yIbvz1EPOteG83s1ey43kUE-Txr1l21dsKx-M6TmaBfyWLEI2m0QlJlzZ0L3i4Hmb8hoOMqc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
19791
last-modified
Sat, 30 Apr 2022 11:07:10 GMT
server
UploadServer
etag
"65fc2b65ace09d01c910b68f6fdecd94"
vary
Accept-Encoding
x-goog-hash
crc32c=OFRPMw==, md5=ZfwrZazgnQHJELaPb97NlA==
x-goog-generation
1651316830576610
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
19791
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 02 May 2022 12:19:03 GMT
avpb6.15.0a2.js
player.aniview.com/script/6.1/ Frame 2F9A 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb6.15.0a2.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
43dcaaeec67514593c85fa9692e6e062fc484d420c7a17cc5f429c5ed087aff3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu5B3rLU6-U2Eewrh60Fwh5QN8B-cCmACqLwgIMcC85I9uBZrhDhxZZhrwy5ZXw8qzPxyWp_Bxxssfxn-SJDn89VQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21149
last-modified
Sat, 30 Apr 2022 11:07:10 GMT
server
UploadServer
etag
"c8d29c5777f7fa9cc26b24cfd11d9b18"
vary
Accept-Encoding
x-goog-hash
crc32c=+i9p3w==, md5=yNKcV3f3+pzCayTP0R2bGA==
x-goog-generation
1651316830616392
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
21149
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 02 May 2022 12:19:03 GMT
avpb6.15.0a4.js
player.aniview.com/script/6.1/ Frame 2F9A 		65 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb6.15.0a4.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
495fd632c4fc43c185bdd7d11f45c96b5cd831a3788c0a98f466e943bfe9346e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdudQJQ9F-meE2_2Lqhg00WF-hIRjosjm2hRnPbsQEWs-I5HS0RSEXLRVQdeAbCoMSE5a9Ov_yxIwxwtVRHiF0w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
18050
last-modified
Sat, 30 Apr 2022 11:07:10 GMT
server
UploadServer
etag
"7ec791839138d7c66780d300e72d1076"
vary
Accept-Encoding
x-goog-hash
crc32c=4RVdPA==, md5=fseRg5E418ZngNMA5y0Qdg==
x-goog-generation
1651316830570570
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
18050
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 02 May 2022 12:19:03 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 2F9A 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
754
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0GCDVTV7AYV5X4BP1RZZ
date
Mon, 02 May 2022 12:01:30 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
phdVsYVFI7X7fb4FlgRzswLI0N2E8jdonVlVwNqHx9Wa1vtSkmrGag==
setuid
pbs.aniview.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=1&us_privacy=1---&cb=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
  • https://pbs.aniview.com/setuid?bidder=amx&gdpr=1&gdpr_consent=&uid=ad27140b-8145-473c-a672-2b3ad06cb770&gdpr=1&us_privacy=1---
36 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.aniview.com/setuid?bidder=amx&gdpr=1&gdpr_consent=&uid=ad27140b-8145-473c-a672-2b3ad06cb770&gdpr=1&us_privacy=1---
Protocol
H2
Server
34.225.54.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-54-194.compute-1.amazonaws.com
Software
/
Resource Hash
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/plain; charset=utf-8
content-length
36
vary
Origin
expires
0

Redirect headers

location
https://pbs.aniview.com/setuid?bidder=amx&gdpr=1&gdpr_consent=&uid=ad27140b-8145-473c-a672-2b3ad06cb770&gdpr=1&us_privacy=1---
date
Mon, 02 May 2022 12:14:03 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.mtgassist.com&rs=www.mtgassist.com&sid=19041&t=1651493642&cip=217.64.151.6&sn=&tgt=0&osv=10&bv=81.0&brn=Chrome&wi=481&he=301&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&aafaid=&proto=https&uid=1651493642983-960676122315-005456-005-006906&cha=0.7&stagid=&stplid=&d35=&d36=6.2.16&cb=15349204908&cd19=217.64.151.6&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&AV_WIDTH=481&AV_HEIGHT=301&nid=5f2063121d82c82557194737&ncid=605878f5f30a503e1331208a&e=request&cb=1651493643237&asid=60215b66893b1f45ce1636eb%2C6194ed43f97be53aae3d1446%2C5ff872eae177c400b93fc376%2C61975e63abc7ee561c5655a2%2C5ff6ce692c02c40f845437ed%2C5ff6f48441288c237257040a%2C5ff6ecc90cba184f38479c44%2C5ff86831218d9e693a3a8a17%2C5ff58623e9918943e256915d%2C5ff48aaad627af38ac33bd56%2C61af25de740285732936a265%2C624d71ce467dde01bc060ca7%2C6006960f473c6628c1725677%2C5f6da8877365a83fb43b77dc&ofpr=1%2C%2C1%2C%2C1%2C1%2C1%2C1%2C1%2C1%2C2%2C1%2C1%2C1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cygnus
htlb.casalemedia.com/ 		36 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=619903&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2214eb99ec12630d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2227de42ae6ed527%22%2C%22ext%22%3A%7B%22siteID%22%3A%22619903%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A31%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B481%2C301%5D%5D%2C%22w%22%3A481%2C%22h%22%3A301%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%22603cd9b85a788f6e89568c4a%22%2C%22hp%22%3A1%7D%5D%2C%22ver%22%3A%221.0%22%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2262da746c-55db-466d-9fca-72cd80352c44%22%7D%5D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f3cb177ce74e578294d6c335cbd932775db31eeb4759931516088b3c216548a0

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:03 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.6], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.mtgassist.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Mon, 02 May 2022 12:14:03 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.121.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-121-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3866cda787a601914dcbbf8ee26819471bca0178c29c41cddb2cb12fc8ebe0f3

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
gzip
x-prebid
pbs-java/1.87.1
content-type
application/json
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12422321&componentId=prebid&componentSubId=mustang&timestamp=1651493643317&pKey=1333679858&schain=1.0%2C1!venatusmedia.com%2C603cd9b85a788f6e89568c4a%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&playerSize=481x301
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:03 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.mtgassist.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1651493643424004-357
Expires
Mon, 02 May 2022 12:14:03 GMT
v1
btlr.sharethrough.com/universal/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-160.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:03 GMT
access-control-allow-credentials
true
vary
Origin
cdb
bidder.criteo.com/ 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=10809284331
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.mtgassist.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=12920257&componentId=prebid&componentSubId=mustang&timestamp=1651493643321&pKey=699506284&schain=1.0%2C1!venatusmedia.com%2C603cd9b85a788f6e89568c4a%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&playerSize=481x301
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:03 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.mtgassist.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1651493643369039-386
Expires
Mon, 02 May 2022 12:14:03 GMT
hb
ice.360yield.com/ 		99 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22254d018ffb5862a%22%2C%22version%22%3A%227.7.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php%22%2C%22schain%22%3A%7B%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%22603cd9b85a788f6e89568c4a%22%2C%22hp%22%3A1%7D%5D%2C%22ver%22%3A%221.0%22%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2262da746c-55db-466d-9fca-72cd80352c44%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22148ee3ab29e87cb%22%2C%22bidfloor%22%3A1%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22439959%2C%22tid%22%3A%2218dfe7e7-6b34-418e-a4cf-8bc1b07a05e3%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.221.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-221-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9923c21a262dcfbd59f9381aae0b1d6d75ec32232e6ffed690ce87ad110083a1

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:03 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
99
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
avjp
venatusmedia-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://venatusmedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=dad410a6-6091-4a00-9983-10820053d76c&nocache=1651493643323&pubcid=62da746c-55db-466d-9fca-72cd80352c44&schain=1.0%2C1!venatusmedia.com%2C603cd9b85a788f6e89568c4a%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A481%2C%22h%22%3A301%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=543855439&vwd=481&vht=301&vos=101&aumfs=1000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:03 GMT
via
1.1 google
server
OXGW/18.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.mtgassist.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8240ffa8b38561018aee657f06f8d3fedf7fd8862add2b7c370f3feb27751c3b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:03 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b1f3be0a-0e9b-4012-84f2-34d03a63cd57
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.mtgassist.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:03 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
307066
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/307066?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 02 May 2022 12:14:03 GMT
X-SpotX-Timing-Transform
0.000287
X-SpotX-Timing-SpotMarket
0.005037
X-SpotX-Timing-Page-Mux
0.001085
X-SpotX-Timing-Page-Require
0.000341
X-fe
097
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000033
X-SpotX-Timing-Page
0.009723
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000287
Last-Modified
Mon, 02 May 2022 12:14:03 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005037
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.mtgassist.com
X-SpotX-Timing-Page-Misc
0.002641
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.mtgassist.com&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c04a83ae25226e7088eb7429ce5ceed8b58f58d9aa4bfb75cda4316634fc24fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 07:12:37 GMT
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
server
Server
age
18086
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.mtgassist.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P6
content-length
1126
x-amz-cf-id
liiYUqMvJL-_8qf1EXM32JO09lWYAFykHhRqbLMvxc5FIcOGJm_kiA==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&pr=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&pid=i5gUbkRx4sVwW&cb=0&ws=0x0&v=7.75.0&t=8000&slots=%5B%7B%22id%22%3A%22videoSlotOutstream%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!venatusmedia.com%2C603cd9b85a788f6e89568c4a%2C1%2C%2C%2C&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
X74EY1HJ9KNWSMX1CB92
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.mtgassist.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
DNC-pgW6DgXS7Fq_j2ohhYxckSt6VxyM1JahPe3p4nSj0Gu4niU8Wg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-177.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
74394
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Sun, 01 May 2022 15:34:10 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
KQCevf9jUOAcgux-JchPdrXa7BeXFjsWyHwj46GXO50dV59Gwf2QMg==
ats.js
ats.rlcdn.com/ Frame 2F9A 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-version-id
VE.TmwhV1._nzA5UkJnv.qeHE6SJ9zlu
content-encoding
br
etag
W/"d03ceb6300ba5d767156d2d186bfc621"
age
31242
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:d9620690-a522-4865-bdcf-c40a5e58864a
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
229018ce14d22cf5d355aa4c24ac99ff
last-modified
Thu, 07 Apr 2022 09:05:05 GMT
server
AmazonS3
date
Mon, 02 May 2022 07:39:10 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
37cf43d799bffc4fdad3431bef2fdbc097a3382eab6b0735d08d25e96b4565dc
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA56-P6
content-type
application/x-javascript
x-amz-cf-id
3aKYLi3ygwi0uL3MTl5y4zV-eNYxhGOQYy6F3LO0oOEuELAFU4z93A==
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 2F9A 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 11:21:42 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
11181
x-request-id
598573602
258.json
id5-sync.com/g/v2/ 		213 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.99.210 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3213307.ip-141-95-99.eu
Software
/
Resource Hash
79d431b461501cd9c8e6e88195fe905f558af92eb5cfc9476688283250d7771b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:02 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mtgassist.com
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mtgassist.com
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1109375537492533&correlator=1061923263044628&eid=31065713%2C31065401&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22463264601%2CVM_603cde5988cbff67a6738951&enc_prev_ius=%2F0%2F1&prev_iu_szs=200x200%7C160x600&ifi=1&adks=3836509747&sfv=1-0-38&ecs=20220502&fsapi=false&prev_scp=hb_pb%3D0.10%26hb_adid%3D606199aee8fdeb39324f4e8e-1000%26hb_iv%3D1%26sv%3D1%26re_ve%3D0a97c070-v6.6.0_fo%26pg_ld_id%3D8d67c14112de61a048caaa72373877fd%26mo%3Dscan%26ac_id%3D603cd9985a788f6e89568c48%26si_id%3D603cde5988cbff67a6738951%26pl_id%3D606199aee8fdeb39324f4e8e%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-03-13%252020%253A21%253A04%26ta_si%3D200x200%26rt_sh%3D0.8%26di_sh%3D0.7%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1651493643565&lmt=1651493643&dlt=1651493641508&idt=699&biw=1600&bih=1200&adxs=30&adys=961&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&ref=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&frm=20&vis=1&scr_x=0&scr_y=0&psz=160x-1&msz=200x-1&fws=0&ohw=0&ga_vid=1590815441.1651493642&ga_sid=1651493644&ga_hid=1342743711&ga_fc=true&btvi=0&topics=1&nvt=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8351bb02af88f3a9193a07b04344f812f763804beeebdbdcda0ea0492933ffe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8824
x-xss-protection
0
google-lineitem-id
4753389741
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138238778460
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1109375537492533&correlator=3216559916485324&eid=31065713%2C31065401&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22463264601%2CVM_603cde5988cbff67a6738951&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=2&adks=2992654026&sfv=1-0-38&ecs=20220502&fsapi=false&prev_scp=hb_pb%3D0.01%26hb_adid%3D60c8acd1933f122cc723a728-1001%26hb_iv%3D1%26sv%3D1%26re_ve%3D0a97c070-v6.6.0_fo%26pg_ld_id%3D8d67c14112de61a048caaa72373877fd%26mo%3Dscan%26ac_id%3D603cd9985a788f6e89568c48%26si_id%3D603cde5988cbff67a6738951%26pl_id%3D60c8acd1933f122cc723a728%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-03-13%252020%253A21%253A04%26ta_si%3D728x90%26rt_sh%3D0.8%26di_sh%3D0.7%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1651493643572&lmt=1651493643&dlt=1651493641508&idt=699&biw=1600&bih=1200&adxs=476&adys=414&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&ref=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x-1&msz=728x-1&fws=4&ohw=1100&ga_vid=1590815441.1651493642&ga_sid=1651493644&ga_hid=1342743711&ga_fc=true&btvi=0&topics=1&nvt=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
accb281e9495938ff08c6a41271d5fbc61a78b607df78083bba6c058c9a74c39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9683
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1109375537492533&correlator=3283627689748738&eid=31065713%2C31065401&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22463264601%2CVM_603cde5988cbff67a6738951&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50%7C320x50%7C300x100%7C320x100&ifi=3&adks=2190736267&sfv=1-0-38&ecs=20220502&fsapi=false&prev_scp=hb_pb%3D0.01%26hb_adid%3D60c8add5933f122cc723a72a-1002%26hb_iv%3D1%26sv%3D1%26re_ve%3D0a97c070-v6.6.0_fo%26pg_ld_id%3D8d67c14112de61a048caaa72373877fd%26mo%3Dscan%26ac_id%3D603cd9985a788f6e89568c48%26si_id%3D603cde5988cbff67a6738951%26pl_id%3D60c8add5933f122cc723a72a%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-03-13%252020%253A21%253A04%26ta_si%3D300x50%26rt_sh%3D0.8%26di_sh%3D0.7%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1651493643575&lmt=1651493643&dlt=1651493641508&idt=699&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&ref=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=132&ohw=1100&ga_vid=1590815441.1651493642&ga_sid=1651493644&ga_hid=1342743711&ga_fc=true&btvi=-1&topics=1&nvt=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
96c9992d1ec87ffdd418ee91ba8270b3e2ae8f87e4d533957f2a86a7b46c4ba2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10824
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1109375537492533&correlator=1063017928433580&eid=31065713%2C31065401&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22463264601%2CVM_603cde5988cbff67a6738951&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&adks=790546064&sfv=1-0-38&ecs=20220502&fsapi=false&prev_scp=hb_pb%3D0.01%26hb_adid%3D60c8adfd933f122cc723a72e-1003%26hb_iv%3D1%26sv%3D1%26re_ve%3D0a97c070-v6.6.0_fo%26pg_ld_id%3D8d67c14112de61a048caaa72373877fd%26mo%3Dscan%26ac_id%3D603cd9985a788f6e89568c48%26si_id%3D603cde5988cbff67a6738951%26pl_id%3D60c8adfd933f122cc723a72e%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-03-13%252020%253A21%253A04%26ta_si%3D300x250%26rt_sh%3D0.8%26di_sh%3D0.7%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1651493643577&lmt=1651493643&dlt=1651493641508&idt=699&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&ref=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=132&ohw=300&ga_vid=1590815441.1651493642&ga_sid=1651493644&ga_hid=1342743711&ga_fc=true&btvi=-1&topics=1&nvt=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ff1930813a01cfac4fcb0076476e1987869263ff6e6399884439d2f8b5009156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
197899
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10950
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
301268
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1109375537492533&correlator=4386901875412530&eid=31065713%2C31065401&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22463264601%2CVM_603cde5988cbff67a6738951&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&adks=1952286196&sfv=1-0-38&ecs=20220502&fsapi=false&prev_scp=hb_pb%3D0.01%26hb_adid%3D60c8ae0f933f122cc723a731-1004%26hb_iv%3D1%26sv%3D1%26re_ve%3D0a97c070-v6.6.0_fo%26pg_ld_id%3D8d67c14112de61a048caaa72373877fd%26mo%3Dscan%26ac_id%3D603cd9985a788f6e89568c48%26si_id%3D603cde5988cbff67a6738951%26pl_id%3D60c8ae0f933f122cc723a731%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-03-13%252020%253A21%253A04%26ta_si%3D300x250%26rt_sh%3D0.8%26di_sh%3D0.7%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1651493643580&lmt=1651493643&dlt=1651493641508&idt=699&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&ref=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=132&ohw=300&ga_vid=1590815441.1651493642&ga_sid=1651493644&ga_hid=1342743711&ga_fc=true&btvi=-1&topics=1&nvt=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
77f859610d4fe5b7350322e515a7a3c94fe1587dbf56ad975dad85fd8f0cf33a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8824
x-xss-protection
0
google-lineitem-id
4753389588
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138238778460
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1109375537492533&correlator=3135565283305242&eid=31065713%2C31065401&output=ldjh&gdfp_req=1&vrg=2022042601&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22463264601%2CVM_603cde5988cbff67a6738951&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&adks=2048767041&sfv=1-0-38&ecs=20220502&fsapi=false&prev_scp=hb_pb%3D0.01%26hb_adid%3D60c8ae19933f122cc723a733-1005%26hb_iv%3D1%26sv%3D1%26re_ve%3D0a97c070-v6.6.0_fo%26pg_ld_id%3D8d67c14112de61a048caaa72373877fd%26mo%3Dscan%26ac_id%3D603cd9985a788f6e89568c48%26si_id%3D603cde5988cbff67a6738951%26pl_id%3D60c8ae19933f122cc723a733%26co%3DCA%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2022-03-13%252020%253A21%253A04%26ta_si%3D300x250%26rt_sh%3D0.8%26di_sh%3D0.7%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1651493643584&lmt=1651493643&dlt=1651493641508&idt=699&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&ref=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=132&ohw=300&ga_vid=1590815441.1651493642&ga_sid=1651493644&ga_hid=1342743711&ga_fc=true&btvi=-1&topics=1&nvt=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ec2097b234e37d8c99c758a004780408f0df4e45c8117f98258874320581d5d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8839
x-xss-protection
0
google-lineitem-id
4753389588
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138238778460
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mtgassist.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b4860c717e979b2430a96f1f38d519c7d19c7b30390508804067c8e0ea002a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10600
x-xss-protection
0
container.html
5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D52A 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 12:14:03 GMT
expires
Tue, 02 May 2023 12:14:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.mtgassist.com&rs=www.mtgassist.com&sid=19041&t=1651493642&cip=217.64.151.6&sn=&tgt=0&osv=10&bv=81.0&brn=Chrome&wi=481&he=301&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&aafaid=&proto=https&uid=1651493642983-960676122315-005456-005-006906&cha=0.7&stagid=&stplid=&d35=&d36=6.2.16&cb=15349204908&cd19=217.64.151.6&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&AV_WIDTH=481&AV_HEIGHT=301&nid=5f2063121d82c82557194737&ncid=605878f5f30a503e1331208a&e=bid&cb=1651493643603&asid=6194ed43f97be53aae3d1446&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 9648 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14788300&p=160552&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160552&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1651493642983-960676122315-005456-005-006906%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:02 GMT
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 12:14:03 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2F9A 		376 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128368
x-xss-protection
0
expires
Mon, 02 May 2022 12:14:03 GMT
bridge3.512.0_en.html
imasdk.googleapis.com/js/core/ Frame 91F4 		630 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
351104
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209474
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 10:42:19 GMT
expires
Fri, 28 Apr 2023 10:42:19 GMT
last-modified
Thu, 21 Apr 2022 16:19:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 2F9A 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 May 2022 12:14:03 GMT
integrator.js
adservice.google.com/adsid/ Frame 2F9A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mtgassist.com
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 12:14:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2680 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 11:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 02 May 2022 12:47:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 524E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1308
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 11:52:16 GMT
expires
Tue, 02 May 2023 11:52:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8928 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b9679042414cc35772f80039703512138353e60e021fbb8e650c9a9030a8cd15
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZQ/RHJr8tPgxdsQZ2J/s7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-ZQ/RHJr8tPgxdsQZ2J/s7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 12:14:04 GMT
expires
Mon, 02 May 2022 12:14:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame DAEB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQxxCVLtHO1BHWoXejGUCW4p4k2kXq1qZTmhU1MoYMfVoGQ2Wu2Ee2pS8ap_qi0U_udqCxLt45zQ55qLyBAc2IMR8LbCpimAeyC3W1yNucWU3uboACx4xiz0cj8JNX4Yguso5GKF2Q6fSNYYgAlVmox0BYuG9PzGkeubW1Bdn1ywSLviRWkj6kDm7w2aGzAyiIcQSQV21V-fjKo_xQqApUaaLEnF3AxkqSbS-3QnBZO41sZvLk06WADHBf3SFJMgWXZS5Z3jkU7f3RPqP-8EBWf5PB9aadOX_GLBGjLfiMvB_XJZDIe9fh06xa947IielPPGdDHkln71jhHm6Zwg&sai=AMfl-YQqQerI_yvd3UV17ieviadtnsHpEwNUnBZ5mRVQSB2hIEZTRXEa2fTgJqJghpFKx_lFgWp2Gl346I4HYTJY-vjy3p2Sf1688G4cH7gZZIQ8Lx9ZE-Nsu6fEbnpUlgI&sig=Cg0ArKJSzMD4C1FRntWMEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 12:14:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 02 May 2022 12:14:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DAEB 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 12:14:04 GMT
container.html
5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BBA5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 12:14:03 GMT
expires
Tue, 02 May 2023 12:14:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0497 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 12:14:03 GMT
expires
Tue, 02 May 2023 12:14:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
10fa640f-f9db-4ce3-804e-5a642d593d6a
https://www.mtgassist.com/ Frame 6427 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
blob:https://www.mtgassist.com/10fa640f-f9db-4ce3-804e-5a642d593d6a
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
118635
Content-Type
text/html
6cywgeu7gf0e
hal9000.redintelligence.net/zone/ Frame 6427 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/6cywgeu7gf0e?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=8589085814670689870&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8589085814670689870%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
2a0e3d3ad30f6cb241b860f442ececca299c9f1b6f01ea6c2f192054cb33fa51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:04 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2802
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 6427
Redirect Chain
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTkRZM1kyUm1aalF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1ODkwODU4MTQ2NzA2ODk4NzAvNjYyMjM5My80NTYyMzEyLzEzL1BlbX...
  • https://tags.mathtag.com/ck-confirm?bid_id=8589085814670689870&node_id=1624&exch_id=13
49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=8589085814670689870&node_id=1624&exch_id=13
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
HTTP/1.1
Server
74.121.143.246 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.309.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:06 GMT
Server
MMBD/3.309.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
pao-router-x80, zrh-bidder-x135
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 02 May 2022 12:14:05 GMT

Redirect headers

Date
Mon, 02 May 2022 12:14:05 GMT
x-mm-bid-request-time
1651493642
Last-Modified
Mon, 02 May 2022 12:14:02 GMT
Server
MMBD/3.309.0
x-mm-latency
317 (0)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://tags.mathtag.com/ck-confirm?bid_id=8589085814670689870&node_id=1624&exch_id=13
x-mm-dbg
Invalid
Cache-Control
no-cache
x-mm-host
pao-router-x93, zrh-bidder-x135
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Keep-Alive
timeout=360
Content-Length
86
Expires
Mon, 02 May 2022 12:14:04 GMT
img
pixel.mathtag.com/event/ Frame 6427 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=8589085814670689870&v3=651871&v4=4562312&v5=6622393&mt_nsync=1&no_attr=1
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4281 354de82 master cdg-pixel-x9 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:04 GMT
Server
MT3 4281 354de82 master cdg-pixel-x9 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 May 2022 12:14:03 GMT
img
tags.mathtag.com/event/ Frame 6427 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=8589085814670689870&st=4562312&time=[IMP_ATTR.time]&nodeid=1624
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.246 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.309.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:06 GMT
Server
MMBD/3.309.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
pao-router-x91, zrh-bidder-x135
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 02 May 2022 12:14:05 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 6427 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:04 GMT
Content-Encoding
gzip
Age
5800532
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21974-LGA, cache-hhn4047-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1651493644.121217,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
386514, 3482423
it
ams1-ib.adnxs.com/ Frame 6427 		0
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.mtgassist.com%252Fselfdefensive%252Fchasefix%252Fsecure%252F494161211%252Fsignin.php&e=wqT_3QLnCuhnBQAAAwDWAAUBCIqWv5MGELaShMjT8rfbbhgAKjYJ203wTdNnuz8R-g7Zm3NLtz8ZAAAAgML1BEAh-g0SACkRJMgxAAAAQOF6pD8w092SCjimBkAdSAhQ7uCohgFYl76TAWAAaIUdeNbtBYABAYoBA1VTRJIFBvQFAZgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIf4ALukAHqAkxodHRwczovL3d3dy5tdGdhc3Npc3QuY29tL3NlbGZkZWZlbnNpdmUvY2hhc2VmaXgvc2VjdXJlLzQ5NDE2MTIxMS9zaWduaW4ucGhwgAMAiAMBkAMAmAMXoAMBqgOmBgrdBWh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2VGtSWk0xa3lVbTFhYWxGMFRVUkJkMDFETUhkTlJFRjNURlJCZDAxRVFYUk4FEAhVUkIJEARkTgEQ8LZMemcxT0Rrd09EVTRNVFEyTnpBMk9EazROekF2TmpZeU1qTTVNeTgwTlRZeU16RXlMekV6TDFCbGJYcFJRV0ZTTTBJMWRWSkdSRUZ1WWpOS1VIbE9aMVZZWjNkMVZqazJSamxLWVZKa1lWSXdUVVV2TVM4eE15OHdMekF2T1RVMk9EQXpMek0yTkRRNE9EZzRNemd2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVINxABSBcQMVFVNdw3UBE1WESAMRTFFUQ3kGfQMY3ZNQwl8CQhm_ACwZW5Kb0x6QXZNVE01TUM4MU9TODVPVGt2TXpJeUx6SXhOeTQyTkM0eE5URXVNAVREakF3TUM4eE5qVXhORGt6TmpRISwsMk5URTFNRFl5TkRJAUzwaXZPREEyTHcveFFoV1dsNXF3ZnpHUWwtZHlHMzFsSWZoQWJRJm5vZGVpZD0xNjI0Jmdyb3VwPXpyaCZhdWN0aW9uaWQ9ODU4OTA4NTgxNDY3MDY4OTg3MCZzaGFyZGtleT04NTg5MDg1ODEdHfBxcHJpY2U9JHtBVUNUSU9OX1BSSUNFfSZuZnlfYWN0PUxENXdmM1UmYmZpcD0xODUuMjkuMTMzLjE2MSZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjM5MyZzcmM9YXBpJnR5cGU9bnVybCZjbGllbnQ9czJzEhM4RoUA8LwaEzc5Nzc4MDk2MjE5MzI5MDI3MTAiCTI4MTY4NjEyNioGMTAxOTM2Ogc2NjIyMzkzwAOsAsgDANgDwfK_AeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwyMTcuNjQuMTUxLjaoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBO7gqIYBiAUBmAUAoAXMzL_eu7b8oDzABQDJBQAAAAAAAPA_0gUJCQAFDHgAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAMEGCSQs8D_QBvmrAdoGFgoQCRIZAYAQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzG6Bw8BUkwYACAAMAA4xAZAAMgH1u0F0gcNCRFDAUEI2gcGCSdA4AcA6gcCCADwB45tiggCEAA.&s=fb0830f758185a5fba2ac1f9b2312b8cb4c56e1a
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:04 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fca7a8ea-f1d5-47e6-a8b3-4e74fed12a07
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DE1D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPhy-TqX_KlJxzfEfPKByQftLBGXmDCV_-LJ2jAbxkOVIhQr06IiG0Qkv0MLhYd3OTeFL2wGhUxhYJNKWLJXs1t9M4_s84-k8jXvDkBe_8z6WW1goz1Q8ey3gO4XEF3gFb8PWIzoGgsCqypZUditNKWm5xhtS3DrQvKd0AeSnttoCYfK2K2hUB7FDbMyj122-SFOB5MS0NJec-gx_uonAD43KJJtrLt4RsV405DSJOZqHpqphowVD8AeZcjpnCDJCzBtnYm30rjsQx0fqAoV-XHSvjBkeHbytRjllhTku51vH0Vx3XhXHUgJuuN83O9_158-xfv7Junz_lVe83lQ&sai=AMfl-YSJBzpTv45X1oBKZV7g_jUq74wJHpGCl8oeT1MQTLj9RioJCbRyOpdGfwcK4_yo3XUeJy2r_JjpbKc2zL80t4RZf0jQN5NBFn19P1C46W6K26pn4cG7CnqtmV9pecUa&sig=Cg0ArKJSzOzxK2MhDhXZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 12:14:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DE1D 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 12:14:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D472 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcARdvsYqZIqah9Ce-GMdQdTkwtM_38ied_FZ91-KQz0em_HWQqpXw-05rKhfksrH1uP8xBucXfJEq_3c7VEWlfJKArbHTRiGAniGB_5ivDVbXqIIgDGcjc6rSgzNh6M7kFmt-4UgVSM-iaAWEjSEb6kOSMC94shqSwLe24SwJ9nG39iGbG5Swetmj9m-4vlN6i5aztOdLlpYHgNEMONcs9ae-BkJVcrYWTQSGkBaEg266A0iD7DFf7KOD4SpewowHcnEiEkYvpveuh3zm05wzBaKRMn3nLi3EMdka0aaDaTQ0tH6m1ImfkKU8vHfgmOV7JDKQ2IV-TlPfHu6VnA&sai=AMfl-YSl7cB2poHBILss7kJ7gWBZtTjKn0tmhEQz0mZnNHJkKq7_uamx53FtEliXU95GUceq6pA3hGE_CzD_Ni-Fcz9zvWzoBVseG3oAu1d8hLLdeGMqnKgpkaeY6yUK2WsJ&sig=Cg0ArKJSzM0zDYYOxi23EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 12:14:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D472 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 12:14:04 GMT
container.html
5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9E52 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 12:14:03 GMT
expires
Tue, 02 May 2023 12:14:03 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
track_enc
track.venatusmedia.com/dual/ 		16 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.249.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-249-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:04 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
258.json
id5-sync.com/g/v2/ 		213 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.99.210 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3213307.ip-141-95-99.eu
Software
/
Resource Hash
0ea21f2479a400bc515feb701ea2a13ff46cbe94daa418050068984e2ff44b3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:03 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
737bcf01718084e638ef3888eb859cd404dbc47395ff73bcd2f824783f3c0bf3

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mtgassist.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 01 Jun 2022 12:14:04 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FC18 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159234
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=76273
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Mon, 02 May 2022 12:14:04 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 03 May 2022 09:25:17 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9DF0 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 May 2022 12:14:04 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 7FFE 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 02 May 2022 12:14:04 GMT
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 4DA4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 May 2022 12:14:04 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame B581 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 02 May 2022 12:14:04 GMT
ETag
"623de86a-cf34"
Expires
Tue, 03 May 2022 12:14:06 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f7fe32b67b851fc991e8045bed6fb8&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l15ce_7093111190532475155
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:04 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1651493644562063-516
Expires
Mon, 02 May 2022 12:14:04 GMT
70f8fc14-0383-4fe9-adf9-2cfa6abd5327
https://www.mtgassist.com/ Frame 2FC2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
blob:https://www.mtgassist.com/70f8fc14-0383-4fe9-adf9-2cfa6abd5327
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
118635
Content-Type
text/html
b05d3c41-6e39-4fbd-a517-5308832761cf
https://www.mtgassist.com/ Frame 09DB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
blob:https://www.mtgassist.com/b05d3c41-6e39-4fbd-a517-5308832761cf
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
118635
Content-Type
text/html
300x250.jpg
cdn1.vntsm.com/TimeBucks/ Frame 2FC2 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.vntsm.com/TimeBucks/300x250.jpg
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-723.bunnyinfra.net
Software
BunnyCDN-DE1-723 /
Resource Hash
2b89b758d1cb6afc0db18f7732cf603280dfbaff7647fe3a9fb424b2cd322f8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
cdn-edgestorageid
865
x-amz-request-id
9ZA4BHDVQMR6J0GB
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
04/27/2022 23:16:05
cdn-pullzone
392884
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
38967
x-amz-id-2
aBrMe1LIu76uijYF8UcrpELTqLpdDHQU+Tm3BI168P4JMcl7wE+nyYk2M39LhYNtvfglaCp/cSU=
server
BunnyCDN-DE1-723
access-control-allow-origin
*
last-modified
Tue, 19 Apr 2022 12:29:39 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"31f793a0e5664310131daf23501880eb"
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
7cMFGTElA6AEIKY4S.E6G0QQmnV99D5v
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
69a1c8d13cd48c4f33904bb95dfdda6f
accept-ranges
bytes
content-type
image/jpeg
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
300x250.jpg
cdn1.vntsm.com/TimeBucks/ Frame 09DB 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.vntsm.com/TimeBucks/300x250.jpg
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-723.bunnyinfra.net
Software
BunnyCDN-DE1-723 /
Resource Hash
2b89b758d1cb6afc0db18f7732cf603280dfbaff7647fe3a9fb424b2cd322f8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
cdn-edgestorageid
865
x-amz-request-id
9ZA4BHDVQMR6J0GB
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
04/27/2022 23:16:05
cdn-pullzone
392884
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length
38967
x-amz-id-2
aBrMe1LIu76uijYF8UcrpELTqLpdDHQU+Tm3BI168P4JMcl7wE+nyYk2M39LhYNtvfglaCp/cSU=
server
BunnyCDN-DE1-723
access-control-allow-origin
*
last-modified
Tue, 19 Apr 2022 12:29:39 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"31f793a0e5664310131daf23501880eb"
access-control-allow-methods
GET, OPTIONS
x-amz-version-id
7cMFGTElA6AEIKY4S.E6G0QQmnV99D5v
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
cache-control
public, max-age=604800
access-control-allow-credentials
true
cdn-requestid
bc957fc1b46c07c52b564707eaaa6a67
accept-ranges
bytes
content-type
image/jpeg
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
request.php
hal900028.redintelligence.net/ Frame 6427
Redirect Chain
  • https://hal900028.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=02c2444f36&subid=&uid=105548d9529f109e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900028.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=02c2444f36&subid=&uid=105548d9529f109e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=02c2444f36&subid=&uid=105548d9529f109e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8589085814670689870%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&ancestorOrigins=https%3A%2F%2Fwww.mtgassist.com&random=1624281809086&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
HTTP/1.1
Server
88.99.165.19 Magdeburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
effe0001c7a3773ab2b6f0f27cc0ab97c59c923d5f622de366e02cc1ee6d9a4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:04 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
23203200099418100951427011947028
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
894
Expires
Mon, 02 May 2022 13:14:04 +0200

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:04 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=02c2444f36&subid=&uid=105548d9529f109e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8589085814670689870%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&ancestorOrigins=https%3A%2F%2Fwww.mtgassist.com&random=1624281809086&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Mon, 02 May 2022 13:14:04 +0200
adview
securepubads.g.doubleclick.net/pagead/ Frame BBA5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C71yPC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEpgJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--Ka5skpkcnQ2W2wG8lx6g9uIpfQZYsQAQOdZ_O4A10Nl76BOrLLqMfgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN4AKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01NzgxNTMxMjA3NTA5MjMyGOe2bQ&sigh=gDqowpBWIh0&uach_m=[UACH]&cid=CAQSPgCNIrLM3O9P-JibP-Kwiq9DxGrA1TGNKeto_x1C0w1Ep8YTuTORjmxO1x1NFVNY9Yhr55bLUp3z2JS9jNEZGAE
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame BBA5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKr8CvLJVcoHWp2DYgICAAAAioV9sucqB-QQC8tvYvp08d2_bx8WvYoJABIAAA&wp=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
server
Kestrel
server-processing-duration-in-ticks
315322
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 3825 		156 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9af9ac85d5996fcede598fd22696875fb1b5ae0bd49a8552d51c7807851152fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 12:14:04 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=0sVhqrYSoVVQZY1W26E9ug99WM8iIvUrF2sxhorooumwygLqu0J9dt2hteU_beh1dk8FfPxP9AbtaTfGjdIvKaiZuc8E6dFtdYuxU3Jb51IBbRxm8AHBAi4zuOmcydYQJgX-NoQAt2-PxSZnY65QLtg07z5Fp256Yj2K5-yXTVXmXhUH4Iu1URK_c5aiVkV6Y7yK8OjaNTXQsFFJJZNcwssh69T7JL7JSzXOzIRG-Hhu0uKx_cYLERvisyCo7cWfUU_nwA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
107764729
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame BBA5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 12:09:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BBA5 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 12:14:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame BBA5 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 12:07:14 GMT
l
www.google.com/ads/measurement/ Frame BBA5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkGVnBdY5mIEPRJ36I5iLrZfp31-ehXKJ3QVx89BFsnPIHLLxcBXX6TI-OoMhOK8bVYbRsI1dx2y6xfX1K5OiKg9eriw
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame BBA5 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 11:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 30 Apr 2023 11:41:25 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0497 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cd_OjC8tvYtWyJqDa7_UPgMi9qAaM2Y2bXPyg_8ddwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQngAgCoAwGqBK0CT9DKp_6Tu1cgMUp87KQJKY8HX9sBzURcCUKMyskWgBr0s55nw4RI-VJQQhvIb4FMivKaN521T5LHfGVsHh8esQryHYbpXhZySS5mL2Fb8EC1_JPd1bktI9w0h5e411sdeXkJ3S-9SJ6IAHpzQ_HYkLxIN-B__kXe3jGxKDUWa44rTxd1vmmXn7WwSutf2l-iazMYZegepS-NYhtr217l7eBxdy_zDVEQGQ_nnnH_OcsDgowsxlZy7xskbXLQoBdsIWQV-smkO1ZlNOR8n10A7Fk_9vCIT4wYAQCBbOw-mf-FVBW9a8qm5hd-FcfuIy3eBoi-pHZqw5X_mEV1wXtzj6XjIqw_q-y0l9i3YDGmqIKYQGm4HWHDWnf2RA6QB7enBQEJP_eZJPzBJTOj3eAEAYAGxuSVuN2Pyc-XAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi04MzM1NzY4MjQ2ODcwODA3gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU3ODE1MzEyMDc1MDkyMzIY57Zt&sigh=zxyMU8oBdtU&uach_m=[UACH]&cid=CAQSPwCNIrLMT5P8a2tbvH2s6uR-_8P1YchyI9kAFJF6UyZ2MV3RFu43k9tGhl39lIQ01cpGqZitgbDebx1p-c47FxgB&tpd=AGWhJmsvDBGEUnrgZVymAxbelMV8H66SogZL7F6phdEoD68PUh2p-2hYPlc4UNqDfd4KT28GVKtfOZYMhlYpBw6PMIITtZNDHRJj02WgqrDQ-PcCsux9atiQL-UmFNmT9XhvoYXmr5wD6dlcaxuxhqPHINUXXsklhnr-Ky1axiRo1buyekpc6SPj08B6P-R54quhpCLIhikLTxHXpJhrCHkX85OzKPgIBwzcSSJjJ4-7ICaMmGnYikIRxYaoUxYJIc1yJmNxO9yopzO80VZccs9oRppaX4zt1ml_-anqeQLOXJNaZ4BLCFEUsDwWVcs2E8TJrsUG_xAdrw4w5dHMnI2cEk0eS8z_CxOsK07KxexkCZDckAwW0Dg9owBt0KJNhoi4CPBY_JRxMJ_1u2IuxKgHeL7oXpREp7g5TvkYwtx51-SHlH9XoPAux-0mjcc9q-B48RHi9olUe4OMmTW4YoKbTijLNTUkcidqo4vb7bGMSm3FN-gpZeTYRrMpKVQzBeKeh2sXlaEJYeyMGkhCpnPJoizJhNKdWNpcg-fqqwsQuscTat0s41R-hLklOGzVDVB3de_9CyuDksoMr4vNYNa4X6OZnQPwimiunNvsCNlUSHoTCXeagGPBr1LRPRygx5Xou3-zjKi6D3KSvJRcI61Xnw0Nl4k_p11pNmqRwRW80jAWkvtLaFofcXGqul3ec4dCHq3JDA-Vk3hSiVkzPhvXiXbeEXGr1xg6PpudHoOjumCfNoyfiihnHCrQz7BJDlyfpYQUM3jqvavG0ExgBr4pEF9DQiiGDrnxxfsKG3EQEFGu0o4NXhIf0J8p5oKFgTACoe-ay6em6sPB_N1Rg1m0fNmAnfxv8wBcDhIWRgXnd9wCQmtLYWxsn3rc5qn92tFE_PX5vs4geSWx0MVsuo6J1C1xrNFrtVvRA-uxsH13vPJYM7Q8eYN2ya2fLyqv62pzfyOcTeQs__KYnms0uDLnV8EKFin_EwONMj4AV6YVHrzwD4oj5aDohCaXgHsWnw7kkSSlkj-LzmeYbRSb-PY6GNHEhqQgIbcr7PVg_rnqIsD9QvydiWNu7Erqfw1BE-sX9TXvNjxvzwb3KI0Zume39A
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers
js
tags.mathtag.com/notify/ Frame 0497 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT1RKa1lUTXdZall0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg1ODkwODU4MTc5MDMyODczMjkvODA0MzkzOC81NjM3MjU0LzQvMXRHbDExbG1xN2E5cnYxOWdnZW9jN05RaXBXZmdqSzdiZjZDRzNLU0Rtdy8xLzQvMC8wLzExODM0NzcvMzY0NDg4ODgzMi8yMzQ0OTUvNzQ2MzQ1LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvODU4OTA4NTgxNzkwMzI4NzMyOS9hbXMvMC8yMDAxLzU5Lzk5OS8yNTgvMjE3LjY0LjE1MS4wLzAuMDAwLzE2NTE0OTM2NDMvMTY1MTUwNjI0My80L3B1Yi01NzgxNTMxMjA3NTA5MjMyLw/BxTzN7CjfiufM1LCgo2jQvkNSNM&nodeid=3012&group=cdg&auctionid=8589085817903287329&shardkey=8589085817903287329&sid=5637254&cid=8043938&bp=a_adeeaa&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.99&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg1x0C8tvYtWyJqDa7_UPgMi9qAaM2Y2bXPyg_8ddwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQngAgCoAwGqBLACT9DKp_6Tu1cgMUp87KQJKY8HX9sBzURcCUKMyskWgBr0s55nw4RI-VJQQhvIb4FMivKaN521T5LHfGVsHh8esQryHYbpXhZySS5mL2Fb8EC1_JPd1bktI9w0h5e411sdeXkJ3S-9SJ6IAHpzQ_HYkLxIN-B__kXe3jGxKDUWa44rTxd1vmmXn7WwSutf2l-iazMYZegepS-NYhtr217l7eBxdy_zDVEQGQ_nnnH_OcsDgowsxlZy7xskbXLQoBdsIWQV-smkO1ZlNOR8n10A7Fk_9vCIT4wYAQCBbOw-mf-FVBW9a8qm5hd-FcfuIy3eBoi-pHZqw5X_mEV1wXtzj6XjIqw_q-z2lfklwp5Fhhx7Q8dKMcsZf2D8wAe-Hzof7y2j71aHCORhr8iNQ2z3WeAEAYAGxuSVuN2Pyc-XAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi04MzM1NzY4MjQ2ODcwODA3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0MXpsxkYfOmItIRJUyOyB7VRyqhQ%26client%3Dca-pub-5781531207509232%26adurl%3D
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.246 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.309.0 /
Resource Hash
749f6925a5b8a730dda70bf71cc5f819820dcc1df2a38728536839b830fea8cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:05 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1651493643
Last-Modified
Mon, 02 May 2022 12:14:03 GMT
Server
MMBD/3.309.0
x-mm-latency
146 (1)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
pao-router-x39, cdg-bidder-x176
Connection
close
Expires
Mon, 02 May 2022 12:14:04 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 0497 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 12:09:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0497 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 12:14:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 0497 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 12:07:14 GMT
l
www.google.com/ads/measurement/ Frame 0497 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtqXEDVQ8uDD4asjSIGga6-tAkMnEu3uXCxu2iI7mMvThxDJpcUW-jGiAWsnj9ao3li_6GhaLClmugB-po_T2WM-B0BQ
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0497 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 11:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 30 Apr 2023 11:41:25 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 91F4 		75 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21726375739%2C22463264601%2FVM_603cde5988cbff67a6738951%2FV_A_Google_mtgassist.com_Outstream_Global&description_url=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=563673635765345&cust_params=bfp%3D0&sdkv=h.3.512.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3238217759&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.512.0&sid=2531D5F9-ED78-4A16-B1C8-A2CA29F88E23&nel=0&eid=44750822%2C44757675%2C44761692&url=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&dt=1651493644348&cookie_enabled=1&scor=4041365653879299&ged=ve4_td1_tt0_pd1_la1000_er894.1114.1048.1414_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
c75e3d704c24984ab4e26281004162b1711e6645a5516bf319186d2491f5ff31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16207
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DAEB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgqGTXt7Qw6B5WHhq7U-eOPBicTQGCgxGVewbca5RAsVHUMUm-BoDN6IYJdvTaWZIvEEp8NVtTef6EAj_1FwMfKsNtJFrWsMoFvB18ofayI1ScAsfA0XFWSsoXxTLl0_H9w9W6oFxudNIfq1L2VZKMxNlRe8-kaGBEpIYLTHaic38p_8tvhFTZ6zdg2B5wzwTVqerNVafAiXoWHO7f_Ok2dZ9UQphDGn4mmXCBbw8tCPVBoiXJ_VZCippt5C5Qj1P2XBOTVBgimIfcMpww1-piKmcC5592PfGYB5iyLGPGmMGePbFhuTg8h0Wi3jDcEz-sBe3NwzKbzXYz2ve6_V-x&sai=AMfl-YSdJX_7TnEYB7wg6xyHi8LaXdcNVP92VrwIltYMGONhyUkH5-_jN-rC8839gdBRUTxK3hl5IBMhbeC1ArCOgxbi7ZQ2E2slYNVBcgK_w2ytrjR9uHVaZCnvRexBpXY&sig=Cg0ArKJSzOht6KjzyfAfEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 12:14:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 02 May 2022 12:14:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D472 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstP6kr9ktQlX7aFOEqszrLJB9TW6fj0wSaALLRzBgoLyGHiVtbFCh5EDKBwEjcRqNpq0q8yN3lfbpegFFyN-5wL8jdHpsShPiMVppODUEU2JGwXGQA4trZGMXZHokHr3od4cOFBmrqvsoN-qLcLJ376dknmDwQw5vT1cA0ts5rrbYvx2pTvkgEUio-WQ-5mOwAt41Ss-OV4JOMYwHptF5CTvMfsD82FAOxgJjL588cpXv4Ffms9yjeM6d4OSfzeBwYMQJYEVWFVQ2c1tyy4HTUreFE4o8Q8IJGiP6frFPijHosBNqhU4pBcOIWLRBjsBimpVFXQeODxv7WPivKJIpyq&sai=AMfl-YTThJiCVjwzOC-nDCgC1PnnaI9Y5HPZC2HIDhT9HxJ_a1PgXAhHVyz2AB80tzJ80IIGtgRSPH_42Gv_waU8C7eTMMSqis-0N7q9NBls7EFV8yYAvQxZZuuQ6LDaSmoJ&sig=Cg0ArKJSzE5P-0U7FNu7EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 12:14:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 02 May 2022 12:14:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DE1D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvAEPJ0BVPPfeQUEM716cV5CINc_LhaC_SBsiVrUwpEYkIbEiImXAMqqIDSinbqd7cjBLbqzrV4vm1SMTS7cDfABpRUqwYvn3NuRpsmBULBzcC_mfSoWrj5RXVdIzVgM1I3m0I-aQPE5zS3WXUo52-wzTP7ZB_YkmNGCcMARpMTfxVg97xARp-TpRk4KFuXfGn6PnC84ByqtmbxZiR9ICcXAB2fPJcDE6FLvYAPThsL04k97Sb2crSeL6PKbF-yQitV3gKO9MAB2IcPRbA5EiP959ZbRSmF9H3GeWU5hOvHmSDa7CyrCXK99NFetAqDFSYLzgYJ1X1Z_Axb-fsplas-&sai=AMfl-YSa2HIHRRdoZqifD7SEnXR9g4bF-tJ9Lx1vbzGBxEAFD7fsfi5_vXabPA-PwCApoYy4xsVcSFZTW6NwReR3t1zS_qqH4RpoXd6aTEIl8cVm8YPsgsnNbUf-p17r2W1D&sig=Cg0ArKJSzEYxrv0Jsr11EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 02 May 2022 12:14:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 02 May 2022 12:14:04 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9E52 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEFLKC8tvYt2lJoKW7_UP9ti6yAuU5I2bXIPTp9SoA8CNtwEQASAAYJXy_YGUB4IBF2NhLXB1Yi01NzgxNTMxMjA3NTA5MjMyyAEJ4AIAqAMBqgSwAk_Q1a6eMTYigmmhWVelBIL5H5D_iEZ9vNgS8miwI4VwaeHxr158KXReMDtLJ9lDGOgnISXr-Zl35v2nSoMto8y-GAmZwpSbhZNw57ssmsqKdhHrxYJVuiYrI-rfS02ToLXxkXKsnc0WBHs7UO8Eb61VcTZqJhRcwQ9PJe4OHqlTLzOP8FAazZ0gFHCmP-L7Ehc-C9D02-ByoEQk4rwmvdREBQ4BL-gsGykIheZDC6QSU-VHgfM8mi9vEb-gq6wEMzog2DcUbDW4T52DHtri1Z62pZhJkb2TO7NLScrWkUJVMKKUU41lrhmD8ZnFJee0t8UOkAWrc8euKTCKgfzy6OzJCy6YXG2ueIWM05Lb5S1XwR1GZO6we9jZ1WqkA0S1T9eWowkRAjTgsr5BHYxTr0vgBAGABtyYhYWZt-qergGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN4AKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01NzgxNTMxMjA3NTA5MjMyGOe2bQ&sigh=KeoCwNyZV64&uach_m=[UACH]&cid=CAQSPwCNIrLMsdWFNlumdzKFRYZRH151Q-QGi61sW6F7EU4-2xC5Skw8OP5_qccbwj-G2GLvPd6B0YrytNMbcPGcYxgB&tpd=AGWhJmuLowMkHTsDOVfW7RbroEJ5gDZ082YNc6ovA-BRJTH2HarXvV0Yt_KC_pg88SZ8XixGgnuzX3sYRVqUyk8P8sQgtnzrldss8cBz2Ijuu6TdEOwtdah6F4qwW6MSOe6hu5b2t40vSNBQkXW8q-5ooGDPe3x0YwtlcJ2rqg4yV6s4neREpvVmif_U9nuH1taFk4IetylCcLOkcwPv-CHvyg4iRVEqxjU6Q_NpJrXE08-n9eCFEYObRXhPQJrCl_AreB-HLJi8a6XH9iJD5lFmraCdT-GK3nUsuB04ZNtbbOSzqeohf8XUknbEjk6JYp0-KhdvLNcpRUSWTVDe66wrX2F2v5BN_CxpUFzxN3JnvsSwEDrmD5y3OjRklAOej9rzxnzB0FSwU7nnU5wiSpcToZLkFZjhfokqeB3CGmXbpWR234BpWwcEml9xPpR9wARbv7DUuJ7NGaFGjRq2FkQcWt-laqqpJnO_QeAUTs24axN4fSbox7Uwj6TYpsqXv2mS0azMIz5KcF4Bi18pmi0O2eCgV0IAfGP7MMA3lt14qxNukXLQruEs2EHbggrwsCVddvZbAj-uBvXjGbUULjjEwHLh-ksLKfHVsqGMrKZyxw_vzF7QLzQ00veuztINhXFKRQWxyB0phcLrmB3dULxLUBrUizXE9r4hqjPuHIS5ydYn6yVOEZG5BvJwJADftUrXAh-ctbgO2q-uBdzKalRnQ3VtSq94tOW_MMao5DgDudsROCQnVT1jn3o2x8F9ibepo8obWs11OdjTXNkUKyNYiu79rgmsvJARMlKGOtdANnF4DY0ZBRSVEJ1jSRHwKUGQGPozvBNwZsJh4a79i4_FP5A9U0p7Qmyrqq10FRD-lEzlVmvzHLI
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers
/
track.adform.net/adfscript/ Frame 9E52
Redirect Chain
  • https://ghent-aws-fr.bidswitch.net/imp/0.0518/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R48267044_Qrtbwp_R_I_WAUCTION__PRICE_X-RqQ__LjhARflGKpTuyH9exzPV-__e8e1lN0_Qrtbdata_RUJbjWetggPJHFIqkh6...
  • https://track.adform.net/adfscript/?bn=48267044;rtbwp=0.0518-RqQ_LjhARflGKpTuyH9exzPV-_e8e1lN0;rtbdata=UJbjWetggPJHFIqkh6_bls9B7djCJpK-HwH26QARF_cPIjVHZ0tpx34Yh4lz2BYx-6cNfl5vbankWLiIpKupLUMvEClbVL...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=48267044;rtbwp=0.0518-RqQ_LjhARflGKpTuyH9exzPV-_e8e1lN0;rtbdata=UJbjWetggPJHFIqkh6_bls9B7djCJpK-HwH26QARF_cPIjVHZ0tpx34Yh4lz2BYx-6cNfl5vbankWLiIpKupLUMvEClbVLZtCpq2tMA1GKXgRuNakfUByE7NCwc1KTVP14KJjm763pjGUZTNX7lxXRWByUPfLZBQLROf1bg6QppLYHk3tlKJZJTxBD20s0ygDdyy0PoKkWM3xFR37TKE0O8IiKpDXjxyFQLMVb2a6WhTKIBl9-gB_sjjdyrh3tp78YxBSGWzhUJYUIDWAtjANrZH9p3vnXMKAGEhttfaHlo1;OOBClickTrack=
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0cc0e58c44e1b652dd178a87e27421fee882dcada713e26c7d48dbad42608436
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
936
expires
-1

Redirect headers

Location
https://track.adform.net/adfscript/?bn=48267044;rtbwp=0.0518-RqQ_LjhARflGKpTuyH9exzPV-_e8e1lN0;rtbdata=UJbjWetggPJHFIqkh6_bls9B7djCJpK-HwH26QARF_cPIjVHZ0tpx34Yh4lz2BYx-6cNfl5vbankWLiIpKupLUMvEClbVLZtCpq2tMA1GKXgRuNakfUByE7NCwc1KTVP14KJjm763pjGUZTNX7lxXRWByUPfLZBQLROf1bg6QppLYHk3tlKJZJTxBD20s0ygDdyy0PoKkWM3xFR37TKE0O8IiKpDXjxyFQLMVb2a6WhTKIBl9-gB_sjjdyrh3tp78YxBSGWzhUJYUIDWAtjANrZH9p3vnXMKAGEhttfaHlo1;OOBClickTrack=
Date
Mon, 02 May 2022 12:14:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ Frame 9E52 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13386848
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 20:06:40 GMT
Server
nginx
ETag
W/"5e8cdd50-17e9"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Cache-Control
max-age=604800, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Credentials
true
Expires
Mon, 09 May 2022 12:14:04 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 9E52 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 12:09:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9E52 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 02 May 2022 12:14:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 9E52 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 May 2022 12:07:14 GMT
l
www.google.com/ads/measurement/ Frame 9E52 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9aOoYIeCd_PTN9Dve1cWhAmIM8e-UDbdq7PZXmZrVRlphmAeuLMnK1Y3acFmxyBmc_FYahmMTVU7blufoKRmX0qPKPA
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9E52 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 11:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 30 Apr 2023 11:41:25 GMT
track_enc
track.venatusmedia.com/dual/ 		16 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.249.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-249-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:04 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 03 May 2022 12:14:04 GMT
usync.js
eus.rubiconproject.com/ Frame 9DF0 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9373556c315280b756fbe5e357153b8b34d73c3da1a92367a1018561912d4a3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51697
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9542
Expires
Tue, 03 May 2022 02:35:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8928 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042601&jk=1109375537492533&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame B581 		0
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:04 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2048f354-11b2-42d8-8012-7599c0cdca43
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3825 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 27 Apr 2023 12:14:04 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3825 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 27 Apr 2023 12:14:04 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3825 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 27 Apr 2023 12:14:04 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 3825 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Thu, 27 Apr 2023 12:14:04 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 3825 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=TWPaVOkKdWArVyFYzifXdWLyknzo5dvlObw_lgAkclOnLEzOi9k4-i515vptbmgi-v3QDId1H2hq8A_7B-4j9anWiwdSbTeyICf-y-7l0-mHbZ8fWiqlE0slsmeUWcTWr9wnGvZavLE3-D73JvIFSW_P3f2cHqfJzFcpBYBuDMQCvQInaRx_ZNxvHkmi0edzIDKSXOG5tapsgBjOAzbyV_nWKK0dCxA3fWtELIoNPKLowsKyaOPA1GWZJVLtLrRBLlc55xXRrLspW9wvIa40eq-an-VEzia2r6uGVG-MiU1pgU_wr_B5hCyQY0TSMOEHCwpHil0PFKHJZxPftILfJ-lS0PqtnZb05jOs1FFfY3JtYyik3_DforRasioVU5bRZFDS28tBT4Sw6PdrkCaEvuWnPy_vn0pf39Kq9ZedEZcno2j0arhqfCLF7PeXcRoJV3FGmQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:03 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1869155
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
IgzTz77AOrXN1Rxxl6vifLkaj7bdZbRVkxAQRHJ0_jQ.js
pagead2.googlesyndication.com/bg/ Frame 524E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IgzTz77AOrXN1Rxxl6vifLkaj7bdZbRVkxAQRHJ0_jQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
220cd3cfbec03ab5cdd51c7197abe27cb91a8fb6dd65b455931010447274fe34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 11:24:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
2990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13585
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 May 2023 11:24:14 GMT
truncated
/ Frame BBA5 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
311ea7b938b62b08cb7dfd8c39c51ce54b97f1ed7321db235fb834e0a9e79de1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/png
usermatch
ssum-sec.casalemedia.com/ Frame 91BF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtgassist.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtgassist.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtgassist.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
15262021520489f73230865be192ad34663ac9e4b300f69743107e4d961701a6

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1776
Content-Type
text/html
Date
Mon, 02 May 2022 12:14:04 GMT
Dropped-Udsids
45|230|241|39|65|88|40|206
Expires
Mon, 02 May 2022 12:14:04 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
348
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 02 May 2022 12:14:04 GMT
Expires
Mon, 02 May 2022 12:14:04 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtgassist.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 3825 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1585622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlvHkV8pUtxUqMPI8%2BuoTtzu6ZlsYZyVLONqTCPitEZ%2FSuUc5OMzMjxAPRI6iqKtFlIF5%2BYb6CmdlWm6zYxYxOAlB18F7oOGEFLq7KH8ACs%2FIQD%2BMnWDRo7wJt3iCs2iELkGycqb2ngyCh3L7jOqFq%2F1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7050acaf6c8f01f0-ZRH
expires
Sat, 22 Apr 2023 12:14:04 GMT
animejs.js
static.criteo.net/animejs/ Frame 3825 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 27 Apr 2023 12:14:04 GMT
img
pix.eu.criteo.net/img/ Frame 3825 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=176&m=0&partner=16367&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F16367%2F180504%2F66f7cd179beb464e8536ed7411abdbb8_logo.png&v=3&w=256&s=G50eUNMtr9bwddN6LlF7LQiN
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d5de26586f229a5a18502ff48346bf7a44d92e261179733dae4865b6dfc7183a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30979011
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8421
expires
Wed, 26 Apr 2023 01:30:56 GMT
img
pix.eu.criteo.net/img/ Frame 3825 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=16367&q=80&r=0&u=https%3A%2F%2Funo-production.s3.amazonaws.com%2Fchannable-images%2Fabsolventa-new%2F185.jpg&v=3&w=800&s=YIL2MBCLiSNqWoytDrqyhdYs&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f7924d6014a6aeaa8ec611e0257111c9d4eeed3655bbe5715c9897a72d9f4d4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23162
expires
Thu, 27 Apr 2023 12:14:04 GMT
img
pix.eu.criteo.net/img/ Frame 3825 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=16367&q=80&r=0&u=https%3A%2F%2Funo-production.s3.amazonaws.com%2Fchannable-images%2Fabsolventa-new%2F236.jpg&v=3&w=800&s=3CHErUs99rf26DjYXQBJRugR&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
15c4184ca87a62ab093685595606d5891e2143ab50a1babf12ac68ef071f498f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
21580
expires
Thu, 27 Apr 2023 12:14:04 GMT
img
pix.eu.criteo.net/img/ Frame 3825 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=16367&q=80&r=0&u=https%3A%2F%2Funo-production.s3.amazonaws.com%2Fchannable-images%2Fabsolventa-new%2F221.jpg&v=3&w=800&s=_9kpxA866b5JdD8v77zLPlsj&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
397375e1cf974deed6de31655068818c8e52827234138e83d29385edbdc13aa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
18576
expires
Thu, 27 Apr 2023 12:14:04 GMT
img
pix.eu.criteo.net/img/ Frame 3825 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=16367&q=80&r=0&u=https%3A%2F%2Funo-production.s3.amazonaws.com%2Fchannable-images%2Fabsolventa-new%2F153.jpg&v=3&w=800&s=vOazIKyBUlm_1J2qlavIuQmy&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
11c0003e75436b1d503a28cf9952730a39ef933d17c136f6f27bbd2999665af9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8000
expires
Thu, 27 Apr 2023 12:14:04 GMT
all
csm.eu.criteo.net/ Frame 3825 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=0sVhqrYSoVVQZY1W26E9ug99WM8iIvUrF2sxhorooumwygLqu0J9dt2hteU_beh1dk8FfPxP9AbtaTfGjdIvKaiZuc8E6dFtdYuxU3Jb51IBbRxm8AHBAi4zuOmcydYQJgX-NoQAt2-PxSZnY65QLtg07z5Fp256Yj2K5-yXTVXmXhUH4Iu1URK_c5aiVkV6Y7yK8OjaNTXQsFFJJZNcwssh69T7JL7JSzXOzIRG-Hhu0uKx_cYLERvisyCo7cWfUU_nwA&sds=2&rev=81333&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 02 May 2022 12:14:03 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3825 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 27 Apr 2023 12:14:04 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3825 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 27 Apr 2023 12:14:04 GMT
syncframe
gum.criteo.com/ Frame ECA8 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.mtgassist.com
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
67b5149e118833c325f62559db1efb40d9047c5f6ea3e8e12685e28a2545f717
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5883
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 12:14:04 GMT
server-processing-duration-in-ticks
2273
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 12:58:03 GMT
server
nginx
etag
W/"624c3cdb-17cf9"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 03 May 2022 12:14:04 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 9E52 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 03 May 2022 15:14:55 GMT
ecm3
s.amazon-adsystem.com/ Frame 9DF0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=f1Wt_rWkSfW93TnJ3MKd5Q&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=f1Wt_rWkSfW93TnJ3MKd5Q
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=f1Wt_rWkSfW93TnJ3MKd5Q
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:05 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TM1R9J3G1M1FAVKQT2TH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=f1Wt_rWkSfW93TnJ3MKd5Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 9DF0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2OOOA4D-6-MB7A&sigv=1&esig=2~99aa77d23a83dd1c491cd8e7e66c4ab672f66ef0
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2OOOA4D-6-MB7A&sigv=1&esig=2~99aa77d23a83dd1c491cd8e7e66c4ab672f66ef0
Protocol
H2
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:05 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L2OOOA4D-6-MB7A&sigv=1&esig=2~99aa77d23a83dd1c491cd8e7e66c4ab672f66ef0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9DF0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDRiMzkwNzkyZWNlZjllZDkyZDcxZDRjMDc2ZmNjODcyOTE0NjI4ZA
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDRiMzkwNzkyZWNlZjllZDkyZDcxZDRjMDc2ZmNjODcyOTE0NjI4ZA
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDRiMzkwNzkyZWNlZjllZDkyZDcxZDRjMDc2ZmNjODcyOTE0NjI4ZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9DF0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gGilDVSq0m0O_SDnzelFbQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3985725241610440854
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3985725241610440854
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

date
Mon, 02 May 2022 12:14:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3985725241610440854
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 9DF0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJtStiXXfEBZ_ftfXXsYSGI&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJtStiXXfEBZ_ftfXXsYSGI&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJtStiXXfEBZ_ftfXXsYSGI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 9DF0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2OOOA4D-6-MB7A
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2OOOA4D-6-MB7A
Protocol
H2
Server
2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: ABE0E465356A44CD9AC81949CF9D827E Ref B: VIEEDGE1117 Ref C: 2022-05-02T12:14:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXeBlQPCXIgCcGpJwVgCA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L2OOOA4D-6-MB7A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 9DF0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
709414.gif
id.rlcdn.com/ Frame 9DF0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 91BF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ym-LDMW3j-Wtzw549MkP6AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECkeFwHAmQHjC1y2Bqdl7Eg&google_cver=1&gdpr=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECkeFwHAmQHjC1y2Bqdl7Eg&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtgassist.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 May 2022 12:14:05 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECkeFwHAmQHjC1y2Bqdl7Eg&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 91BF 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ym_LDMW3j_Wtzw549MkP6AAABIwAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtgassist.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 91BF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym_LDMW3j_Wtzw549MkP6AAABIwAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym_LDMW3j_Wtzw549MkP6AAABIwAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym_LDMW3j_Wtzw549MkP6AAABIwAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtgassist.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:05 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BZ1JZM59MBHPPY2A5GN4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:05 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
B7QMC12VVS97NQ62T2GY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ym_LDMW3j_Wtzw549MkP6AAABIwAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 91BF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtgassist.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rum
dsum.casalemedia.com/ Frame 91BF
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1651580044&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1651580044&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtgassist.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 02 May 2022 12:14:05 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1651580044&gdpr=1
pragma
no-cache
date
Mon, 02 May 2022 12:14:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 91BF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=Ym-LDQAY5FU-tQAy
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ym-LDQAY5FU-tQAy&gdpr=1&_test=Ym-LDQAY5FU-tQAy
43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ym-LDQAY5FU-tQAy&gdpr=1&_test=Ym-LDQAY5FU-tQAy
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtgassist.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 May 2022 12:14:05 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1651493645.247200,VS0,VE0
x-served-by
cache-hhn4068-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ym-LDQAY5FU-tQAy&gdpr=1&_test=Ym-LDQAY5FU-tQAy
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame 91BF 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Ym_LDMW3j_Wtzw549MkP6AAABIwAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtgassist.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:04 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 91BF 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Ym-LDMW3j-Wtzw549MkP6AAA%261164
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtgassist.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:04 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1252
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 May 2022 12:34:56 GMT
css
fonts.googleapis.com/ Frame 3825 		664 B
356 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 02 May 2022 12:06:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 02 May 2022 12:14:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 May 2022 12:14:04 GMT
activityi;dc_pre=CPrUtaDlwPcCFR4cBgAd5L0L4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1432727364580.877
5994599.fls.doubleclick.net/ Frame A98B
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1432727364580.877?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPrUtaDlwPcCFR4cBgAd5L0L4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1432727364580.877?
391 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPrUtaDlwPcCFR4cBgAd5L0L4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1432727364580.877?
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
3f620240574f055974f5b8bce40d73521c62556fccf6d70761fc42b78504f566
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
322
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 12:14:04 GMT
expires
Mon, 02 May 2022 12:14:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 May 2022 12:14:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPrUtaDlwPcCFR4cBgAd5L0L4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1432727364580.877?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900028.redintelligence.net/ Frame AA68 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/request_content.php?s=23203200099418100951427011947028&a=f800686b
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 Magdeburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
4d723fab3d36b51625c639048b46143642d3b5f153d8f13cb9abd47c37decdf2

Request headers

Referer
https://www.mtgassist.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2299
Content-Type
text/html; charset=utf-8
Date
Mon, 02 May 2022 12:14:04 GMT
Expires
Mon, 02 May 2022 13:14:04 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
rd_log
ams1-ib.adnxs.com/ Frame 6427 		0
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&e=wqT_3QLNEuhNCQAAAwDWAAUBCIqWv5MGELaShMjT8rfbbhgAKjYJ203wTdNnuz8R-g7Zm3NLtz8ZAAAAgML1BEAh-g0SACkRJMgxAAAAQOF6pD8w092SCjimBkAdSAhQ7uCohgFYl76TAWAAaIUdeNbtBYABAYoBA1VTRJIFBvDlmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAh_gAu6QAeoCTGh0dHBzOi8vd3d3Lm10Z2Fzc2lzdC5jb20vc2VsZmRlZmVuc2l2ZS9jaGFzZWZpeC9zZWN1cmUvNDk0MTYxMjExL3NpZ25pbi5waHDyAhoKE1tCSURfQVRUUi5leGNoYW5nZV0SA2FwbvICJgoPW1JBTkRPTV9OVU1CRVJdEhM4NTg5MDg1ODE0NjcwNjg5ODcw8gLNAQoaW1VORU5DT0RFRF9DTElDS19SRURJUkVDVF0SrgFodHQFtTRwaXhlbC5tYXRodGFnLgG1oGNsaWNrL2ltZz9leGNoX2FpZD00MzQyMDE3MjcwMDE0MjczMTAwJm10BRsMODU4OTp-ADQmbXRfaWQ9NjYyMjM5MwEOKGFkaWQ9MjE2NTM2AQ8AcwFTFDU2MjMxMgEPFGV4aWQ9MQUpFGluYXBwPQVCQG9zPSZyZWRpcmVjdD3yAhcKPRdgZ2Rwcl9zdHJdEgDyAhkKFFtCSURfQVRUUgkaOGZsYWddEgEw8gIeChRbQQ0bMGFkdmVydGlzZXJdEgYJjRDyAh0KEhUhLGNyZWF0aXZlXRIHNgm8EPICKAoRGV0YYmlkX2lkXVpzAYiCCgoSW05PVElGSUNBVElPTl9VUkldEusJPGltZyBzcmM9aE0pDHRhZ3MycwEUbm90aWZ5NXQYPWFwbiZzXyF_BQvQaWQ9NWFXOTVxMmpMekl6THlBdlRrUlpNMWt5VW0xYWFsRjBUVVJCZDAxRE1IZE5SRUYzVEYFEBBFUVhSTgUQAFUREAkg8LxMemcxT0Rrd09EVTRNVFEyTnpBMk9EazROekF2TmpZeU1qTTVNeTgwTlRZeU16RXlMekV6TDFCbGJYcFJRV0ZTTTBJMWRWSkdSRUZ1WWpOS1VEWlllRXRhY3pReVlqWTVWVFZ4WWtkeE1IZElNVTB2TVM4eE15OHdMekF2T1RVMk9EQXpMek0yTkRRNE9EZzRNemd2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVEV1AxNd2QwAeQIZE1WESAARQUQOvQADGN2TUMJfAkIZvwAsGVuSm9MekF2TVRNNU1DODFPUzg1T1Rrdk16SXlMekl4Tnk0Mk5DNHhOVEV1TQFURGpBd01DOHhOalV4TkRrek5qUSEsLDJOVEUxTURZeU5ESQFM8EN2T0RBMkx3L2I3TTl1UktpMFJGbTdYbl93Y2V0WnA3MWZ4RSZub2RlaWQ9MTYyNCZncm91cD16cmgmYXVjdGlvbmlkPU5qAxxzaGFyZGtleVKHAy5nAwBjfZHwlWJwPWFfYmFoYWZkJm5meV9hY3Q9TEQ1d2V3JmJmaXA9MTg1LjI5LjEzMy4xNjEmdHlwZT1pbXAmY2xpZW50PWMycyB3aWR0aD0xIGhlaWdodD0xPlx4M0NkaXYgd2lkdGg9JzEnIGhlaWdodD0nMScgc3R5bGU9J2Rpc3BsYXk6bm9uZTsgb3ZlcmZsb3c6aGlkZGVuJwVDZSoJLjRsZWZ0Oi0xMHB4O3RvcA0KECBwb3NpIRAkOmFic29sdXRlJ2VaBCdobVsAcELPBBBldmVudGVbiZcYMTM2ODg3NYF5kZcUNzY0JnYxgYMEdjJSSgE4djM9NjUxODcxJnY0PTQ1iboEdjUu4wRIbnN5bmM9MSZub19hdHRyPTEnIFIMAQAvVugAADkR5wEJguYAAHQ-QQQZ5SWuKG1tSW1wVHJhY2smlUUAYl5DAgB0FdIgdGltZT1bSU1QqUwBDwBdLpcCctMA8KQvZGl2PoADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA8HyvwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMjE3LjY0LjE1MS42qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ATu4KiGAYgFAZgFAKAFzMy_3ru2_KA8wAUAyQUAAAAAAADwP9IFCQkAAAAFD7DYBQHgBQHqBQwKB2luLXZpZXcSATHqBQcKAmhwEgEw6gUNCghpbi1mb2N1cxIBGjAPCgpsb29wLWluZGV4BSwQEAoLaXMFO3RhYmxlEgEx8AX5yyH6BQQIABAAkAYAmAYAuAYAwQYFcDAA8D_QBvmrAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwGqBwZJcAi6Bw8BUkwYACAAMAA4xAZAAMgH1u0F0gcNCRFDAUEI2gcGCSdA4AcA6gcCCADwB45tiggCEAA.&s=b5d2e47715a065228c3eaecc381a001d8862ba69&bdref=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php,https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:04 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5040e229-6589-4e86-8774-0ef0f539296c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame EF8B
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.mtgassist.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.92.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-92-187.compute-1.amazonaws.com
Software
/
Resource Hash
5931640f48b2094ee8640f3bfcd83b19d2b46ad10bb1d7759e47adc146e9a938

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Mon, 02 May 2022 12:14:05 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 02 May 2022 12:14:05 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Mon, 02 May 2022 12:14:05 GMT
location
/um/cs&eq_cc=1
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame 3825 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 17:07:14 GMT
x-content-type-options
nosniff
age
500810
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 17:07:14 GMT
vevent
ams1-ib.adnxs.com/ Frame 6427 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&e=wqT_3QLnCuhnBQAAAwDWAAUBCIqWv5MGELaShMjT8rfbbhgAKjYJ203wTdNnuz8R-g7Zm3NLtz8ZAAAAgML1BEAh-g0SACkRJMgxAAAAQOF6pD8w092SCjimBkAdSAhQ7uCohgFYl76TAWAAaIUdeNbtBYABAYoBA1VTRJIFBvQFAZgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIf4ALukAHqAkxodHRwczovL3d3dy5tdGdhc3Npc3QuY29tL3NlbGZkZWZlbnNpdmUvY2hhc2VmaXgvc2VjdXJlLzQ5NDE2MTIxMS9zaWduaW4ucGhwgAMAiAMBkAMAmAMXoAMBqgOmBgrdBWh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2VGtSWk0xa3lVbTFhYWxGMFRVUkJkMDFETUhkTlJFRjNURlJCZDAxRVFYUk4FEAhVUkIJEARkTgEQ8LZMemcxT0Rrd09EVTRNVFEyTnpBMk9EazROekF2TmpZeU1qTTVNeTgwTlRZeU16RXlMekV6TDFCbGJYcFJRV0ZTTTBJMWRWSkdSRUZ1WWpOS1VIbE9aMVZZWjNkMVZqazJSamxLWVZKa1lWSXdUVVV2TVM4eE15OHdMekF2T1RVMk9EQXpMek0yTkRRNE9EZzRNemd2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVINxABSBcQMVFVNdw3UBE1WESAMRTFFUQ3kGfQMY3ZNQwl8CQhm_ACwZW5Kb0x6QXZNVE01TUM4MU9TODVPVGt2TXpJeUx6SXhOeTQyTkM0eE5URXVNAVREakF3TUM4eE5qVXhORGt6TmpRISwsMk5URTFNRFl5TkRJAUzwaXZPREEyTHcveFFoV1dsNXF3ZnpHUWwtZHlHMzFsSWZoQWJRJm5vZGVpZD0xNjI0Jmdyb3VwPXpyaCZhdWN0aW9uaWQ9ODU4OTA4NTgxNDY3MDY4OTg3MCZzaGFyZGtleT04NTg5MDg1ODEdHfBxcHJpY2U9JHtBVUNUSU9OX1BSSUNFfSZuZnlfYWN0PUxENXdmM1UmYmZpcD0xODUuMjkuMTMzLjE2MSZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjM5MyZzcmM9YXBpJnR5cGU9bnVybCZjbGllbnQ9czJzEhM4RoUA8LwaEzc5Nzc4MDk2MjE5MzI5MDI3MTAiCTI4MTY4NjEyNioGMTAxOTM2Ogc2NjIyMzkzwAOsAsgDANgDwfK_AeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwyMTcuNjQuMTUxLjaoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBO7gqIYBiAUBmAUAoAXMzL_eu7b8oDzABQDJBQAAAAAAAPA_0gUJCQAFDHgAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAMEGCSQs8D_QBvmrAdoGFgoQCRIZAYAQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzG6Bw8BUkwYACAAMAA4xAZAAMgH1u0F0gcNCRFDAUEI2gcGCSdA4AcA6gcCCADwB45tiggCEAA.&s=fb0830f758185a5fba2ac1f9b2312b8cb4c56e1a&type=nv&nvt=5&jm=1003&px=50&py=661&bw=160&bh=600&sid=5233883171824280804&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21278419&sw=1600&sh=1200&pw=1600&ph=1281&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:04 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e475b670-856b-43d6-9ea5-2937f2f77403
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.mtgassist.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame ECA8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=mtgassist.com&sn=ChromeSyncframe&so=0&topUrl=www.mtgassist.com&cw=1&lsw=1&topicsavail=0
  • https://mug.criteo.com/sid?cpp=64ErEXxhVjdqR2JlZThDRURMU2RKVUpmQUhpVjhONmZMYjFXL09sNUZTb294UTBPckI4WVVhTTNnYkZoMTNrYjR5ZGlzSnlXVE9nMXIxd3JJd3RKZDA1bGF3WlBDZ2NkN1NhbGluVVBVbUU3bTl5aFpxVFdLQzk4eUc2cG...
439 B
637 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=64ErEXxhVjdqR2JlZThDRURMU2RKVUpmQUhpVjhONmZMYjFXL09sNUZTb294UTBPckI4WVVhTTNnYkZoMTNrYjR5ZGlzSnlXVE9nMXIxd3JJd3RKZDA1bGF3WlBDZ2NkN1NhbGluVVBVbUU3bTl5aFpxVFdLQzk4eUc2cGphNmoyWXZ1Ry9tL0paaTJncm05K0pmNFhuak9xSE9kM3J3Wm1haFQxcE1yb2dlRzE2TWViY0F6MjFRZFpNRTZmcG42U0t2cXByS3R0a0FsMTQyS3IyZ1JYenhIcmFFODVGdEtCc3ljTlJneVBXNTJOc3N0dVFRclJlbCtMdlQrcDl1SlJkVkRnSlR6NHRnUXBKZHNJM2ZKZHV1N2xsUT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
185b56498e15895bda8fcc3709f7d7868328c1fce4ffd3777d598b458f8b4199
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5229
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:04 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=64ErEXxhVjdqR2JlZThDRURMU2RKVUpmQUhpVjhONmZMYjFXL09sNUZTb294UTBPckI4WVVhTTNnYkZoMTNrYjR5ZGlzSnlXVE9nMXIxd3JJd3RKZDA1bGF3WlBDZ2NkN1NhbGluVVBVbUU3bTl5aFpxVFdLQzk4eUc2cGphNmoyWXZ1Ry9tL0paaTJncm05K0pmNFhuak9xSE9kM3J3Wm1haFQxcE1yb2dlRzE2TWViY0F6MjFRZFpNRTZmcG42U0t2cXByS3R0a0FsMTQyS3IyZ1JYenhIcmFFODVGdEtCc3ljTlJneVBXNTJOc3N0dVFRclJlbCtMdlQrcDl1SlJkVkRnSlR6NHRnUXBKZHNJM2ZKZHV1N2xsUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1471
content-length
541
expires
0
/
track.adform.net/adfserve/ Frame 9E52 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=48267044;rtbwp=0.0518-RqQ_LjhARflGKpTuyH9exzPV-_e8e1lN0;rtbdata=UJbjWetggPJHFIqkh6_bls9B7djCJpK-HwH26QARF_cPIjVHZ0tpx34Yh4lz2BYx-6cNfl5vbankWLiIpKupLUMvEClbVLZtCpq2tMA1GKXgRuNakfUByE7NCwc1KTVP14KJjm763pjGUZTNX7lxXRWByUPfLZBQLROf1bg6QppLYHk3tlKJZJTxBD20s0ygDdyy0PoKkWM3xFR37TKE0O8IiKpDXjxyFQLMVb2a6WhTKIBl9-gB_sjjdyrh3tp78YxBSGWzhUJYUIDWAtjANrZH9p3vnXMKAGEhttfaHlo1;oobclicktrack=;js=1;adfxid=1x;7961;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.mtgassist.com
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f38d84cdb7574e63b7b1e1fddbc3b97863370bbd68c642016a01582b1945ce69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:04 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2366
expires
-1
csi
csi.gstatic.com/ Frame 91F4 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l2ooob5o&c=3869721273515&slotId=1934860636757.5&qqid=CLmfmKDlwPcCFRCpdwodLDILQw&gqid=DMtvYq6DF96X3gOV_pPYBw&fb=ima_html5-lima&sdkv=h.3.512.0&mrd=6&aab=1&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44750822%2C44757675%2C44761692&met.4=ghmsh_s.l2ooobu5~ghmsh_s.l2ooobu7&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=nRLeHMyjbfnmuwTL
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:82f::2003 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 91F4 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-3771275146029898
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 11:33:02 GMT
x-content-type-options
nosniff
age
2462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 02 May 2022 12:23:02 GMT
AKedOLS-zmOuS_n2KF7jNZTdQkF4tfLQFqyqH8KIEc9b28E=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 91F4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLS-zmOuS_n2KF7jNZTdQkF4tfLQFqyqH8KIEc9b28E=s48-c-k-c0x00ffffff-no-rj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d4ef51144a6f8f03d7cb3e90c127fc09f4a90c7dc90a3ecc8a7a2a8f99127e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 09:28:20 GMT
x-content-type-options
nosniff
age
9945
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2175
x-xss-protection
0
server
fife
etag
"ve45b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 22 Apr 2022 12:58:37 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 91F4 		42 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CWWDODMtvYrnpGJDS3gOs5KyYBMeezudn_8rAlIkQsJAfEAEg7onMaWCV8v2BlAegAf_bisgDyAEF4AIAqAMBmAQEqgTAAk_QoJG7wVr0HFddqX-cEyFuZTPMgMFPaRZh2x6sMbXsG9uhdFCx91Lzr7kNGmGKINX6BbQFmwDzH7aan-sXTZ9vBKV-7xXMcciVqLyvUGZAeFArAlM2gbjj1TQps2UPF4tjTb4R4ctQMyWOmBuBZS6-PIp3HubKiSfVo8OWWssIvxi4EdvCjumfWXKkjzvakLphz_9S-lI-6ts-rJPuxHq5eEnSp2skD6Wu2FbOM1QKzQ9ik56l8cFIpeObphWP2VFQalsSIC85qGlPEL8LDSMEJC1hCCRB_tQ_X-hoqhoqmCsIZx34uCwE_j3p3bcZuWxe5rP1Gq0J65BdnWN1kki4f93_2FxEEGZaXYzodxG18xWYOAixAzW7pVshIHG-0gKmceGCUjXWWsPZkmB-6pentSCbbmsdAIDVD6YJ6iUkwATf-P7A8gPgBAGgBlSAB4eGvPICqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTgzMzU3NjgyNDY4NzA4MDexCXmXOMNDq6XEgAoDmAsByAsBuAwB2BML0BUB4hYCCAH4FgGAFwE&sigh=7w4N7ssIDwk&label=show_ad&acvw=&sdkv=h.3.512.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MjIxNDczNDIwNzIMNTgyNTkxMjY4NzQ2QKIDUh0QDyUAAFhCKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 91F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CCCOQDMtvYrnpGJDS3gOs5KyYBMeezudn_8rAlIkQsJAfEAEg7onMaWCV8v2BlAegAf_bisgDyAEF4AIAqAMBmAQEqgS9Ak_QoJG7wVr0HFddqX-cEyFuZTPMgMFPaRZh2x6sMbXsG9uhdFCx91Lzr7kNGmGKINX6BbQFmwDzH7aan-sXTZ9vBKV-7xXMcciVqLyvUGZAeFArAlM2gbjj1TQps2UPF4tjTb4R4ctQMyWOmBuBZS6-PIp3HubKiSfVo8OWWssIvxi4EdvCjumfWXKkjzvakLphz_9S-lI-6ts-rJPuxHq5eEnSp2skD6Wu2FbOM1QKzQ9ik56l8cFIpeObphWP2VFQalsSIC85qGlPEL8LDSMEJC1hCCRB_tQ_X-hoqhoqmCsIZx34uCwE_j3p3bcZuWxe5rP1Gq0J65BdnWN1kki4f93_2FxEEGZaXYzodxG18xWYYAlDJj_RCnqz-dFR7JtJAy1RYf8t9_Txm05mfURshupqyn4xGFtR-JiQwATf-P7A8gPgBAGgBlSAB4eGvPICqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCq1XaoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTgzMzU3NjgyNDY4NzA4MDeACgPICwHCEwYY_9uKyAPYEwvQFQHiFgIIAYAXAbIXHgocCAASFHB1Yi01NzgxNTMxMjA3NTA5MjMyGOe2bQ&sigh=Fk54rFMg6QM&cmd=Ch1jYS1nYW1lcy1wdWItNTc4MTUzMTIwNzUwOTIzMhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&vt=10&sdkv=h.3.512.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MjIxNDczNDIwNzIMNTgyNTkxMjY4NzQ2QKIDUh0QDyUAAFhCKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers
truncated
/ Frame 91F4 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/gif
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame AA68 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=23203200099418100951427011947028&a=f800686b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 22:11:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 22:11:16 GMT
S-160x600.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame AA68 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-160x600.gif
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=23203200099418100951427011947028&a=f800686b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3112796.ip-54-36-108.eu
Software
nginx /
Resource Hash
4f4ed318db35c5f69af7305536516e10419a8a2ce9459ff38149fad2a5602c1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:05 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:29 GMT
Server
nginx
ETag
"5b55f201-9f7f"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
40831
csi
csi.gstatic.com/ Frame 2F9A 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l2ooob14&c=3869721273515&slotId=1934860636757.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:82f::2003 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 91F4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.512.0&e=44750822%2C44757675%2C44761692&id=ima_html5&c=2262153682658037&domain=www.mtgassist.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 524E 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tIWdrQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
track.adform.net/csimpr/ Frame 9E52 		35 B
502 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=48267044&csi=YSVE7abaR7Db6Tv49EFDahyIOphyancB5d2WdCoesRXZKGWOLEEutt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
videoplayback
rr4---sn-4g5ednd7.googlevideo.com/
Redirect Chain
  • https://rr4---sn-4g5e6nzs.googlevideo.com/videoplayback?expire=1651522444&ei=DMtvYrPKKNrVgQfxo6KICg&ip=217.64.151.6&id=cddeb8a4634b8d56&itag=22&source=youtube&requiressl=yes&mh=y0&mm=31&mn=sn-4g5e6...
  • https://rr4---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1651522444&ei=DMtvYrPKKNrVgQfxo6KICg&ip=217.64.151.6&id=cddeb8a4634b8d56&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier...
2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr4---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1651522444&ei=DMtvYrPKKNrVgQfxo6KICg&ip=217.64.151.6&id=cddeb8a4634b8d56&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=54.706&lmt=1644614271274037&txp=4532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAP9Ws34UHH2xTYz5e0Tjs2O19eePcNJ6VfabyLfB5J4IAiBM9ZuScEpGXj9I9DevIUBysLe6eM2Zkhg2zohc8CfP8w==&cpn=nRLeHMyjbfnmuwTL&redirect_counter=1&rm=sn-4g5ede7z&req_id=d59ff32d13da36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=y0&mip=2001:ac8:20:3b00:1011:b648:806c:f52d&mm=31&mn=sn-4g5ednd7&ms=au&mt=1651493585&mv=m&mvi=4&pl=49&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJx1sfAXLYFyc8AT1iUe3SB4S7AFgLWLGhymj2xPi6UHAiEAtGVwpN2NE-edMHRNI81GdUuOa7oSUErcr2DMC5F1DWA%3D
Protocol
HTTP/1.1
Server
2a00:1450:4001:16::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
5817a6169129989f0519ac6411629e13763f05e88c4e245d6466e1ffba511138
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:05 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 11 Feb 2022 21:17:51 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2502115/2502116
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2502116
Expires
Mon, 02 May 2022 12:14:05 GMT

Redirect headers

Date
Mon, 02 May 2022 12:14:05 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://rr4---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1651522444&ei=DMtvYrPKKNrVgQfxo6KICg&ip=217.64.151.6&id=cddeb8a4634b8d56&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=54.706&lmt=1644614271274037&txp=4532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAP9Ws34UHH2xTYz5e0Tjs2O19eePcNJ6VfabyLfB5J4IAiBM9ZuScEpGXj9I9DevIUBysLe6eM2Zkhg2zohc8CfP8w==&cpn=nRLeHMyjbfnmuwTL&redirect_counter=1&rm=sn-4g5ede7z&req_id=d59ff32d13da36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=y0&mip=2001:ac8:20:3b00:1011:b648:806c:f52d&mm=31&mn=sn-4g5ednd7&ms=au&mt=1651493585&mv=m&mvi=4&pl=49&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAJx1sfAXLYFyc8AT1iUe3SB4S7AFgLWLGhymj2xPi6UHAiEAtGVwpN2NE-edMHRNI81GdUuOa7oSUErcr2DMC5F1DWA%3D
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Mon, 02 May 2022 12:14:05 GMT
ThirdParty
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:types/ Frame 9E52 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7d7628a205cb2d3fbb20a6bd04e0a0c0631e143c2e6449b2eeaae4eccaa65d05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:05 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 03 May 2022 15:42:48 GMT
dc_pre=CPrUtaDlwPcCFR4cBgAd5L0L4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1432727364580.877
adservice.google.com/ddm/fls/z/ Frame A98B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPrUtaDlwPcCFR4cBgAd5L0L4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1432727364580.877
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPrUtaDlwPcCFR4cBgAd5L0L4Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1432727364580.877?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 91F4 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l2ooobz0&c=3869721273515&slotId=1934860636757.5&qqid=CLmfmKDlwPcCFRCpdwodLDILQw&gqid=DMtvYq6DF96X3gOV_pPYBw&fb=ima_html5-lima&sdkv=h.3.512.0&mrd=6&aab=1&itv=1&met.4=ghmsh_s.l2ooobz2~vss_tr.xo
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:82f::2003 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900028.redintelligence.net/ Frame AA68 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/viewability?s=23203200099418100951427011947028&a=a014933d&vb=m
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=23203200099418100951427011947028&a=f800686b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 Magdeburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/request_content.php?s=23203200099418100951427011947028&a=f800686b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:05 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame AA68 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/gif
beacon
ap.lijit.com/ Frame D8C2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13386848&gdpr_consent=&us_privacy=
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Mon, 02 May 2022 12:14:05 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
nginx
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap1ams1
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 91F4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CWWDODMtvYrnpGJDS3gOs5KyYBMeezudn_8rAlIkQsJAfEAEg7onMaWCV8v2BlAegAf_bisgDyAEF4AIAqAMBmAQEqgTAAk_QoJG7wVr0HFddqX-cEyFuZTPMgMFPaRZh2x6sMbXsG9uhdFCx91Lzr7kNGmGKINX6BbQFmwDzH7aan-sXTZ9vBKV-7xXMcciVqLyvUGZAeFArAlM2gbjj1TQps2UPF4tjTb4R4ctQMyWOmBuBZS6-PIp3HubKiSfVo8OWWssIvxi4EdvCjumfWXKkjzvakLphz_9S-lI-6ts-rJPuxHq5eEnSp2skD6Wu2FbOM1QKzQ9ik56l8cFIpeObphWP2VFQalsSIC85qGlPEL8LDSMEJC1hCCRB_tQ_X-hoqhoqmCsIZx34uCwE_j3p3bcZuWxe5rP1Gq0J65BdnWN1kki4f93_2FxEEGZaXYzodxG18xWYOAixAzW7pVshIHG-0gKmceGCUjXWWsPZkmB-6pentSCbbmsdAIDVD6YJ6iUkwATf-P7A8gPgBAGgBlSAB4eGvPICqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTgzMzU3NjgyNDY4NzA4MDexCXmXOMNDq6XEgAoDmAsByAsBuAwB2BML0BUB4hYCCAH4FgGAFwE&sigh=7w4N7ssIDwk&label=video_ad_loaded&acvw=&sdkv=h.3.512.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MjIxNDczNDIwNzIMNTgyNTkxMjY4NzQ2QKIDUh0QDyUAAGxCKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 91F4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.512.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 10:58:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
522922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 26 Apr 2023 10:58:43 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 91F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CCCOQDMtvYrnpGJDS3gOs5KyYBMeezudn_8rAlIkQsJAfEAEg7onMaWCV8v2BlAegAf_bisgDyAEF4AIAqAMBmAQEqgS9Ak_QoJG7wVr0HFddqX-cEyFuZTPMgMFPaRZh2x6sMbXsG9uhdFCx91Lzr7kNGmGKINX6BbQFmwDzH7aan-sXTZ9vBKV-7xXMcciVqLyvUGZAeFArAlM2gbjj1TQps2UPF4tjTb4R4ctQMyWOmBuBZS6-PIp3HubKiSfVo8OWWssIvxi4EdvCjumfWXKkjzvakLphz_9S-lI-6ts-rJPuxHq5eEnSp2skD6Wu2FbOM1QKzQ9ik56l8cFIpeObphWP2VFQalsSIC85qGlPEL8LDSMEJC1hCCRB_tQ_X-hoqhoqmCsIZx34uCwE_j3p3bcZuWxe5rP1Gq0J65BdnWN1kki4f93_2FxEEGZaXYzodxG18xWYYAlDJj_RCnqz-dFR7JtJAy1RYf8t9_Txm05mfURshupqyn4xGFtR-JiQwATf-P7A8gPgBAGgBlSAB4eGvPICqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCq1XaoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTgzMzU3NjgyNDY4NzA4MDeACgPICwHCEwYY_9uKyAPYEwvQFQHiFgIIAYAXAbIXHgocCAASFHB1Yi01NzgxNTMxMjA3NTA5MjMyGOe2bQ&sigh=Fk54rFMg6QM&cmd=Ch1jYS1nYW1lcy1wdWItNTc4MTUzMTIwNzUwOTIzMhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&sdkv=h.3.512.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 91F4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CpEK6DMtvYrnpGJDS3gOs5KyYBMeezudn_8rAlIkQsJAfEAEg7onMaWCV8v2BlAegAf_bisgDyAEF4AIAqAMBmAQEqgS9Ak_QoJG7wVr0HFddqX-cEyFuZTPMgMFPaRZh2x6sMbXsG9uhdFCx91Lzr7kNGmGKINX6BbQFmwDzH7aan-sXTZ9vBKV-7xXMcciVqLyvUGZAeFArAlM2gbjj1TQps2UPF4tjTb4R4ctQMyWOmBuBZS6-PIp3HubKiSfVo8OWWssIvxi4EdvCjumfWXKkjzvakLphz_9S-lI-6ts-rJPuxHq5eEnSp2skD6Wu2FbOM1QKzQ9ik56l8cFIpeObphWP2VFQalsSIC85qGlPEL8LDSMEJC1hCCRB_tQ_X-hoqhoqmCsIZx34uCwE_j3p3bcZuWxe5rP1Gq0J65BdnWN1kki4f93_2FxEEGZaXYzodxG18xWYYAlDJj_RCnqz-dFR7JtJAy1RYf8t9_Txm05mfURshupqyn4xGFtR-JiQwATf-P7A8gPgBAGgBlSAB4eGvPICqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTgzMzU3NjgyNDY4NzA4MDeACgPICwHYEwvQFQHiFgIIAfgWAYAXAQ&sigh=TeGACLm-MqA&cmd=Ch1jYS1nYW1lcy1wdWItNTc4MTUzMTIwNzUwOTIzMhAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D925%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D894,1114,1195,1595%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D54659%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1143%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D861357578%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1606%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.07%26t%3D1651493644970&sdkv=h.3.512.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MjIxNDczNDIwNzIMNTgyNTkxMjY4NzQ2QKIDUiAQDyUAAGxCKAE6B3Vua25vd25CB3Vua25vd25I9AJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 91F4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUrApExD6lydJtiWdPUMsGzS5igdvtw8qR467ZecYYvGQr7gjjMormREyleyYPUznRCpgNWq38G63J-6beVfu6PUgYC59gEv7OQPw4cKq_J2qvSR5a-4FDozsP&sai=AMfl-YRZqi7aXURp7wU-gyNp0cVlF0PcDDrEQoGoiCei3x_HHhr5Rlk5FKiemD7t85DnYf_nQvy77Nd4A91BQVjckXGdGNp9HXasPlflZMU9f0iI768SF380GoLTkfBx&sig=Cg0ArKJSzP9CufBhQ2KFEAE&cid=CAASF-RokTNCoB8-peRAi-jhFFMjt_RVXrjD&id=lidarv&acvw=sv%3D925%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D894,1114,1195,1595%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D54659%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1143%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D861357578%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1607%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.07%26t%3D1651493644970&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 91F4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CpEK6DMtvYrnpGJDS3gOs5KyYBMeezudn_8rAlIkQsJAfEAEg7onMaWCV8v2BlAegAf_bisgDyAEF4AIAqAMBmAQEqgS9Ak_QoJG7wVr0HFddqX-cEyFuZTPMgMFPaRZh2x6sMbXsG9uhdFCx91Lzr7kNGmGKINX6BbQFmwDzH7aan-sXTZ9vBKV-7xXMcciVqLyvUGZAeFArAlM2gbjj1TQps2UPF4tjTb4R4ctQMyWOmBuBZS6-PIp3HubKiSfVo8OWWssIvxi4EdvCjumfWXKkjzvakLphz_9S-lI-6ts-rJPuxHq5eEnSp2skD6Wu2FbOM1QKzQ9ik56l8cFIpeObphWP2VFQalsSIC85qGlPEL8LDSMEJC1hCCRB_tQ_X-hoqhoqmCsIZx34uCwE_j3p3bcZuWxe5rP1Gq0J65BdnWN1kki4f93_2FxEEGZaXYzodxG18xWYYAlDJj_RCnqz-dFR7JtJAy1RYf8t9_Txm05mfURshupqyn4xGFtR-JiQwATf-P7A8gPgBAGgBlSAB4eGvPICqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTgzMzU3NjgyNDY4NzA4MDeACgPICwHYEwvQFQHiFgIIAfgWAYAXAQ&sigh=TeGACLm-MqA&cmd=Ch1jYS1nYW1lcy1wdWItNTc4MTUzMTIwNzUwOTIzMhAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D925%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D894,1114,1195,1595%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D54659%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1143%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D861357578%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1609%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.07%26t%3D1651493644970&sdkv=h.3.512.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MjIxNDczNDIwNzIMNTgyNTkxMjY4NzQ2QKIDUiAQDyUAAGxCKAE6B3Vua25vd25CB3Vua25vd25I9AJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 91F4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.512.0&e=44750822%2C44757675%2C44761692&id=ima_html5&c=2262153682658037&domain=www.mtgassist.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 91F4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CpEK6DMtvYrnpGJDS3gOs5KyYBMeezudn_8rAlIkQsJAfEAEg7onMaWCV8v2BlAegAf_bisgDyAEF4AIAqAMBmAQEqgS9Ak_QoJG7wVr0HFddqX-cEyFuZTPMgMFPaRZh2x6sMbXsG9uhdFCx91Lzr7kNGmGKINX6BbQFmwDzH7aan-sXTZ9vBKV-7xXMcciVqLyvUGZAeFArAlM2gbjj1TQps2UPF4tjTb4R4ctQMyWOmBuBZS6-PIp3HubKiSfVo8OWWssIvxi4EdvCjumfWXKkjzvakLphz_9S-lI-6ts-rJPuxHq5eEnSp2skD6Wu2FbOM1QKzQ9ik56l8cFIpeObphWP2VFQalsSIC85qGlPEL8LDSMEJC1hCCRB_tQ_X-hoqhoqmCsIZx34uCwE_j3p3bcZuWxe5rP1Gq0J65BdnWN1kki4f93_2FxEEGZaXYzodxG18xWYYAlDJj_RCnqz-dFR7JtJAy1RYf8t9_Txm05mfURshupqyn4xGFtR-JiQwATf-P7A8gPgBAGgBlSAB4eGvPICqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTgzMzU3NjgyNDY4NzA4MDeACgPICwHYEwvQFQHiFgIIAfgWAYAXAQ&sigh=TeGACLm-MqA&cmd=Ch1jYS1nYW1lcy1wdWItNTc4MTUzMTIwNzUwOTIzMhAAGAI&label=admute&ad_mt=0&acvw=sv%3D925%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D894,1114,1195,1595%26tos%3D12,0,0,0,0%26mtos%3D12,12,12,12,12%26amtos%3D0,0,0,0,0%26mcvt%3D12%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D12%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D12%26pst%3D-1%26dur%3D54659%26vmtime%3D-1%26dvs%3D12%26dfvs%3D12%26dvpt%3D12%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1143%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D861357578%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1613%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,12&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.07%26t%3D1651493644970&sdkv=h.3.512.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU1MjIxNDczNDIwNzIMNTgyNTkxMjY4NzQ2QKIDUiAQDyUAAGxCKAE6B3Vua25vd25CB3Vua25vd25I9AJQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
605878f5f30a503e1331208a
track.venatusmedia.com/impression/aniview/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.venatusmedia.com/impression/aniview/605878f5f30a503e1331208a?geocountry=DE&cpm=2.83958&domain=mtgassist.com&width=481&height=301&creativeid=6194ed43f97be53aae3d1446&impcnt=2&runcnt=1&loadid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.249.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-249-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.mtgassist.com&rs=www.mtgassist.com&sid=19041&t=1651493642&cip=217.64.151.6&sn=&tgt=0&osv=10&bv=81.0&brn=Chrome&wi=481&he=301&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&aafaid=&proto=https&uid=1651493642983-960676122315-005456-005-006906&cha=0.7&stagid=&stplid=&d35=&d36=6.2.16&cb=15349204908&cd19=217.64.151.6&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&AV_WIDTH=481&AV_HEIGHT=301&asid=6194ed43f97be53aae3d1446&pid=5f2063121d82c82557194737&cid=605878f5f30a503e1331208a&h=1a0504037e958101e13abde97a072260d899e120&d9=1000&ad=59&vi=100&ofpr=2.83958&imid=b970d6265bad648cdec615b62bcb5d32_1723163178_32302304_1&e=impression&cb=1651493643235&ad=59&vi=100&d4=1&d5=2&d1=vpaid&fv=3&stk=1&cb=1651493643602
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.mtgassist.com&rs=www.mtgassist.com&sid=19041&t=1651493642&cip=217.64.151.6&sn=&tgt=0&osv=10&bv=81.0&brn=Chrome&wi=481&he=301&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&aafaid=&proto=https&uid=1651493642983-960676122315-005456-005-006906&cha=0.7&stagid=&stplid=&d35=&d36=6.2.16&cb=15349204908&cd19=217.64.151.6&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&AV_WIDTH=481&AV_HEIGHT=301&asid=6194ed43f97be53aae3d1446&pid=5f2063121d82c82557194737&cid=605878f5f30a503e1331208a&h=1a0504037e958101e13abde97a072260d899e120&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=2.83958&imid=b970d6265bad648cdec615b62bcb5d32_1723163178_32302304_[AVC_WFCYCLE]&e=start&d1=vpaid&fv=3&cb=1651493643602
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
crum
dsum-sec.casalemedia.com/ Frame EF8B 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=7015a432-bd58-4829-80e0-2e9ab95fce86&expiration=1659442445
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 May 2022 12:14:05 GMT
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 5A33 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
291258
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 03:19:47 GMT
expires
Sat, 29 Apr 2023 03:19:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
258.json
id5-sync.com/g/v2/ 		213 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/258.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.99.210 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3213307.ip-141-95-99.eu
Software
/
Resource Hash
e8a695aa611d4e5d4da951f7a69b49336b2346b336a54666c6393d0409c0c9bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:04 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
794afe90f63d7aa445fbe970fa89e27b9b3c65be645bc8428a5cac21f54a6ed4

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 02 May 2022 12:14:05 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.mtgassist.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 01 Jun 2022 12:14:05 GMT
envelope
api.rlcdn.com/api/identity/ 		0
0
IgzTz77AOrXN1Rxxl6vifLkaj7bdZbRVkxAQRHJ0_jQ.js
pagead2.googlesyndication.com/bg/ Frame 5A33 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IgzTz77AOrXN1Rxxl6vifLkaj7bdZbRVkxAQRHJ0_jQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
220cd3cfbec03ab5cdd51c7197abe27cb91a8fb6dd65b455931010447274fe34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 11:24:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
2991
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13585
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 02 May 2023 11:24:14 GMT
truncated
/ 		492 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/svg+xml
track_enc
track.venatusmedia.com/dual/ 		16 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.249.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-249-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.mtgassist.com
date
Mon, 02 May 2022 12:14:05 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
async_usersync
ib.adnxs.com/ Frame B581 		0
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:05 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9c3366f8-2eaa-4dd7-9476-24e56ae1e8c6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A33 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.512.0&bgai=Bx9GGDMtvYrnpGJDS3gOs5KyYBAAAAAA4AboFEwiuuZag5cD3AhXei3cKHRX_BHs&bg=!xcalxoLNAAZNIUvJbSE7ACkAdvg8WmsC6hy7FwaT-f_Sauc49rzJ6MdkVeMTSY3J9i236dFDQs3bKAIAAABgUgAAAAJoAQcKADQvJCd_JbeVNJN0WVWYk8YW6uumlkzqHdjtPQ2-y393YrgF0zxVKTfkI5pmSHQ7EEpGaw77mQJKqYVfGOeVzZSDvd8Z5Q2rgZzLRR55Rj6j01q4AqJZD8ut1DieDxGMIRHJbR1tPQPh-30c_hayhisXmbSOjSzHfz3Xd1fkA-wTaiifIvWRvJCXgWjf4UoTih52d2ioduiY_ycq7OgOSZ6gFXoNiTUPfw-jWW9HwnjEycqnu_f_P93r0VI6FKNYjl9Z5vQAI9Q56xGis4qYr0PbkJkldC-5Ko5L2tfzCDb1SnZXEtCV2Hl94-J-yQ_pAkyxFp1rVpIb5C5l2LScaoJh_4oWYY5svwCpe9GmCWL4De5DFpmwcmaQ0n6J2X4b4b83yHzXtYBrA2oL7RCTzBedOxLHikJUslGNuAozbwGzY6oqm00q5UWfgvvyu2wm6rir4NETVkY1zuW1BiOtavoj3WPhdk4faoLGM0hOOWjPy1ztAuB6oWUlZPKZdwQcpc7OOHNoBCSaqZ0pQVd4_Go2qYt5MwjCX7jDVnLMcubhdt68Dx5AAnMdtAuSAY5eBQK4yt7e90ZxfbWT1subc92zcr69mRDsfOLxezYN_xEaYyZEEWVn0RqWomzTbrj9olxtBTD11jksH-_hBOS4Ymr-w7-s-VrZ8-SbWJ9JOzo1yrE16qjBl90gR59Z89_EnUokAGr0ftS5oPAlbWWtgnCfhEzJ_Sag3758HMd7XJJT6BVrrdqPmb1Pzsy4jVJS036aV-j_vJhzI7Ce5HJeCSd80TNzWsE5HFSYqLAgNruXdN2iD_ZLSoEmJ0gy0mXO-DrJJ_8XTGVBbOfb415g8DZMug
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playback
s.youtube.com/api/stats/ Frame 91F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=44750822%2C44757675%2C44761692&el=adunit&cpn=nRLeHMyjbfnmuwTL&docid=zd64pGNLjVY&visitordata=CgtPeDdRYUlQN1lTbw%253D%253D&ver=2&cmt=0.191&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.mtgassist.com%2F&len=54.660&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=81.0.4044.138&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::71 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame BBA5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujyiPZZOW937WfsqC-A7TJ5PHZcZORI5JbiU__iuT6ABrZR8c659Zs1uUE38bCkZzQBOUkRbG2k1KnQ1_vn3Cw&sig=Cg0ArKJSzK6Q51JQOIQEEAE&id=lidar2&mcvt=1000&p=369,355,459,1325&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2992654026&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651493644013&rpt=572&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request.php
ad.ad-srv.net/ Frame D970
Redirect Chain
  • https://ad.ad-srv.net/request.php?zone=nv4fll3xpam7&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYm_LCwAKx2MGUIF2_wZysQ%26exch_seat%3D6986995588%26mt_...
  • https://ad.ad-srv.net/request.php?zone=nv4fll3xpam7&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYm_LCwAKx2MGUIF2_wZysQ%26exch_seat%3D6986995588%26mt_...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/request.php?zone=nv4fll3xpam7&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYm_LCwAKx2MGUIF2_wZysQ%26exch_seat%3D6986995588%26mt_aid%3D8589085817903287329%26mt_id%3D8043938%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_cid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCg1x0C8tvYtWyJqDa7_UPgMi9qAaM2Y2bXPyg_8ddwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQngAgCoAwGqBLACT9DKp_6Tu1cgMUp87KQJKY8HX9sBzURcCUKMyskWgBr0s55nw4RI-VJQQhvIb4FMivKaN521T5LHfGVsHh8esQryHYbpXhZySS5mL2Fb8EC1_JPd1bktI9w0h5e411sdeXkJ3S-9SJ6IAHpzQ_HYkLxIN-B__kXe3jGxKDUWa44rTxd1vmmXn7WwSutf2l-iazMYZegepS-NYhtr217l7eBxdy_zDVEQGQ_nnnH_OcsDgowsxlZy7xskbXLQoBdsIWQV-smkO1ZlNOR8n10A7Fk_9vCIT4wYAQCBbOw-mf-FVBW9a8qm5hd-FcfuIy3eBoi-pHZqw5X_mEV1wXtzj6XjIqw_q-z2lfklwp5Fhhx7Q8dKMcsZf2D8wAe-Hzof7y2j71aHCORhr8iNQ2z3WeAEAYAGxuSVuN2Pyc-XAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi04MzM1NzY4MjQ2ODcwODA3-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0MXpsxkYfOmItIRJUyOyB7VRyqhQ%2526client%253Dca-pub-5781531207509232%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8589085817903287329&random=8589085817903287329&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:adx&extVar[]=MM_DOM_RTB:www.mtgassist.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.mtgassist.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mtgassist.com&uidRedirect=1
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
a6854fbece2454950a018c4548a4cea6636455085920abe5c40de815e47b9746

Request headers

Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1812
Content-Type
text/html; charset=utf-8
Date
Mon, 02 May 2022 12:14:05 GMT
Expires
Mon, 02 May 2022 13:14:05 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-NEORY-SubId
26008500102591401530483011947027

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 May 2022 12:14:05 GMT
Expires
Mon, 02 May 2022 13:14:05 +0200
Location
request.php?zone=nv4fll3xpam7&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYm_LCwAKx2MGUIF2_wZysQ%26exch_seat%3D6986995588%26mt_aid%3D8589085817903287329%26mt_id%3D8043938%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_cid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCg1x0C8tvYtWyJqDa7_UPgMi9qAaM2Y2bXPyg_8ddwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQngAgCoAwGqBLACT9DKp_6Tu1cgMUp87KQJKY8HX9sBzURcCUKMyskWgBr0s55nw4RI-VJQQhvIb4FMivKaN521T5LHfGVsHh8esQryHYbpXhZySS5mL2Fb8EC1_JPd1bktI9w0h5e411sdeXkJ3S-9SJ6IAHpzQ_HYkLxIN-B__kXe3jGxKDUWa44rTxd1vmmXn7WwSutf2l-iazMYZegepS-NYhtr217l7eBxdy_zDVEQGQ_nnnH_OcsDgowsxlZy7xskbXLQoBdsIWQV-smkO1ZlNOR8n10A7Fk_9vCIT4wYAQCBbOw-mf-FVBW9a8qm5hd-FcfuIy3eBoi-pHZqw5X_mEV1wXtzj6XjIqw_q-z2lfklwp5Fhhx7Q8dKMcsZf2D8wAe-Hzof7y2j71aHCORhr8iNQ2z3WeAEAYAGxuSVuN2Pyc-XAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi04MzM1NzY4MjQ2ODcwODA3-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0MXpsxkYfOmItIRJUyOyB7VRyqhQ%2526client%253Dca-pub-5781531207509232%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8589085817903287329&random=8589085817903287329&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:adx&extVar[]=MM_DOM_RTB:www.mtgassist.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.mtgassist.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mtgassist.com&uidRedirect=1
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
js
sync.mathtag.com/sync/ Frame 0497 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/js?sync=auto&source=bidder&mt_lim=1&type=1&synclist=4&gdpr=1&gdpr_consent=li
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.200.232.253 Frederick, United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4335 2c68c00 master ord-pixel-x21 config:1.0.0 /
Resource Hash
771957f63bc498e3daa54fd8de9657465c25607bab295bca374a267d6db684f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:06 GMT
Content-Encoding
gzip
Server
MT3 4335 2c68c00 master ord-pixel-x21 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Type
text/javascript
Expires
Mon, 02 May 2022 12:14:05 GMT
img
pixel.mathtag.com/event/ Frame 0497 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=8589085817903287329&v3=746345&v4=5637254&v5=8043938&mt_nsync=1&no_attr=1
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4281 354de82 master cdg-pixel-x25 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:05 GMT
Server
MT3 4281 354de82 master cdg-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 02 May 2022 12:14:04 GMT
img
tags.mathtag.com/event/ Frame 0497 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=8589085817903287329&st=5637254&time=1651493645&nodeid=3012
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.246 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.309.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:06 GMT
Server
MMBD/3.309.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
pao-router-x92, cdg-bidder-x176
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Mon, 02 May 2022 12:14:05 GMT
all
csm.eu.criteo.net/ Frame 3825 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=0sVhqrYSoVVQZY1W26E9ug99WM8iIvUrF2sxhorooumwygLqu0J9dt2hteU_beh1dk8FfPxP9AbtaTfGjdIvKaiZuc8E6dFtdYuxU3Jb51IBbRxm8AHBAi4zuOmcydYQJgX-NoQAt2-PxSZnY65QLtg07z5Fp256Yj2K5-yXTVXmXhUH4Iu1URK_c5aiVkV6Y7yK8OjaNTXQsFFJJZNcwssh69T7JL7JSzXOzIRG-Hhu0uKx_cYLERvisyCo7cWfUU_nwA&sds=2&rev=81333&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym_LCwAJka4H_ZEyAAXP3l8y6mFildp5Y8_Osg&u=%7CBzVZYg500vnItuVbx914aLVdl8uceAC9LVCyjiIphpw%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wc1b9wvkAbttAaTKBCY_f4f9O886aTioGMjD8RJ-VTqXZcxg6AF2RqeDkglPeIqQpG0UPs0hvDekrcxZll6v0WqZFOjX_hrTKw2Z0G3Emq62lhlS6J9rejoWLJ6csQRXkiqPrs2wdMptSkQaO5mRMyFnPLn3TieaDJzycRrGFuU4-FABEtoWjM6UqQL3lUDcYshnF9fYcV2YKAJwbM2E6v2EbTus4KHYwZofGHdtTIqHW0T4uluJ7rCJhWZZhp0hDT6LQZVI2XiEC7htAqQdSX5SO20qETm5yyVvAdqrQlhSvTPekmAmcdEvDpPnVMNbiRiUCOKONTtF6JS64NL1C_qaL0UZsG6Qn3mJvy6FPH_W0aC9VRg0EHnpeL-zdfDpfLxLWdLKOVWsbDKFUIS13J3&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC44ttC8tvYq6jJrKi9u8P3p-X4AjJntKxXNWdkfdwwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzKgAdW20uoDyAEJqQLUoFAnKauxPuACAKgDAaoEqQJP0PVic48qoU0NCPsdzsp610HUlm7BxoZEKqht9F7J2bgCP7g8zVqudUH_T27zTbEzJJnUIvDp5VGkcox94KhmBZ10YnNh71NMlDekmGkU4QDaT7wRXVTb80Ld4EttnOrqwbWjpzBCtJezj6BNVOsywYUDhgoIn-YRECAy9WMCv3jjrtbSGmz39kf6XN8shnOrMQLBEb4prW-iUeTeFdJVr1DYfg9SFf9kbQr0wI29X9Z78ki_ByXpheuh6dtnRlmBQJY7Hw3tSKANh_DJuhcfkE4XZSrlTZbVYhaa8Tio0oDoBCv5WNbdD-sOXCeaoFWXZCP35l3Na5nnKEfm--KapMsIA05fRX4Ph93SOjLI2p7Ebz0aLxsf0zuFpa-yiZKZvxhPu3jWMcbgBAGABvKIpb2rguuHyQGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tODMzNTc2ODI0Njg3MDgwN_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0epbnEhrD0v_ZxY7Hntv53AaE51g%26client%3Dca-pub-5781531207509232%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 02 May 2022 12:14:05 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042601&jk=1109375537492533&bg=!GhmlGV3NAAZNIUvJbSE7ACkAdvg8WkipvUIGbFQ4XCFxbZShFIMku5lByQQBUuKnyuguXGJznn1byAIAAAH5UgAAAAloAQcKACfXsUUHsDDtQKpaABMsmFxjIvag7dlddkwqSiJeN1crZSwbAZaj75eZApeseC8KGObuAo_tZ5LRP-MkSpMewPOetcXtCwwACOllkgKfAXFfr-1I3DrkzGQRkaoj1HB5kOcN2GmT5ns2ri6CG-Li1O60KkZN4z8lNGSqiRF9bm7jAtI6uM07tB_Dj1D8RuLZAMewaqUly1zuMVSI645yiYcioLsuZ-sGRecOL6IY_iEfgBgJXIFyfttb7J--Kg3iOnwTjBwQDynCIWt7qPTqXBfSbTocBAe4COtr9ywEGxF_w0utV-1YOERMyh5iYx_FcmoUXOfW0BMKyFgm5pyiPUfiQ-zpGDy9ViTgujSabbApVntm6xdCWqERviOiJ8k5XSdasSyNzFmFftv-tlbSB3oI_Gaw6-CXoH9Hdl8nEjgPF6WNR9_zpAoWmV6eUrmSklmbDske38MhSC_eoRKI5KnF00xOgjx7AqDOYNRi68-twfWUJwSgcuFjI6jscofGRRkG7-S-t0d4Y_YXwQyWCEctt8QRn-dCD9N5deEX8kAaEOLOwUjwPAzYLG3MS6jSE3oKu8WzQOJFpxLEls3ncQsu7MWD3GiHTSaRvX8KzP0is28LJgGL8Q0nu2hzhf5V33BFhnaYbkmC2wle2ziRWMgZ9IFmne33y-YIHUmNiNyb3xoJEiaMFxeY_Dys2dvXaTj0vFfb2T6vhna4inLeCwMigXauEkFGx_d8CZt0oFDiyQEbuixB1w9xe5JDfVsHat8CkPFQUn-ZIX09r4lVVb-lTLa8jvC7ACicH8I-FrJVrnAbf3n3SmyNbhIxZFYyouSWYxUkXOMjBrlNh5by9hnaJI3XXT4MRLtmbS-f3EAzMPsIq4ZJPDjQxoCAHoWiktcQYxCZIusTScOae7Vwc-xO9adWrJ1g28mRnCeoJyJAoC8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers
vevent
ams1-ib.adnxs.com/ Frame 6427 		0
836 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.mtgassist.com%2Fselfdefensive%2Fchasefix%2Fsecure%2F494161211%2Fsignin.php&e=wqT_3QLnCuhnBQAAAwDWAAUBCIqWv5MGELaShMjT8rfbbhgAKjYJ203wTdNnuz8R-g7Zm3NLtz8ZAAAAgML1BEAh-g0SACkRJMgxAAAAQOF6pD8w092SCjimBkAdSAhQ7uCohgFYl76TAWAAaIUdeNbtBYABAYoBA1VTRJIFBvQFAZgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIf4ALukAHqAkxodHRwczovL3d3dy5tdGdhc3Npc3QuY29tL3NlbGZkZWZlbnNpdmUvY2hhc2VmaXgvc2VjdXJlLzQ5NDE2MTIxMS9zaWduaW4ucGhwgAMAiAMBkAMAmAMXoAMBqgOmBgrdBWh0dHA6Ly90YWdzLm1hdGh0YWcuY29tL25vdGlmeS9pbWc_ZXhjaD1hcG4mc19leGNoPWFwbiZpZD01YVc5NXEyakx6SXpMeUF2VGtSWk0xa3lVbTFhYWxGMFRVUkJkMDFETUhkTlJFRjNURlJCZDAxRVFYUk4FEAhVUkIJEARkTgEQ8LZMemcxT0Rrd09EVTRNVFEyTnpBMk9EazROekF2TmpZeU1qTTVNeTgwTlRZeU16RXlMekV6TDFCbGJYcFJRV0ZTTTBJMWRWSkdSRUZ1WWpOS1VIbE9aMVZZWjNkMVZqazJSamxLWVZKa1lWSXdUVVV2TVM4eE15OHdMekF2T1RVMk9EQXpMek0yTkRRNE9EZzRNemd2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVINxABSBcQMVFVNdw3UBE1WESAMRTFFUQ3kGfQMY3ZNQwl8CQhm_ACwZW5Kb0x6QXZNVE01TUM4MU9TODVPVGt2TXpJeUx6SXhOeTQyTkM0eE5URXVNAVREakF3TUM4eE5qVXhORGt6TmpRISwsMk5URTFNRFl5TkRJAUzwaXZPREEyTHcveFFoV1dsNXF3ZnpHUWwtZHlHMzFsSWZoQWJRJm5vZGVpZD0xNjI0Jmdyb3VwPXpyaCZhdWN0aW9uaWQ9ODU4OTA4NTgxNDY3MDY4OTg3MCZzaGFyZGtleT04NTg5MDg1ODEdHfBxcHJpY2U9JHtBVUNUSU9OX1BSSUNFfSZuZnlfYWN0PUxENXdmM1UmYmZpcD0xODUuMjkuMTMzLjE2MSZzaWQ9NDU2MjMxMiZjaWQ9NjYyMjM5MyZzcmM9YXBpJnR5cGU9bnVybCZjbGllbnQ9czJzEhM4RoUA8LwaEzc5Nzc4MDk2MjE5MzI5MDI3MTAiCTI4MTY4NjEyNioGMTAxOTM2Ogc2NjIyMzkzwAOsAsgDANgDwfK_AeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwyMTcuNjQuMTUxLjaoBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBO7gqIYBiAUBmAUAoAXMzL_eu7b8oDzABQDJBQAAAAAAAPA_0gUJCQAFDHgAANgFAeAFAfAF-csh-gUECAAQAJAGAJgGALgGAMEGCSQs8D_QBvmrAdoGFgoQCRIZAYAQABgA4AYB8gYCCACABwGIBwCgBwGqBwY2NTE4NzG6Bw8BUkwYACAAMAA4xAZAAMgH1u0F0gcNCRFDAUEI2gcGCSdA4AcA6gcCCADwB45tiggCEAA.&s=fb0830f758185a5fba2ac1f9b2312b8cb4c56e1a&type=pv&jm=1003&px=50&py=661&bw=160&bh=600&sf=0.9&sid=5233883171824280804&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21278419&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 02 May 2022 12:14:06 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b9a19baa-7d00-43a4-af8d-c6aa8285a630
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.mtgassist.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
viewability
ad27.ad-srv.net/ Frame D970 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad27.ad-srv.net/viewability?s=26008500102591401530483011947027&a=b2618629&vb=m
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nv4fll3xpam7&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYm_LCwAKx2MGUIF2_wZysQ%26exch_seat%3D6986995588%26mt_aid%3D8589085817903287329%26mt_id%3D8043938%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_cid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCg1x0C8tvYtWyJqDa7_UPgMi9qAaM2Y2bXPyg_8ddwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQngAgCoAwGqBLACT9DKp_6Tu1cgMUp87KQJKY8HX9sBzURcCUKMyskWgBr0s55nw4RI-VJQQhvIb4FMivKaN521T5LHfGVsHh8esQryHYbpXhZySS5mL2Fb8EC1_JPd1bktI9w0h5e411sdeXkJ3S-9SJ6IAHpzQ_HYkLxIN-B__kXe3jGxKDUWa44rTxd1vmmXn7WwSutf2l-iazMYZegepS-NYhtr217l7eBxdy_zDVEQGQ_nnnH_OcsDgowsxlZy7xskbXLQoBdsIWQV-smkO1ZlNOR8n10A7Fk_9vCIT4wYAQCBbOw-mf-FVBW9a8qm5hd-FcfuIy3eBoi-pHZqw5X_mEV1wXtzj6XjIqw_q-z2lfklwp5Fhhx7Q8dKMcsZf2D8wAe-Hzof7y2j71aHCORhr8iNQ2z3WeAEAYAGxuSVuN2Pyc-XAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi04MzM1NzY4MjQ2ODcwODA3-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0MXpsxkYfOmItIRJUyOyB7VRyqhQ%2526client%253Dca-pub-5781531207509232%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8589085817903287329&random=8589085817903287329&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:adx&extVar[]=MM_DOM_RTB:www.mtgassist.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.mtgassist.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mtgassist.com&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:06 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
request.php
ad.ad-srv.net/ Frame 2A9D
Redirect Chain
  • https://ad.ad-srv.net/request.php?zone=2ejum3p2es36&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=10c17ccc9833tj_4NLPxs_oTY_C7KwXLgUUofkiwRYQWoytoZZ1tsnlW10KFAtYj1kfI...
  • https://ad.ad-srv.net/request.php?zone=2ejum3p2es36&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=10c17ccc9833tj_4NLPxs_oTY_C7KwXLgUUofkiwRYQWoytoZZ1tsnlW10KFAtYj1kfI...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/request.php?zone=2ejum3p2es36&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=10c17ccc9833tj_4NLPxs_oTY_C7KwXLgUUofkiwRYQWoytoZZ1tsnlW10KFAtYj1kfIkdDUsidtGWYhUjK98rrJNKnSxYBvHC7aR-8jLyYWIZOPmdTKjEVbzYjj6XayjCoXEToY6StI_IeJ8d62M0q7gVVfacRuWQB9cWBwoVhHzO3DrgF-BEDRwNXfxwySNr&subid=26008500102591401530483011947027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fpevsgqtobneeew2%3Ftprde%3D&uidRedirect=1
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nv4fll3xpam7&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYm_LCwAKx2MGUIF2_wZysQ%26exch_seat%3D6986995588%26mt_aid%3D8589085817903287329%26mt_id%3D8043938%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_cid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCg1x0C8tvYtWyJqDa7_UPgMi9qAaM2Y2bXPyg_8ddwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQngAgCoAwGqBLACT9DKp_6Tu1cgMUp87KQJKY8HX9sBzURcCUKMyskWgBr0s55nw4RI-VJQQhvIb4FMivKaN521T5LHfGVsHh8esQryHYbpXhZySS5mL2Fb8EC1_JPd1bktI9w0h5e411sdeXkJ3S-9SJ6IAHpzQ_HYkLxIN-B__kXe3jGxKDUWa44rTxd1vmmXn7WwSutf2l-iazMYZegepS-NYhtr217l7eBxdy_zDVEQGQ_nnnH_OcsDgowsxlZy7xskbXLQoBdsIWQV-smkO1ZlNOR8n10A7Fk_9vCIT4wYAQCBbOw-mf-FVBW9a8qm5hd-FcfuIy3eBoi-pHZqw5X_mEV1wXtzj6XjIqw_q-z2lfklwp5Fhhx7Q8dKMcsZf2D8wAe-Hzof7y2j71aHCORhr8iNQ2z3WeAEAYAGxuSVuN2Pyc-XAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi04MzM1NzY4MjQ2ODcwODA3-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0MXpsxkYfOmItIRJUyOyB7VRyqhQ%2526client%253Dca-pub-5781531207509232%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8589085817903287329&random=8589085817903287329&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:adx&extVar[]=MM_DOM_RTB:www.mtgassist.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.mtgassist.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mtgassist.com&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
2ca746371125d4bc66d8f9014563cc43213ace988a6c2ba7398230e9717fd620

Request headers

Referer
https://ad.ad-srv.net/request.php?zone=nv4fll3xpam7&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYm_LCwAKx2MGUIF2_wZysQ%26exch_seat%3D6986995588%26mt_aid%3D8589085817903287329%26mt_id%3D8043938%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_cid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCg1x0C8tvYtWyJqDa7_UPgMi9qAaM2Y2bXPyg_8ddwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQngAgCoAwGqBLACT9DKp_6Tu1cgMUp87KQJKY8HX9sBzURcCUKMyskWgBr0s55nw4RI-VJQQhvIb4FMivKaN521T5LHfGVsHh8esQryHYbpXhZySS5mL2Fb8EC1_JPd1bktI9w0h5e411sdeXkJ3S-9SJ6IAHpzQ_HYkLxIN-B__kXe3jGxKDUWa44rTxd1vmmXn7WwSutf2l-iazMYZegepS-NYhtr217l7eBxdy_zDVEQGQ_nnnH_OcsDgowsxlZy7xskbXLQoBdsIWQV-smkO1ZlNOR8n10A7Fk_9vCIT4wYAQCBbOw-mf-FVBW9a8qm5hd-FcfuIy3eBoi-pHZqw5X_mEV1wXtzj6XjIqw_q-z2lfklwp5Fhhx7Q8dKMcsZf2D8wAe-Hzof7y2j71aHCORhr8iNQ2z3WeAEAYAGxuSVuN2Pyc-XAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi04MzM1NzY4MjQ2ODcwODA3-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0MXpsxkYfOmItIRJUyOyB7VRyqhQ%2526client%253Dca-pub-5781531207509232%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8589085817903287329&random=8589085817903287329&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:adx&extVar[]=MM_DOM_RTB:www.mtgassist.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.mtgassist.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mtgassist.com&uidRedirect=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1566
Content-Type
text/html; charset=utf-8
Date
Mon, 02 May 2022 12:14:06 GMT
Expires
Mon, 02 May 2022 13:14:06 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-NEORY-SubId
81352100102592101649447011947027

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 May 2022 12:14:06 GMT
Expires
Mon, 02 May 2022 13:14:06 +0200
Location
request.php?zone=2ejum3p2es36&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=10c17ccc9833tj_4NLPxs_oTY_C7KwXLgUUofkiwRYQWoytoZZ1tsnlW10KFAtYj1kfIkdDUsidtGWYhUjK98rrJNKnSxYBvHC7aR-8jLyYWIZOPmdTKjEVbzYjj6XayjCoXEToY6StI_IeJ8d62M0q7gVVfacRuWQB9cWBwoVhHzO3DrgF-BEDRwNXfxwySNr&subid=26008500102591401530483011947027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fpevsgqtobneeew2%3Ftprde%3D&uidRedirect=1
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
truncated
/ Frame D970 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/cynamics/tools/js/ Frame D970 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nv4fll3xpam7&renderingType=html&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYm_LCwAKx2MGUIF2_wZysQ%26exch_seat%3D6986995588%26mt_aid%3D8589085817903287329%26mt_id%3D8043938%26mt_adid%3D234495%26mt_sid%3D5637254%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_cid%3D7526626f-cb0c-4200-a714-19a2c358c1b7%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCg1x0C8tvYtWyJqDa7_UPgMi9qAaM2Y2bXPyg_8ddwI23ARABIABglfL9gZQHggEXY2EtcHViLTU3ODE1MzEyMDc1MDkyMzLIAQngAgCoAwGqBLACT9DKp_6Tu1cgMUp87KQJKY8HX9sBzURcCUKMyskWgBr0s55nw4RI-VJQQhvIb4FMivKaN521T5LHfGVsHh8esQryHYbpXhZySS5mL2Fb8EC1_JPd1bktI9w0h5e411sdeXkJ3S-9SJ6IAHpzQ_HYkLxIN-B__kXe3jGxKDUWa44rTxd1vmmXn7WwSutf2l-iazMYZegepS-NYhtr217l7eBxdy_zDVEQGQ_nnnH_OcsDgowsxlZy7xskbXLQoBdsIWQV-smkO1ZlNOR8n10A7Fk_9vCIT4wYAQCBbOw-mf-FVBW9a8qm5hd-FcfuIy3eBoi-pHZqw5X_mEV1wXtzj6XjIqw_q-z2lfklwp5Fhhx7Q8dKMcsZf2D8wAe-Hzof7y2j71aHCORhr8iNQ2z3WeAEAYAGxuSVuN2Pyc-XAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi04MzM1NzY4MjQ2ODcwODA3-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0MXpsxkYfOmItIRJUyOyB7VRyqhQ%2526client%253Dca-pub-5781531207509232%2526adurl%253D%26mt_lp%3Dhttps%253A%2F%2Fwww.kaspersky.de%2F%26redirect%3D&subid=5637254_8589085817903287329&random=8589085817903287329&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=MM_SSP:adx&extVar[]=MM_DOM_RTB:www.mtgassist.com&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&documentReferer=https%3A%2F%2Fwww.mtgassist.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mtgassist.com&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3112796.ip-54-36-108.eu
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:06 GMT
Last-Modified
Tue, 03 May 2016 20:55:13 GMT
Server
nginx
ETag
"57291031-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
iframe
sync.mathtag.com/sync/ Frame 690C 		652 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.mathtag.com/sync/iframe?mt_uuid=7526626f-cb0c-4200-a714-19a2c358c1b7&no_iframe=1&synclist=4&mt_lim=1&type=1&gdpr=1&gdpr_consent=li&source=bidder
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.200.232.253 Frederick, United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4335 2c68c00 master ord-pixel-x48 config:1.0.0 /
Resource Hash
4c5325edabfb7a618fea7fb98d21d0940c941d4533c4e337923515685808a056

Request headers

Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
close
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 02 May 2022 12:14:06 GMT
Expires
Mon, 02 May 2022 12:14:05 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4335 2c68c00 master ord-pixel-x48 config:1.0.0
img
sync.mathtag.com/misc/ Frame 0497 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/misc/img?mm_bnc&gdpr=1&gdpr_consent=li&bcdv=0
Requested by
Host: 5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
URL: https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.200.232.253 Frederick, United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4335 2c68c00 master ord-pixel-x54 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:06 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x54 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 02 May 2022 12:14:05 GMT
22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_234x60.png
media.kaspersky.com/de/affiliates/ Frame 2A9D
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2519511&v=14098&q=379074&r=559379&pv=0&pref1=81352100102592101649447011947027
  • https://media.kaspersky.com/de/affiliates/22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_234x60.png
17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kaspersky.com/de/affiliates/22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_234x60.png
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=2ejum3p2es36&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=10c17ccc9833tj_4NLPxs_oTY_C7KwXLgUUofkiwRYQWoytoZZ1tsnlW10KFAtYj1kfIkdDUsidtGWYhUjK98rrJNKnSxYBvHC7aR-8jLyYWIZOPmdTKjEVbzYjj6XayjCoXEToY6StI_IeJ8d62M0q7gVVfacRuWQB9cWBwoVhHzO3DrgF-BEDRwNXfxwySNr&subid=26008500102591401530483011947027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fpevsgqtobneeew2%3Ftprde%3D&uidRedirect=1
Protocol
H2
Server
185.85.15.31 , Germany, ASN200107 (KL-EXT, CH),
Reverse DNS
Software
/ Kaspersky Labs, Kaspersky Labs
Resource Hash
856852b25e43cc608bab831b720a6360c85817aeaa21a0aff8e5130205f13fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 14 Jan 2022 13:27:39 GMT
server
x-powered-by
Kaspersky Labs, Kaspersky Labs
etag
"c684b7804a9d81:0"
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
x-server
fr2/FRA3
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
17190
date
Mon, 02 May 2022 12:14:06 GMT

Redirect headers

Date
Mon, 02 May 2022 12:14:06 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://media.kaspersky.com/de/affiliates/22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_234x60.png
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
viewability
ad27.ad-srv.net/ Frame 2A9D 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad27.ad-srv.net/viewability?s=81352100102592101649447011947027&a=36495cee&vb=m
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=2ejum3p2es36&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=10c17ccc9833tj_4NLPxs_oTY_C7KwXLgUUofkiwRYQWoytoZZ1tsnlW10KFAtYj1kfIkdDUsidtGWYhUjK98rrJNKnSxYBvHC7aR-8jLyYWIZOPmdTKjEVbzYjj6XayjCoXEToY6StI_IeJ8d62M0q7gVVfacRuWQB9cWBwoVhHzO3DrgF-BEDRwNXfxwySNr&subid=26008500102591401530483011947027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fpevsgqtobneeew2%3Ftprde%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:06 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
cshow.php
www.awin1.com/ Frame C6A4 		43 B
702 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=2519511&v=14098&q=379074&r=559379&pv=1&pref1=81352100102592101649447011947027
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=2ejum3p2es36&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=10c17ccc9833tj_4NLPxs_oTY_C7KwXLgUUofkiwRYQWoytoZZ1tsnlW10KFAtYj1kfIkdDUsidtGWYhUjK98rrJNKnSxYBvHC7aR-8jLyYWIZOPmdTKjEVbzYjj6XayjCoXEToY6StI_IeJ8d62M0q7gVVfacRuWQB9cWBwoVhHzO3DrgF-BEDRwNXfxwySNr&subid=26008500102591401530483011947027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fpevsgqtobneeew2%3Ftprde%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ad.ad-srv.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 02 May 2022 12:14:06 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
truncated
/ Frame 2A9D 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/hofe/tools/js/ Frame 2A9D 		851 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=2ejum3p2es36&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=10c17ccc9833tj_4NLPxs_oTY_C7KwXLgUUofkiwRYQWoytoZZ1tsnlW10KFAtYj1kfIkdDUsidtGWYhUjK98rrJNKnSxYBvHC7aR-8jLyYWIZOPmdTKjEVbzYjj6XayjCoXEToY6StI_IeJ8d62M0q7gVVfacRuWQB9cWBwoVhHzO3DrgF-BEDRwNXfxwySNr&subid=26008500102591401530483011947027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fpevsgqtobneeew2%3Ftprde%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3112796.ip-54-36-108.eu
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:06 GMT
Last-Modified
Fri, 05 Aug 2016 12:57:29 GMT
Server
nginx
ETag
"57a48d39-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
viewability
hal900028.redintelligence.net/ Frame AA68 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900028.redintelligence.net/viewability?s=23203200099418100951427011947028&a=a014933d&vb=v
Requested by
Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=23203200099418100951427011947028&a=f800686b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.165.19 Magdeburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.19.165.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900028.redintelligence.net/request_content.php?s=23203200099418100951427011947028&a=f800686b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:06 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
img
sync.mathtag.com/misc/ Frame 690C 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/misc/img?mm_bnc&gdpr=1&gdpr_consent=li&bcdv=0
Requested by
Host: sync.mathtag.com
URL: https://sync.mathtag.com/sync/iframe?mt_uuid=7526626f-cb0c-4200-a714-19a2c358c1b7&no_iframe=1&synclist=4&mt_lim=1&type=1&gdpr=1&gdpr_consent=li&source=bidder
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.200.232.253 Frederick, United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 4335 2c68c00 master ord-pixel-x27 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.mathtag.com/sync/iframe?mt_uuid=7526626f-cb0c-4200-a714-19a2c358c1b7&no_iframe=1&synclist=4&mt_lim=1&type=1&gdpr=1&gdpr_consent=li&source=bidder
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date
Mon, 02 May 2022 12:14:06 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x27 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
43
Expires
Mon, 02 May 2022 12:14:05 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 91F4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUrApExD6lydJtiWdPUMsGzS5igdvtw8qR467ZecYYvGQr7gjjMormREyleyYPUznRCpgNWq38G63J-6beVfu6PUgYC59gEv7OQPw4cKq_J2qvSR5a-4FDozsP&sai=AMfl-YRZqi7aXURp7wU-gyNp0cVlF0PcDDrEQoGoiCei3x_HHhr5Rlk5FKiemD7t85DnYf_nQvy77Nd4A91BQVjckXGdGNp9HXasPlflZMU9f0iI768SF380GoLTkfBx&sig=Cg0ArKJSzP9CufBhQ2KFEAE&cid=CAASF-RokTNCoB8-peRAi-jhFFMjt_RVXrjD&id=lidarv&acvw=sv%3D925%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D894,1114,1195,1595%26tos%3D2043,0,0,0,0%26mtos%3D2043,2043,2043,2043,2043%26amtos%3D0,0,0,0,0%26mcvt%3D2043%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2043%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D435%26pst%3D427%26dur%3D54659%26vmtime%3D1950%26dtos%3D2043%26dtoss%3D1%26dvs%3D2031%26dfvs%3D2031%26dvpt%3D2031%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D1143%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D861357578%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D3645%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2043&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1651493644970
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 May 2022 12:14:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.mtgassist.com&rs=www.mtgassist.com&sid=19041&t=1651493642&cip=217.64.151.6&sn=&tgt=0&osv=10&bv=81.0&brn=Chrome&wi=481&he=301&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&aafaid=&proto=https&uid=1651493642983-960676122315-005456-005-006906&cha=0.7&stagid=&stplid=&d35=&d36=6.2.16&cb=15349204908&cd19=217.64.151.6&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&AV_WIDTH=481&AV_HEIGHT=301&asid=6194ed43f97be53aae3d1446&pid=5f2063121d82c82557194737&cid=605878f5f30a503e1331208a&h=1a0504037e958101e13abde97a072260d899e120&d9=1000&ad=59&vi=100&ofpr=2.83958&imid=b970d6265bad648cdec615b62bcb5d32_1723163178_32302304_1&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=3&cb=1651493643602
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.mtgassist.com&rs=www.mtgassist.com&sid=19041&t=1651493642&cip=217.64.151.6&sn=&tgt=0&osv=10&bv=81.0&brn=Chrome&wi=481&he=301&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&aafaid=&proto=https&uid=1651493642983-960676122315-005456-005-006906&cha=0.7&stagid=&stplid=&d35=&d36=6.2.16&cb=15349204908&cd19=217.64.151.6&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&AV_WIDTH=481&AV_HEIGHT=301
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f2063121d82c82557194737
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mtgassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 02 May 2022 12:14:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
img
pix.eu.criteo.net/img/ Frame 3825 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=16367&q=80&r=0&u=https%3A%2F%2Funo-production.s3.amazonaws.com%2Fchannable-images%2Fabsolventa-new%2F185.jpg&v=3&w=800&s=YIL2MBCLiSNqWoytDrqyhdYs&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f7924d6014a6aeaa8ec611e0257111c9d4eeed3655bbe5715c9897a72d9f4d4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:07 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
23162
expires
Thu, 27 Apr 2023 12:14:08 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.mtgassist.com&rs=www.mtgassist.com&sid=19041&t=1651493642&cip=217.64.151.6&sn=&tgt=0&osv=10&bv=81.0&brn=Chrome&wi=481&he=301&app=&AV_PUBLISHERID=5f2063121d82c82557194737&test=&aafaid=&proto=https&uid=1651493642983-960676122315-005456-005-006906&cha=0.7&stagid=&stplid=&d35=&d36=6.2.16&cb=15349204908&cd19=217.64.151.6&cd18=51.29930&cd17=9.49100&d9=1000&d37=realtime&AV_WIDTH=481&AV_HEIGHT=301&asid=6194ed43f97be53aae3d1446&pid=5f2063121d82c82557194737&cid=605878f5f30a503e1331208a&h=1a0504037e958101e13abde97a072260d899e120&d9=1000&ad=59&vi=100&ofpr=2.83958&imid=b970d6265bad648cdec615b62bcb5d32_1723163178_32302304_1&e=sec3&vi=100&d1=vpaid&fv=3&cb=1651493643602
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.74.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-74-25.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:08 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 2F9A 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: www.mtgassist.com
URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mtgassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Mon, 02 May 2022 12:14:10 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 03 May 2022 12:14:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.mtgassist.com
URL
https://www.mtgassist.com/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A0%2Cc%3A9%2Cr%3A561)
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=2173

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails string| GoogleAnalyticsObject function| ga function| $ function| jQuery number| totalAnswers number| correctAnswers number| keyupCooldown function| getSets function| getSuggestNames function| cleanUp function| resetForm object| jQuery111104376521000040512 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO object| __VM object| googletag object| atsScript object| ggeac object| google_js_reporting_queue object| ats undefined| google_measure_js_timing object| uponit object| Criteo function| AVEvtMgr function| avPlayer object| sas object| apntag object| _ADAGIO object| storageAni object| ONFOCUS object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| freewheelssp_cache object| GoogleGcLKhOms number| google_global_correlator object| VM_API object| ampInaboxIframes object| ampInaboxPendingMessages object| closure_lm_688990 object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 number| lnt_z object| google_image_requests

54 Cookies

Domain/Path Name / Value
.mtgassist.com/ Name: visid_incap_2778846
Value: okQN5F/XR3mL69wxDH8N8wjLb2IAAAAAQUIPAAAAAAAFnNLlsdbfqIrsHq3ZvgR1
.mtgassist.com/ Name: incap_ses_273_2778846
Value: qtPbZRHasF92UBYXrOTJAwjLb2IAAAAA6ePT29vw29XHjfrPufFpsQ==
www.mtgassist.com/ Name: PHPSESSID
Value: dlq62n7kp2fu085j08prodh4g6
.mtgassist.com/ Name: _ga
Value: GA1.2.1590815441.1651493642
.mtgassist.com/ Name: _gid
Value: GA1.2.1096837154.1651493642
.mtgassist.com/ Name: _gat
Value: 1
www.mtgassist.com/ Name: _lr_geo_location
Value: DE
www.mtgassist.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.mtgassist.com/ Name: sharedid
Value: a203c1f7-b51b-489a-a22e-bebff08be1c3
.rubiconproject.com/ Name: khaos
Value: L2OOOA4D-6-MB7A
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1ZVT/6owuBukHau3iET1N0BmQvWiFCZkLHQJWDSP5VGWii+llCjz24r3YnT+cTCQbnNQ2U5JQpeeBxGCOXoSK1sZfJKn1bN2jc6UO785F0Pw==
.adnxs.com/ Name: uuid2
Value: 220355848885538439
prebid.a-mo.net/ Name: __amc
Value: 1_1651493642_1651493642
.aniview.com/ Name: aniC
Value:
.mtgassist.com/ Name: _pubcid
Value: 62da746c-55db-466d-9fca-72cd80352c44
.a-mo.net/ Name: amuid2
Value: ad27140b-8145-473c-a672-2b3ad06cb770
.adnxs.com/ Name: icu
Value: ChgIuYY1EAoYASABKAEwi5a_kwY4AUABSAEKGAjcxHcQChgBIAEoATCKlr-TBjgBQAFIARCLlr-TBhgB
.spotxchange.com/ Name: audience
Value: 5b242e78-ca11-11ec-9c9f-1dbc55590006
ads.stickyadstv.com/ Name: UID
Value: f7fe32b67b851fc991e8045bed6fb8
.doubleclick.net/ Name: IDE
Value: AHWqTUnnacrYQqWzJuNm6g-3fNGcqhTgWmT4HsT8qVlnJey-MZZvkTJik1Jm8yOCvfM
ads.stickyadstv.com/ Name: sessionId
Value: d2587c2dd486a41f813d88d73034c3
.bidswitch.net/ Name: tuuid
Value: 0bfc70da-bf4a-4f03-84d0-80207a569d6a
.bidswitch.net/ Name: c
Value: 1651493644
.bidswitch.net/ Name: tuuid_lu
Value: 1651493644
.fwmrm.net/ Name: _uid
Value: "l15ce_7093111190532475155"
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: faf61c8f95301959
ads.stickyadstv.com/ Name: uid-bp-36033
Value: l15ce_7093111190532475155
ads.stickyadstv.com/ Name: MRM_UID
Value: l15ce_7093111190532475155
.casalemedia.com/ Name: CMID
Value: Ym-LDMW3j-Wtzw549MkP6AAA
.casalemedia.com/ Name: CMPS
Value: 5200
.casalemedia.com/ Name: CMPRO
Value: 1164
.mtgassist.com/ Name: __gads
Value: ID=8d83ccfe65f20f22:T=1651493644:S=ALNI_MZ_DLWOXPftZVHyXp-jAQmDzUPhMA
.criteo.com/ Name: uid
Value: c36ad595-517f-482b-ba28-5b6ce89908ca
.yahoo.com/ Name: A3
Value: d=AQABBAzLb2ICENEMBcX7bfiHnCWkPkVHWG4FEgEBAQEccWJ5YgAAAAAA_eMAAA&S=AQAAAnA_xLj7hdyMyQvOmjxnu9Y
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Ym-LDQAY5FU-tQAy
.casalemedia.com/ Name: CMST
Value: Ym-LDGJvyw0A
.eqads.com/ Name: EQUser
Value: UID=7015a432-bd58-4829-80e0-2e9ab95fce86
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&826f06da-7db1-4e35-81b8-2d991274b58d"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTE0OTM2NDQ7MjswMjF+I3X/V802x4uEv3k6S5pEhXr0ikCQ7XlHVKva3pukcQ==
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2576:u=1:x=1:i=1651493645:t=1651580045:v=2:sig=AQFGNTldInibz88Kk_zmLB3JbBDPLYLH"
.mtgassist.com/ Name: cto_bundle
Value: 03qmXV9UN3czUDN5UWN0c01wSTk3YkN5b3hkYktjemFybnAlMkY0V0pPJTJCRjBGTldwbXVLZzlzSyUyRmxUV1JqWDJkMHM5eEVkQ0pLczh1Y2x6JTJCd29hMWdHMGV6ZWVSR3U1dDM3M1JnWiUyRiUyQjklMkJjTVh0cnpRaWt0VWVIU2F6aUM3ZEJLWGpMV1NrZ3htenp6QXlkc2MzTHBNTWZyOEk5ZyUzRCUzRA
www.mtgassist.com/ Name: _lr_retry_request
Value: true
www.mtgassist.com/ Name: _lr_env_src_ats
Value: false
.casalemedia.com/ Name: CMRUM3
Value: 28626fcb0d27607015a432-bd58-4829-80e0-2e9ab95fce86&27626fcb0c0b40&e6626fcb0c2760&41626fcb0c05a0&58626fcb0d2760Ym-LDQAY5FU-tQAy&ce626fcb0c05a0&2d626fcb0d2760CAESECkeFwHAmQHjC1y2Bqdl7Eg&f1626fcb0c05a0
www.mtgassist.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-05-02T12%3A14%3A05%22%7D
.amazon-adsystem.com/ Name: ad-id
Value: AyLJDhU4sUbMjvmd6XKPy9M
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.mathtag.com/ Name: uuid
Value: aba4626f-cb0d-4801-91b2-5dd47d33ca34
.ad-srv.net/ Name: u8x7eovwf3h6_uid
Value: bd1fd3ef78e9790e
.ad-srv.net/ Name: v0rur7gqspb3_uid
Value: 6979de3dbcd27e5b
.awin1.com/ Name: AWSESS
Value: 379079:2519511
.awin1.com/ Name: awpv14098
Value: 559379|1651493646|5ce418f3-ca11-11ec-846a-22327fa6aa8b
.mathtag.com/ Name: mt_misc
Value: mt_bt:1

6 Console Messages

Source Level URL
Text
network error URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.go.sonobi.com/uc.html?pubid=
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://pbs.aniview.com/setuid?bidder=amx&gdpr=1&gdpr_consent=&uid=ad27140b-8145-473c-a672-2b3ad06cb770&gdpr=1&us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://www.mtgassist.com/selfdefensive/chasefix/secure/494161211/signin.php
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=2173' from origin 'https://www.mtgassist.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=2173
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
5994599.fls.doubleclick.net
5ad2ec81e5b1c3e550201f507b32b4e0.safeframe.googlesyndication.com
acdn.adnxs.com
ad.ad-srv.net
ad27.ad-srv.net
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ams1-ib.adnxs.com
ap.lijit.com
api.rlcdn.com
ats.rlcdn.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cat.fr.eu.criteo.com
cdn.adnxs.com
cdn.contentspread.net
cdn.id5-sync.com
cdn1.vntsm.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
d1oykxszdrgjgl.cloudfront.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
ghent-aws-fr.bidswitch.net
go1.aniview.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900028.redintelligence.net
hb-api.omnitagjs.com
hb.vntsm.com
hb.vntsm.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
media.kaspersky.com
mp.4dex.io
mug.criteo.com
pagead2.googlesyndication.com
pbs.aniview.com
pix.eu.criteo.net
pixel.mathtag.com
pixel.rubiconproject.com
player.aniview.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prg.smartadserver.com
pubads.g.doubleclick.net
px.ads.linkedin.com
rr4---sn-4g5e6nzs.googlevideo.com
rr4---sn-4g5ednd7.googlevideo.com
rtb.fr.eu.criteo.com
s.amazon-adsystem.com
s.youtube.com
s0.2mdn.net
s1.adform.net
script.4dex.io
search.spotxchange.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.aniview.com
sync.go.sonobi.com
sync.mathtag.com
tags.mathtag.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track.venatusmedia.com
track1.aniview.com
u.openx.net
um2.eqads.com
ups.analytics.yahoo.com
venatusmedia-d.openx.net
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.mtgassist.com
yt3.ggpht.com
api.rlcdn.com
www.mtgassist.com

104.111.239.217
107.154.165.29
108.138.3.177
108.138.7.28
13.32.99.122
141.95.99.210
142.250.181.226
142.250.185.70
142.250.186.66
147.75.38.124
151.101.130.49
151.101.65.108
151.139.128.11
176.9.26.250
178.162.133.149
178.250.0.157
178.250.0.160
178.250.0.162
178.250.2.131
178.250.2.135
18.134.84.24
18.156.0.31
18.156.195.47
18.157.121.66
185.255.84.151
185.33.221.88
185.33.221.89
185.59.220.198
185.64.189.112
185.64.190.78
185.85.15.31
185.86.138.16
185.94.180.124
2.18.233.201
2.18.234.233
209.54.180.144
216.200.232.253
23.205.235.133
23.32.59.34
23.35.236.188
23.35.236.201
23.35.236.247
23.88.75.188
2600:9000:2250:6600:0:1651:6140:21
2602:803:c004:200::141
2606:4700:10::ac43:2483
2606:4700:20::681a:9a9
2606:4700::6811:180e
2606:4700::6812:372
2606:4700::6812:bcf
2607:f8b0:4004:82f::2003
2620:1ec:22::14
2a00:1288:80:807::1
2a00:1450:4001:16::9
2a00:1450:4001:4c::9
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2006
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c08::71
2a00:1450:400c:c0c::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:2638::2
2a02:2638::b
2a02:26f0:3500:58c::2c79
2a02:fa8:8806:12::1370
2a05:d018:d29:3602:1744:43d5:1f:d994
3.122.83.195
3.232.80.154
3.33.220.150
3.67.109.223
34.225.54.194
34.226.74.25
34.95.69.49
34.98.64.218
35.172.49.77
35.244.174.68
37.157.5.142
37.157.5.72
46.105.202.126
52.29.29.160
52.45.92.187
52.48.249.60
52.49.221.146
54.36.108.3
69.173.144.138
69.173.144.139
72.251.249.14
74.121.143.246
78.46.111.106
88.99.165.19
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
070ff3266929b3d35ef13250d3f34a568caa8798e1ec1d05da6cfa6d86f214e1
07da28929f6d4cb8894de074ff1ae095860bf6686c7bb3024168c6c8e5e65ad8
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cc0e58c44e1b652dd178a87e27421fee882dcada713e26c7d48dbad42608436
0ea21f2479a400bc515feb701ea2a13ff46cbe94daa418050068984e2ff44b3c
0edddd93864a2a7f63d3aad8f36b7efa8b43341feaea904a7438dacdb39c568c
10f231669f0f7b205fcc97c62715b525b2e91f78341c6b18fea15c0728365580
11c0003e75436b1d503a28cf9952730a39ef933d17c136f6f27bbd2999665af9
12724de89d2a37c61afe715489221b16707e682eff9acd3840a48b07623ecbb4
15262021520489f73230865be192ad34663ac9e4b300f69743107e4d961701a6
15c4184ca87a62ab093685595606d5891e2143ab50a1babf12ac68ef071f498f
15ecaff1214b5e817498b8ea0eb587407bfaf13608cd59803fd249c2d2aa8247
162b1208a0de40191e59a9117e69f9b0a8eb0cdf69d33977e43cc9aa1483392d
163cd32347b0ab98e2cd60e11b9659dea33237338d2151e5d7985bda94e69359
185b56498e15895bda8fcc3709f7d7868328c1fce4ffd3777d598b458f8b4199
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
19ede6d9e804c8651d1a03850401c29716427827ad0aa2308ce140c076d2c566
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d86ad203d9f732075a57918233257f12d7689499451b75db4bf8318b54b50d3
1e5d98f91f8e7be1e8fd176b3d85a0fdab01571c60d031652ad3151085b9eb45
208c463eeb39ad507407b8dce2dc448ead822040627ce2d1ce8e5d3054772fab
220cd3cfbec03ab5cdd51c7197abe27cb91a8fb6dd65b455931010447274fe34
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0
2533c1b185a7e0421556b09be87d52b121d17b9a220e62e031040af7218d8020
282e6548c56f8ae5d6c8eac90942853dabd60a2c5d332233cd564e870b223e1f
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2a0e3d3ad30f6cb241b860f442ececca299c9f1b6f01ea6c2f192054cb33fa51
2aefb6bf71b3962323adb8a111ac0dfb824523bd7a7f1384a04cd20bb9e28477
2b89b758d1cb6afc0db18f7732cf603280dfbaff7647fe3a9fb424b2cd322f8d
2ca746371125d4bc66d8f9014563cc43213ace988a6c2ba7398230e9717fd620
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
311ea7b938b62b08cb7dfd8c39c51ce54b97f1ed7321db235fb834e0a9e79de1
37c44114a58e74df558f428fb349f6680ced7d4e2ff8bf01bac5edb5f16cbaea
3800831a2d4781bd5a823ceaf19e2269a0bf8f3b19fea75b0f8f7f7da8c89cdd
3866cda787a601914dcbbf8ee26819471bca0178c29c41cddb2cb12fc8ebe0f3
397375e1cf974deed6de31655068818c8e52827234138e83d29385edbdc13aa3
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f620240574f055974f5b8bce40d73521c62556fccf6d70761fc42b78504f566
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43700b9800ddc7b26ee1bf46a878b942908a720bd48a1809163d3a26de2944c8
43dcaaeec67514593c85fa9692e6e062fc484d420c7a17cc5f429c5ed087aff3
495fd632c4fc43c185bdd7d11f45c96b5cd831a3788c0a98f466e943bfe9346e
4c5325edabfb7a618fea7fb98d21d0940c941d4533c4e337923515685808a056
4d723fab3d36b51625c639048b46143642d3b5f153d8f13cb9abd47c37decdf2
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4ed318db35c5f69af7305536516e10419a8a2ce9459ff38149fad2a5602c1c
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5399c388f01bcc2570da65a867e326faa27d8c3edc8733ba79991622e0f8a579
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b4860c717e979b2430a96f1f38d519c7d19c7b30390508804067c8e0ea002a
5817a6169129989f0519ac6411629e13763f05e88c4e245d6466e1ffba511138
5931640f48b2094ee8640f3bfcd83b19d2b46ad10bb1d7759e47adc146e9a938
5a9f9b8fdda3dc64dc104281767edc8ce0798cd76bfc307c17a7c7b4db115c86
61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6217a6683781067bee8963328bc5b9faa318bcfa1d2a5452640318473e3f7169
624c0f78f96e997479fd6fbfe1879d0aea79682739bda26274db3f3d4a990663
6660f3c2212e9b1c8852f57f35951d03e30d6c9d65595dc7088db04a6a0c6e3b
67b5149e118833c325f62559db1efb40d9047c5f6ea3e8e12685e28a2545f717
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd502a8668a696e39591d71dd2006dcb29e89b608d4a3fe916e53ab8d94eb08
729080883e35ad5e2b60cf343ac3a14d454b6f4b99b26ee257646a6dc8d9a682
72c17699bea85355e109d6f5fff3075fe116f25218c43aa42cac5b589b50993c
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
737bcf01718084e638ef3888eb859cd404dbc47395ff73bcd2f824783f3c0bf3
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
749f6925a5b8a730dda70bf71cc5f819820dcc1df2a38728536839b830fea8cb
76aed71dd53c1b95006fab01d4e9c26b12917fe7bddfbd9cf9f8d1edb285cae2
771957f63bc498e3daa54fd8de9657465c25607bab295bca374a267d6db684f6
77f859610d4fe5b7350322e515a7a3c94fe1587dbf56ad975dad85fd8f0cf33a
794afe90f63d7aa445fbe970fa89e27b9b3c65be645bc8428a5cac21f54a6ed4
79d431b461501cd9c8e6e88195fe905f558af92eb5cfc9476688283250d7771b
7a12bcefbd71667211185313fb2258501463408c5aaa407ca129cdfb66cc3a7d
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7d7628a205cb2d3fbb20a6bd04e0a0c0631e143c2e6449b2eeaae4eccaa65d05
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
8240ffa8b38561018aee657f06f8d3fedf7fd8862add2b7c370f3feb27751c3b
82fd992226fd8c7b227fe0b42c2bcf53ee85d798f89fee3f39f0df41f0b710e4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8351bb02af88f3a9193a07b04344f812f763804beeebdbdcda0ea0492933ffe7
856852b25e43cc608bab831b720a6360c85817aeaa21a0aff8e5130205f13fc4
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e02885d1f79469ee0011840af2062d3a20b915af1a2949e729563440d227f94
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ec9bf9d53b623bd771405dd29fb5c8ffa5e6283dada217fa8998c08bbf8b522
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
90885ecbd565f2511e2704714a6bdb36dbd4697faff1f766abe7c3ae55b40bc3
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9373556c315280b756fbe5e357153b8b34d73c3da1a92367a1018561912d4a3a
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
9497456fe888329a8f11cc7ee747eb5f3667017ad2131010f3c0445d3434df4e
95d3073105313580bb2f7f8ee61573268617bdf05317eb91df7d442e24491eb4
96c9992d1ec87ffdd418ee91ba8270b3e2ae8f87e4d533957f2a86a7b46c4ba2
9923c21a262dcfbd59f9381aae0b1d6d75ec32232e6ffed690ce87ad110083a1
9af9ac85d5996fcede598fd22696875fb1b5ae0bd49a8552d51c7807851152fd
9cfba3921ecf4ed58d1edcae260479e69f486b21478826d518c32a8146bcbd52
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a181a613a6eeab77259b1d6537f82fd28f4cb38fa41e43af8d1677a3542e74bf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3cbcd2fa2f9b8da2ef98034da44f3b35396886994573f8db4203604ac304d6a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6854fbece2454950a018c4548a4cea6636455085920abe5c40de815e47b9746
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
accb281e9495938ff08c6a41271d5fbc61a78b607df78083bba6c058c9a74c39
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad7d8319a77e1c991ddde63231363c86f7b2d6e930294cbb98e4cc1cd8a3e9c3
ae3224c2db8bfa6370eeb9b8e669a60a771ef1dcca97bf6b97c78bfad48f4e5e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af6b452dbae06aa2a3016b05bc4407282edfb4334a5ac070c7f98f0c6284c1db
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b189f27c6f3637f74c86eb930e2ad5e30b6b3163de6535cd4cb6f48eb87faa88
b8b84045ab761b4387ff0de8a05ebe71cbd7edd7a6cd9ea801155f87c189b9a8
b9679042414cc35772f80039703512138353e60e021fbb8e650c9a9030a8cd15
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
c04a83ae25226e7088eb7429ce5ceed8b58f58d9aa4bfb75cda4316634fc24fc
c18bf742d43f5001e3fbed77a9b8fad628f55c0722b37018254eeee14adfeb31
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c30f2c703bba46d1b7113ae88bd27837794279be28382f10c784bc40f3de0a1f
c58a111fd2860f93c351a6f171376d39c1f42c40ad5f47ad6eb20875da357e0f
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c6667b27a86ac23a367455040e0f24fe43f2495f05c20bf6000bde9ab030632e
c75e3d704c24984ab4e26281004162b1711e6645a5516bf319186d2491f5ff31
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c96ee0c808964796354172829915fe82c3fe8d3e32fbeafab37ed1af1606046a
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cabf1fea7267e97d6f32fefa55907ee0feefa98b89b553b4ee86ac465699e096
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cea49a136c78be3548459ed926e5e8eb640b23540a3959645dbef2b7d762d964
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0f68fdcfdafa1d8fa2041ef6341bcdad37d1ba0dfb8bad18c6976b5936c2fbd
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d4ef51144a6f8f03d7cb3e90c127fc09f4a90c7dc90a3ecc8a7a2a8f99127e6a
d5de26586f229a5a18502ff48346bf7a44d92e261179733dae4865b6dfc7183a
d8d70667fde366fa63025b694384f09179e02807d81df72592f1088ed3a51905
e0d154e31e8804876ba7c8569938d629ffce434940c956481c07bc40133c5088
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e6b6d3682b37472ecaa0b339f8c68859a158bbb12ad02f36e0231249c2ae7922
e8a695aa611d4e5d4da951f7a69b49336b2346b336a54666c6393d0409c0c9bf
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec2097b234e37d8c99c758a004780408f0df4e45c8117f98258874320581d5d3
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed1c0c1cdd860aba33271f99aabf84e07c2ee798e3c7b483d2187f41c4e1624d
ee855f3ccb82320c60a41dc81036c550100edacdd84f274ff47f764d3e11d72d
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effe0001c7a3773ab2b6f0f27cc0ab97c59c923d5f622de366e02cc1ee6d9a4e
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f33150cd05f3a9d23726a15067e03693187bfa238bd6ed389bf95e7f992ea826
f38d84cdb7574e63b7b1e1fddbc3b97863370bbd68c642016a01582b1945ce69
f3cb177ce74e578294d6c335cbd932775db31eeb4759931516088b3c216548a0
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7924d6014a6aeaa8ec611e0257111c9d4eeed3655bbe5715c9897a72d9f4d4c
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
ff1930813a01cfac4fcb0076476e1987869263ff6e6399884439d2f8b5009156
ff328469342c1e074efa84b7f514ef2379c6f8526bd3c3f2a8afd0ee9f3da461