exego.app Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://exego.app/hhN2Dtj
Submission: On June 29 via manual (June 29th 2024, 9:43:55 pm UTC) from CL — Scanned from NL

Summary HTTP 129 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 59 IPs in 9 countries across 52 domains to perform 129 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is exego.app.
TLS certificate: Issued by GTS CA 1P5 on June 2nd 2024. Valid for: 3 months.

This is the only time exego.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	161.35.253.218 161.35.253.218	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	172.67.139.32 172.67.139.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.132.86 13.224.132.86	16509 (AMAZON-02) (AMAZON-02)
1	3.160.150.43 3.160.150.43	16509 (AMAZON-02) (AMAZON-02)
3	104.21.42.147 104.21.42.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.49.145.45 185.49.145.45	35415 (WEBZILLA) (WEBZILLA)
6	2606:4700:20:... 2606:4700:20::681a:744	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
3	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4471	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.126.23.23 3.126.23.23	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 7	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
6	165.227.253.30 165.227.253.30	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	5.135.209.96 5.135.209.96	16276 (OVH) (OVH)
3	2607:f350:3:2... 2607:f350:3:2569:0:10:0:200a	27630 (AS-XFERNET) (AS-XFERNET)
1	185.239.172.170 185.239.172.170	55081 (24SHELLS) (24SHELLS)
3	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
3	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3	52.210.134.254 52.210.134.254	16509 (AMAZON-02) (AMAZON-02)
3	3.71.164.184 3.71.164.184	16509 (AMAZON-02) (AMAZON-02)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.83.69.58 185.83.69.58	55081 (24SHELLS) (24SHELLS)
1	2a0c:5c87:524... 2a0c:5c87:5241::2	55081 (24SHELLS) (24SHELLS)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1 3	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	18.244.18.114 18.244.18.114	16509 (AMAZON-02) (AMAZON-02)
4 5	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1	18.66.112.41 18.66.112.41	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.94 143.204.98.94	16509 (AMAZON-02) (AMAZON-02)
2	13.32.27.44 13.32.27.44	16509 (AMAZON-02) (AMAZON-02)
2 4	193.3.178.4 193.3.178.4	399668 (E-PLANNING-) (E-PLANNING-)
1	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 _) (CDN77 _)
2	184.30.16.195 184.30.16.195	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	23.32.100.25 23.32.100.25	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.83.71.234 185.83.71.234	55081 (24SHELLS) (24SHELLS)
1	2a01:4f8:262:... 2a01:4f8:262:3e04::2	24940 (HETZNER-AS) (HETZNER-AS)
1 1	54.159.1.74 54.159.1.74	14618 (AMAZON-AES) (AMAZON-AES)
5	2607:f350:3:2... 2607:f350:3:2569:0:10:0:200c	27630 (AS-XFERNET) (AS-XFERNET)
1 1	216.200.232.249 216.200.232.249	6461 (ZAYO-6461) (ZAYO-6461)
1	52.95.115.255 52.95.115.255	16509 (AMAZON-02) (AMAZON-02)
2 2	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	108.128.111.241 108.128.111.241	16509 (AMAZON-02) (AMAZON-02)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
2 4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1	172.64.146.152 172.64.146.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
129	59

8 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

exego.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

exe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 161.35.253.218 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

served-by.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.139.32 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cuty.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdntechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.132.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-132-86.lhr3.r.cloudfront.net

sentativesathya.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-43.fra60.r.cloudfront.net

getrunkhomuto.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.42.147 (None, )

ASN13335 (CLOUDFLARENET, US)

rgeredrubygs.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.49.145.45 (Netherlands)

ASN35415 (WEBZILLA, NL)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:744 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4471 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.23.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-23-23.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.171.52 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 165.227.253.30 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

prebidserver.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.135.209.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-5-135-209.eu

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f350:3:2569:0:10:0:200a (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.239.172.170 (Tower Hamlets, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.210.134.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-134-254.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.71.164.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-164-184.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.83.69.58 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c87:5241::2 (Brent, United Kingdom)

ASN55081 (24SHELLS, US)

ghb2.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-114.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.214.149.91 (Groningen, Netherlands) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-41.fra56.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-94.fra50.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-44.fra56.r.cloudfront.net

signal-segments.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.3.178.4 (United States) 2 redirects

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

pixfuture2-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.100.25 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-100-25.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.83.71.234 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:262:3e04::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.159.1.74 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-1-74.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f350:3:2569:0:10:0:200c (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (Frederick, United States) 1 redirects

ASN6461 (ZAYO-6461, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.115.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.111.241 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-111-241.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.146.152 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	pixfuture.com served-by.pixfuture.com — Cisco Umbrella Rank: 54495 cdn.pixfuture.com — Cisco Umbrella Rank: 56587 prebidserver.pixfuture.com — Cisco Umbrella Rank: 57311	751 KB
8	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 3301 sync.go.sonobi.com — Cisco Umbrella Rank: 1211	9 KB
7	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 527 ib.adnxs.com — Cisco Umbrella Rank: 279	7 KB
7	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 cm.g.doubleclick.net — Cisco Umbrella Rank: 274	178 KB
6	exego.app 1 redirects exego.app	99 KB
5	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 394	3 KB
5	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 5269 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 7595 signal-beacon.s-onetag.com — Cisco Umbrella Rank: 9226 signal-segments.s-onetag.com — Cisco Umbrella Rank: 26655	19 KB
5	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 522 ads.pubmatic.com — Cisco Umbrella Rank: 621	215 B
5	media.net 1 redirects prebid.media.net — Cisco Umbrella Rank: 1263 contextual.media.net — Cisco Umbrella Rank: 735 hbx.media.net — Cisco Umbrella Rank: 1292	3 KB
4	e-planning.net 2 redirects ads.us.e-planning.net — Cisco Umbrella Rank: 3104	803 B
4	openx.net rtb.openx.net — Cisco Umbrella Rank: 637 pixfuture2-d.openx.net — Cisco Umbrella Rank: 73998	552 B
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 579 eus.rubiconproject.com — Cisco Umbrella Rank: 648	3 KB
4	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 7528 ghb1.adtelligent.com — Cisco Umbrella Rank: 11130 ghb2.adtelligent.com — Cisco Umbrella Rank: 13083 sync.adtelligent.com — Cisco Umbrella Rank: 5991	4 KB
3	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 788	195 B
3	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1316	292 B
3	lijit.com ap.lijit.com — Cisco Umbrella Rank: 842	790 B
3	dotomi.com web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 5320	631 B
3	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 2105	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71 region1.google-analytics.com — Cisco Umbrella Rank: 2355	21 KB
3	rgeredrubygs.info rgeredrubygs.info	1 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	cuty.io cdn.cuty.io — Cisco Umbrella Rank: 506707	3 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 520	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 759	993 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 405	566 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 570	1 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 493	368 B
2	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 26051	101 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	165 KB
1	connatix.com capi.connatix.com — Cisco Umbrella Rank: 903	82 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1453	134 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 659	934 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 914	736 B
1	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 893	371 B
1	amazon-adsystem.com aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1221	47 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1107	862 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 827	1 KB
1	adtarget.com.tr s.console.adtarget.com.tr — Cisco Umbrella Rank: 5885
1	33across.com ssc-cms.33across.com — Cisco Umbrella Rank: 1122
1	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2982
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1398
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 937	269 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 576 fid.agkn.com Failed	466 B
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 67320	461 B
1	google.com accounts.google.com — Cisco Umbrella Rank: 45 Failed fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744	10 KB
1	getrunkhomuto.info getrunkhomuto.info — Cisco Umbrella Rank: 18153
1	sentativesathya.info sentativesathya.info
1	cdntechone.com cdntechone.com — Cisco Umbrella Rank: 61182	8 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
1	exe.io exe.io — Cisco Umbrella Rank: 635993	11 KB
0	rlcdn.com Failed api.rlcdn.com Failed
0	facebook.com Failed www.facebook.com Failed
129	52

	Domain	Requested by
7	cdn.pixfuture.com	served-by.pixfuture.com cdn.pixfuture.com exego.app
7	served-by.pixfuture.com	exego.app cdn.pixfuture.com
6	prebidserver.pixfuture.com	cdn.pixfuture.com exego.app
6	exego.app	1 redirects exego.app
5	sync.go.sonobi.com	exego.app
5	x.bidswitch.net	4 redirects exego.app
4	cm.g.doubleclick.net	2 redirects exego.app
4	ads.us.e-planning.net	2 redirects cdn.pixfuture.com
4	secure.adnxs.com	2 redirects exego.app
3	onetag-sys.com	1 redirects cdn.pixfuture.com
3	hbopenbid.pubmatic.com	cdn.pixfuture.com
3	btlr.sharethrough.com	cdn.pixfuture.com
3	ap.lijit.com	cdn.pixfuture.com
3	rtb.openx.net	cdn.pixfuture.com
3	ib.adnxs.com	cdn.pixfuture.com
3	web.hb.ad.cpe.dotomi.com	cdn.pixfuture.com
3	fastlane.rubiconproject.com	cdn.pixfuture.com
3	apex.go.sonobi.com	cdn.pixfuture.com
3	prg.smartadserver.com	cdn.pixfuture.com
3	prebid.media.net	cdn.pixfuture.com
3	securepubads.g.doubleclick.net	cdn.pixfuture.com securepubads.g.doubleclick.net
3	rgeredrubygs.info	exego.app
3	fonts.gstatic.com	fonts.googleapis.com
3	cdn.cuty.io	exego.app
2	pixel.tapad.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	ads.pubmatic.com	cdn.pixfuture.com
2	signal-segments.s-onetag.com	get.s-onetag.com
2	match.adsrvr.org	cdn.pixfuture.com exego.app
2	id5-sync.com	cdn.pixfuture.com
2	gum.criteo.com	cdn.pixfuture.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pogothere.xyz	exego.app
2	www.googletagmanager.com	exego.app www.googletagmanager.com
1	capi.connatix.com	exego.app
1	sync.adkernel.com	exego.app
1	bh.contextweb.com	1 redirects
1	p.rfihub.com	1 redirects
1	sync.crwdcntrl.net	1 redirects
1	aax-eu.amazon-adsystem.com	exego.app
1	sync.mathtag.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	s.console.adtarget.com.tr	cdn.pixfuture.com
1	sync.adtelligent.com	cdn.pixfuture.com
1	hbx.media.net	1 redirects
1	eus.rubiconproject.com	cdn.pixfuture.com
1	contextual.media.net	cdn.pixfuture.com
1	ssc-cms.33across.com	cdn.pixfuture.com
1	vid.vidoomy.com	cdn.pixfuture.com
1	pixfuture2-d.openx.net	cdn.pixfuture.com
1	cm.adform.net	cdn.pixfuture.com
1	signal-beacon.s-onetag.com	get.s-onetag.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	get.s-onetag.com	cdn.pixfuture.com
1	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
1	lb.eu-1-id5-sync.com	cdn.pixfuture.com
1	ghb2.adtelligent.com	cdn.pixfuture.com
1	ghb1.adtelligent.com	cdn.pixfuture.com
1	ghb.adtelligent.com	cdn.pixfuture.com
1	region1.google-analytics.com	www.googletagmanager.com
1	aa.agkn.com	cdn.pixfuture.com
1	datatechone.com	cdntechone.com
1	getrunkhomuto.info	exego.app
1	sentativesathya.info	exego.app
1	cdntechone.com	exego.app
1	fonts.googleapis.com	exego.app
1	exe.io	exego.app
0	api.rlcdn.com Failed	cdn.pixfuture.com
0	fid.agkn.com Failed	cdn.pixfuture.com
0	accounts.google.com Failed	exego.app
0	www.facebook.com Failed	exego.app
129	71

This site contains links to these domains. Also see Links.

Domain
exe.io
www.pixfuture.com

Subject Issuer	Validity	Valid
exego.app GTS CA 1P5	`2024-06-02` - `2024-08-31`	3 months	crt.sh
exe.io E1	`2024-05-19` - `2024-08-17`	3 months	crt.sh
*.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-28` - `2024-12-03`	a year	crt.sh
cuty.io GTS CA 1P5	`2024-05-20` - `2024-08-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
cdntechone.com WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
pogothere.xyz GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
sentativesathya.info Amazon RSA 2048 M02	`2024-06-05` - `2025-07-04`	a year	crt.sh
getrunkhomuto.info Amazon RSA 2048 M03	`2024-04-01` - `2025-04-30`	a year	crt.sh
rgeredrubygs.info GTS CA 1P5	`2024-05-30` - `2024-08-28`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
pixfuture.com E1	`2024-05-15` - `2024-08-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.id5-sync.com R3	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
prebid.media.net WR3	`2024-06-13` - `2024-09-11`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2024-05-27` - `2024-08-25`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2024-06-17` - `2025-07-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M03	`2024-05-14` - `2025-06-12`	a year	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2024-05-29` - `2024-08-27`	3 months	crt.sh
ghb2.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2024-05-29` - `2024-08-27`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
ads.us.e-planning.net R11	`2024-06-23` - `2024-09-21`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-27` - `2025-06-18`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-10-06`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2024-05-18` - `2024-08-16`	3 months	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2024-05-17` - `2024-08-15`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2024-04-24` - `2025-04-20`	a year	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-15` - `2024-08-07`	3 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2024-01-12` - `2025-02-12`	a year	crt.sh
capi.connatix.com GTS CA 1P5	`2024-05-13` - `2024-08-11`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://exego.app/hhN2Dtj
Frame ID: 507646229E2BB0CA4A5309F3E86E6F49
Requests: 105 HTTP requests in this frame

Frame: https://sentativesathya.info/enJyR2wbEBEqUxtPEGEZCB5PYl48V0ABCBsIB3JbDR8CKl1OEFwkABUHFiEeFRwGaQIfBld1Kj0WHAIUGTc3ESQWSiUhCzMrJBJdDSAZAigoOiQGOko3MQ0uOD8kBgsRNyBzCj8mNwA6SwE2CwQdMDYGB0s7IRVUPRw3fyoXERoDLx4qIBYDFiFCCjQyMTMeKh0KJQ0uHSE2AioUNAoROC4qJBYuLzcUDAcJOCUgAxQ1IzMmMgsnBjpKIyAhLgkXIT8HDjUaBjkrFRYDNA00JCRcICggLwcMNxpyKztAIAI9LEo3HSkoMDMCLgwgHhYvNx8gAj0vXysdIEowNAEpNzYndyE4MTojLy0wIAQPKBEwFj4NGTMVPi41CyAvLDM/dQg/JDUPXDRBJ3chOCUxKAk4JAUkNj8jCwEpMAo1LwQbNCUVKSskKxElEkIXACosCCAvJiAzG3MOPDAgBC5KFjYFXU8KJQIpHCM1FSkrJzsVJgIRNhAqLAg/Aj05IEB+KigKEQEKPxFULR8VHAJ6FQ4lJwoGSjgVET03Iw
Frame ID: C9BE8B56D97DE722A589F405F9FD1CE8
Requests: 1 HTTP requests in this frame

Frame: https://getrunkhomuto.info/VDJmb1A1UAUCbzUPBEklJl5bSmISF1QpNDVIE1pnI18WAmFgUEgMPDtHAgkiO1wSQT4xRkNdFjhgIAxjAHUFAR8SWRc4FBUXVC0FZ3QxCxc3dwM5aS5RMwx1ZnAnBholZww+Ex1IATUcBlFWDAZkF1QpExddCCw4BUIrLWUscwE+Hxt0Ny0BAHMSOmMSZD8FJAN7AS1lN2QvBhIcXgsqA2R2LAI/EFMOJjw1XgkFGAcCUTgpZXECBxUXawoLOA5jAgQVFwJTOikZYyhcGRJUJwQnN1UwVwY6YFMtYjhnJAEZElQkLiQbYyBbATpRMCo+YWo2KBUQaDMlYg4DSzZoEksBFgEXWSAjKmF2BzkFF2sBPWcHagIHFToHPg0ULFQpLj87UQE6AAVcPAEHLWcrJggddAAuETx8IBg6AF8gAxItCjYhOjxTLToaZnc3NXVmcDM4IDp1PhcaMHovKTYWYwoiBg0XVC0UOXQKDAg4ZwVcOxFXDSooNVU/STonXQgfbQx8EiYWGlEsADMZ
Frame ID: EF1AECDE8021159A5BC9BC243CFB8B10
Requests: 1 HTTP requests in this frame

Frame: https://exego.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
Frame ID: 79414179D824F64D6E49422F85FCE30E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/pixf_sync.html
Frame ID: 6D2BD5B3DD8336837FD721E6F2714C87
Requests: 1 HTTP requests in this frame

Frame: https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=
Frame ID: 6B7BD16C6977EEBA443DC47E7437C4A6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/banners/300x250.gif
Frame ID: 33C6FD642CE4B25EC4A486673CBEFEBB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/banners/300x250.gif
Frame ID: 68488E14B8D76401F086C6920B3F2509
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/banners/300x250.gif
Frame ID: 086F4581900407E443EDBED401CBE772
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: 0FA3CC8D0596275C951A3AC283F3A1BC
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D1FD9C477F9B4A95A%26sp%3D500592%26pb%3D305453%26c%3D709112%26a%3D743293%26domain%3Dhttps%3A%2F%2Fexego.app%2FhhN2Dtj%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D%24UID
Frame ID: C27E4A94A03687A17EF6E9971D6E0019
Requests: 1 HTTP requests in this frame

Frame: https://pixfuture2-d.openx.net/w/1.0/pd
Frame ID: F610BDCC144B21A117CA3B47B15E9492
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D380%26traffic_source%3Dsnippet%26session%3D1FD9C477F9B4A95A%26sp%3D500592%26pb%3D305453%26c%3D632122%26a%3D556847%26domain%3Dhttps%3A%2F%2Fexego.app%2FhhN2Dtj%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D%7B%7BVID%7D%7D
Frame ID: 5AA81CDCA9AE25C2EC983E81A9F99790
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1719697428126
Frame ID: DD6ECF2FA2CADF591E6F1C12DFEF71CD
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26traffic_source%3Dsnippet%26session%3D1FD9C477F9B4A95A%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fexego.app%2FhhN2Dtj%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D%24UID
Frame ID: CF9E84CBEC7968A9D04BC7DBE9F2D28A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 370A8D6A60A90A6D33B1B9DBC8C5EA27
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D1FD9C477F9B4A95A%26sp%3D500592%26pb%3D305453%26c%3D631382%26a%3D558003%26domain%3Dhttps%3A%2F%2Fexego.app%2FhhN2Dtj%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D
Frame ID: D15659635F5B5AD174B6A7B3A8FDE066
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D1FD9C477F9B4A95A%26sp%3D500592%26pb%3D305453%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fexego.app%2FhhN2Dtj%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D33XUSERID33X
Frame ID: 9A0653C110999C361F7D8EC42F5F9367
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: BEEC23CCF6BA4600D87ECC1A8653927B
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2055%2C2075%2C2030%2C3020%2C251%2C233%2C2027%2C2026%2C236%2C2069%2C237%2C238%2C359%2C338%2C459%2C70%2C97%2C55%2C77%2C2022%2C3012%2C2043%2C262%2C461%2C244%2C201%2C2039%2C4%2C126%2C203%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: ABAE7DDBA0F693C6F01E6CD4F86A7DB7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 71F596F0B33A15E60278A410F4A80AEB
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=1FD9C477F9B4A95A&sp=500592&pb=305453&c=750708&a=754412&domain=https://exego.app/hhN2Dtj&gdpr=0&gdpr_source=&gdpr_consent=&extuid=0000EEA
Frame ID: 2F4846CA770B27DCAE80F22C79E4F360
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 5D48C40E6ADE5C3E6763B35550ECE1A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

exe.io

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

129
Requests

88 %
HTTPS

26 %
IPv6

52
Domains

71
Subdomains

59
IPs

9
Countries

1447 kB
Transfer

2881 kB
Size

69
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://exe.io/
Title: Start Earning Now

Search URL Search Domain Scan URL

URL: https://www.pixfuture.com/advertisers
Title: Powered by pixfuture

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AS5LTATYE-7EIgoQiJ0seOKarbj1HySM6isANugxAcvNpdoRPxIe0OKoxPIvsrCFGDpin_YsuRf9 HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AS5LTATgZ3FKDPOCClQaN9m74ljwdE41lHi0h5t3SyVFKJzwK0CNioYlShZCqPHw7R5LbHxBjf6P&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S638187697%3A1719697426255084&ddm=0

Request Chain 19

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AS5LTATEXX3vzRDUQYPuwZILtHwvYHPDLziTi6W4OMJXfvzM78tiMlE8AAuOVe5LBKG-5vEh-4AP HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AS5LTASwx63RotPIKDwSg_wNoXggFSsxZpil2UgCOZ3F_XZ_XoDXf_Vx5v7KuxGenV1--DmmN0pm&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2012940179%3A1719697426259407&ddm=0

Request Chain 21

https://exego.app/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://exego.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

Request Chain 42

https://secure.adnxs.com/seg?add=27578904%2C27578904&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578904%252C27578904%26t%3D1

Request Chain 43

https://secure.adnxs.com/seg?add=27578927%2C27578927&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578927%252C27578927%26t%3D1

Request Chain 85

https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=

Request Chain 96

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=bfe9d370-9c94-451a-9577-9960b99fbc40

Request Chain 101

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID

Request Chain 106

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26traffic_source%3Dsnippet%26session%3D1FD9C477F9B4A95A%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fexego.app%2FhhN2Dtj%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26traffic_source%3Dsnippet%26session%3D1FD9C477F9B4A95A%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fexego.app%2FhhN2Dtj%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D%24UID

Request Chain 113

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D142%26traffic_source%3Dsnippet%26session%3D1FD9C477F9B4A95A%26sp%3D500592%26pb%3D305453%26c%3D750708%26a%3D754412%26domain%3Dhttps%3A%2F%2Fexego.app%2FhhN2Dtj%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D%3Cvsid%3E HTTP 302
https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=1FD9C477F9B4A95A&sp=500592&pb=305453&c=750708&a=754412&domain=https://exego.app/hhN2Dtj&gdpr=0&gdpr_source=&gdpr_consent=&extuid=0000EEA

Request Chain 115

https://sync.srv.stackadapt.com/sync?nid=286 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=st&nuid=hvlZaYGVXq5YLZk36G9rcR_Mlnc

Request Chain 116

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dif%26nuid%3D[MM_UUID] HTTP 302
https://sync.go.sonobi.com/us.gif?nw=if&nuid=59a06680-8015-4500-ba02-43097856bfb4

Request Chain 118

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=140&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=62f49af8-ea3c-4674-9cc5-ae2dc4096808-66808015-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D62f49af8-ea3c-4674-9cc5-ae2dc4096808-66808015-5553%26partner_url%3Dhttps%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dbs%2526nuid%253D62f49af8-ea3c-4674-9cc5-ae2dc4096808-66808015-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=62f49af8-ea3c-4674-9cc5-ae2dc4096808-66808015-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D62f49af8-ea3c-4674-9cc5-ae2dc4096808-66808015-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=62f49af8-ea3c-4674-9cc5-ae2dc4096808-66808015-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D62f49af8-ea3c-4674-9cc5-ae2dc4096808-66808015-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=62f49af8-ea3c-4674-9cc5-ae2dc4096808-66808015-5553&gdpr=0&gdpr_consent=

Request Chain 119

https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5141210831465981879

Request Chain 120

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=bfe9d370-9c94-451a-9577-9960b99fbc40&google_hm=YmZlOWQzNzAtOWM5NC00NTFhLTk1NzctOTk2MGI5OWZiYzQw&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=sonobi&bsw_param=bfe9d370-9c94-451a-9577-9960b99fbc40&google_hm=YmZlOWQzNzAtOWM5NC00NTFhLTk1NzctOTk2MGI5OWZiYzQw&gdpr_consent=&gdpr=0&google_tc= HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEE8KTQnyNVDXjP0yGw7xgd0&google_cver=1&ssp=sonobi&bsw_param=bfe9d370-9c94-451a-9577-9960b99fbc40&gdpr_consent=&gdpr=0 HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=bfe9d370-9c94-451a-9577-9960b99fbc40&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 121

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=f92939a9-bfdf-4787-a0e2-7d1bab3c3d55&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=MW90X1pEb3duNHNRUDVLVlFWa2wwQQ&gdpr=&gdpr_consent=

129 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request hhN2Dtj Show response
exego.app/ 337 KB
91 KB 175ms
135ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exego.app/hhN2Dtj

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d6d458839b6ff30164af7f207bd45832938dece17a709846e1ff9d8babf9a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 89b9180e2b93b7c1-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 29 Jun 2024 21:43:45 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=booDeBcpsAFD6Nvl0sQGkEb%2FU%2FPlNc26%2BDx48kv4K19W1b28u8UcrT0ZFMCbox%2BHvkoxmGSKoQV3rfpn0TdEgVCuTGLuvh801xvuix4FaSs6xTG%2FBHir%2BySbl1g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H3 200 links.css
exego.app/css/ 4 KB
2 KB 33ms
32ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exego.app/css/links.css

Requested by

Host: exego.app
URL: https://exego.app/hhN2Dtj

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cea69ec2030a73d1dc4e426b71cbaba190f1ea585ac99e3e1b2358a8690f8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 419305
alt-svc: h3=":443"; ma=86400
content-length: 1173
x-xss-protection: 1; mode=block
last-modified: Fri, 24 May 2024 12:22:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Pj%2FPcqkdgUi1QEjCbChMkNXHBNllKH01mBLO7D%2B%2B7jk%2Fb20kfP5siqJLvBei6%2BfJWRBVTIfW10o5vz0yRV5z8cJxbAcrinXBPXqZcojGb5eE51dEC7FJoV1CHc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 89b9180f1c25b7c1-AMS
expires: Thu, 25 Jul 2024 01:15:20 GMT

GET
H3 200 logo_sm.png
exe.io/img/ 11 KB
11 KB 73ms
28ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://exe.io/img/logo_sm.png

Requested by

Host: exego.app
URL: https://exego.app/hhN2Dtj

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63f2781570d012d67b1e5ed27544bf90097a71ca5ddbbcd86a98a0f52871534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 269
alt-svc: h3=":443"; ma=86400
content-length: 10989
x-xss-protection: 1; mode=block
last-modified: Sun, 28 Mar 2021 18:01:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: User-Agent, Accept-Encoding
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tZ8KoLiMiwIz1heQ6WfqPgH1dYjQ8ruLHC97N0XjiQVfdzYF67mytOs6QZyq0cEjTE13I2hXAACKpFM1JeRC9GvIXEsfutol3r0TgxLbqBOSwjJxE7cqLBM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 89b9180f58116729-AMS
expires: Sun, 29 Jun 2025 21:39:15 GMT

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ 3 KB
3 KB 414ms
92ms Script
text/javascript 161.35.253.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 5b414a201d433a80079bb11f4efacae1f09b93d28cd3540a543e5c4036626898

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:46 GMT
last-modified: Tue, 25 Jun 2024 16:58:16 GMT
accept-ranges: bytes
content-length: 3009
content-type: text/javascript; charset=utf-8

GET
H3 200 step-1.svg
cdn.cuty.io/images/public/ 2 KB
1 KB 70ms
25ms Image
image/svg+xml 172.67.139.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/step-1.svg
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99ab93770b29102ffce4dce48f640b0d261232d55b5fef43e5e85063b13215c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 May 2024 18:52:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4330168
etag: W/"663e6d03-658"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HBc1FJcqSEPPh6G1BsBI5t2OgHiNVKPudCX2c7lvcKAVSCcBnvNk2CeMKQmLOYUQ2QJHWUg1oE%2B1alAebIHRHTBOKMX8mVI9XVsHJC2mGvWrFtQRZwssy88BMvBwrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 89b9180f5c3f664c-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 May 2025 18:54:15 GMT

GET
H3 200 step-2.svg
cdn.cuty.io/images/public/ 2 KB
1 KB 29ms
28ms Image
image/svg+xml 172.67.139.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/step-2.svg
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad7b909be0ac771a93aa56619d42d861b55c5e24b1913b945a6abda3f3b80a4d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 May 2024 18:52:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4330168
etag: W/"663e6d03-607"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bSgjYAa06lAKox0tC9cpbD8vsMWPh7YMo8KTBorf0YUu%2B5lb7gZB1Fbu9qqiGkwL1ieRA2eWwg4kgIQgniB4V1zfUAlha0%2FYqttXXXGLnzgpQq2jxoQN%2Bb7j6prmqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 89b9180f8c78664c-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 May 2025 18:54:15 GMT

GET
H3 200 step-3.svg
cdn.cuty.io/images/public/ 1 KB
946 B 28ms
28ms Image
image/svg+xml 172.67.139.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cuty.io/images/public/step-3.svg
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cb6e189b5c7fa3bb75d2b7c3f3b9b8628d5890db27ce8fc2f676d7b44ea81be

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 May 2024 18:52:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4330168
etag: W/"663e6d03-45b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qtl%2Fr8qRj96qXrH%2FAkjIknQYc72SkkQfyF3ksyp9qCjxEZt5CaeB%2FVZ46H9vKGcNGLRZfETmZjvHuRoQhCxmcIcRai7meDV%2BGBvb%2Br%2FM%2BnsErSZmjATFBgzo2pFlIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 89b9180f8c7a664c-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 May 2025 18:54:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 318ms
65ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-135952122-1

Requested by

Host: exego.app
URL: https://exego.app/hhN2Dtj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2eadf84729d331fc54572fe0fa0161b175e2ad2d764fd7846a47cfa195d2eee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76620
x-xss-protection: 0
last-modified: Sat, 29 Jun 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 29 Jun 2024 21:43:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 126ms
57ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Requested by

Host: exego.app
URL: https://exego.app/css/links.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Jun 2024 21:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jun 2024 19:45:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Jun 2024 21:43:45 GMT

GET
H2 200 stattag.js Show response
cdntechone.com/ 16 KB
8 KB 254ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdntechone.com/stattag.js
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ae0d442d77ea9528a5c8162816db73c0ac35e6ebc0d6359b28645565cdac160

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jun 2024 13:48:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4171
etag: W/"667acaac-4030"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iW3ppVFnK5OP5A901y%2BSU4E2pNwtN3HDCjlDvfzk4EUbM6R8eoPcqtFviZXo%2BhigKNydKLFY4huC4pGOkaVZ8%2BG6lfAXH5T%2Bk1Y2nVSwS9zO6p59h08UJWqwFmKbTSHpCPnr6grXhsfExjCO8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 89b918119d99669a-AMS
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 306ms
104ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://exego.app
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 21:09:32 GMT
x-content-type-options: nosniff
age: 174854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 21:09:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 252ms
51ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://exego.app
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 15:08:18 GMT
x-content-type-options: nosniff
age: 369328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 15:08:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 264ms
62ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://exego.app
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 21:18:03 GMT
x-content-type-options: nosniff
age: 174343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 21:18:03 GMT

GET
H3 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 184ms
30ms Fetch
binary/octet-stream 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7129
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 29 Jun 2024 19:44:57 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://exego.app
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kdajgOCla0XpDV6yl6MsuPTYmr6ZNXoWMg%2Be3hi14hQPk%2Br6SnunEiBlIAojz4u4EHa2szAMe3x7PBY84Jk31UEvS16utIQJ2Go7NE7F5WBwslssdrRMZ17X9fV1L%2BLW"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 89b91811ad260e68-AMS
access-control-allow-headers: X-Requested-With, content-type

GET
H3 200 / Show response
pogothere.xyz/ 26 B
515 B 269ms
115ms Fetch
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c64b659cce3c48c7892822eb011f9f4264327092084694522a8dda480d2811f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NkvinRB25XRbK0h02YVAZGZFsIpFav48Am4zXT8H668omAVRKUzVfeb8hE2jhqZ6Yvjgz6nwZqdFn%2BLkDZtxBJt399LZ669s6sh%2FATXCmw6iNvAMKqnc%2B9RRkxvxcjx4"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://exego.app
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 89b91811ad290e68-AMS
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 Aj05IEB+KigKEQEKPxFULR8VHAJ6FQ4lJwoGSjgVET03Iw
sentativesathya.info/enJyR2wbEBEqUxtPEGEZCB5PYl48V0ABCBsIB3JbDR8CKl1OEFwkABUHFiEeFRwGaQIfBld1Kj0WHAIUGTc3ESQWSiUhCzMrJBJdDSAZAigoOiQGOko3MQ0uOD8kBgsRNyBzCj8mNwA6SwE2CwQdMDYGB0s7IRVUPRw3fyoXERoDLx4q... Frame C9BE 0
0 197ms
102ms Document
text/html 13.224.132.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sentativesathya.info/enJyR2wbEBEqUxtPEGEZCB5PYl48V0ABCBsIB3JbDR8CKl1OEFwkABUHFiEeFRwGaQIfBld1Kj0WHAIUGTc3ESQWSiUhCzMrJBJdDSAZAigoOiQGOko3MQ0uOD8kBgsRNyBzCj8mNwA6SwE2CwQdMDYGB0s7IRVUPRw3fyoXERoDLx4qIBYDFiFCCjQyMTMeKh0KJQ0uHSE2AioUNAoROC4qJBYuLzcUDAcJOCUgAxQ1IzMmMgsnBjpKIyAhLgkXIT8HDjUaBjkrFRYDNA00JCRcICggLwcMNxpyKztAIAI9LEo3HSkoMDMCLgwgHhYvNx8gAj0vXysdIEowNAEpNzYndyE4MTojLy0wIAQPKBEwFj4NGTMVPi41CyAvLDM/dQg/JDUPXDRBJ3chOCUxKAk4JAUkNj8jCwEpMAo1LwQbNCUVKSskKxElEkIXACosCCAvJiAzG3MOPDAgBC5KFjYFXU8KJQIpHCM1FSkrJzsVJgIRNhAqLAg/Aj05IEB+KigKEQEKPxFULR8VHAJ6FQ4lJwoGSjgVET03Iw
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.132.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-132-86.lhr3.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1244
content-type: text/html
date: Sat, 29 Jun 2024 21:43:46 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 bfc68ff581bb4e5342af2e46682c1ad0.cloudfront.net (CloudFront)
x-amz-cf-id: 34KvdbzvfR63KyhJAo5k_vr1_pn2eeT0RvYZPw2mEF2Y9QEpcPgusw==
x-amz-cf-pop: LHR3-C2
x-cache: Miss from cloudfront

GET
H2 200 STonXQgfbQx8EiYWGlEsADMZ
getrunkhomuto.info/VDJmb1A1UAUCbzUPBEklJl5bSmISF1QpNDVIE1pnI18WAmFgUEgMPDtHAgkiO1wSQT4xRkNdFjhgIAxjAHUFAR8SWRc4FBUXVC0FZ3QxCxc3dwM5aS5RMwx1ZnAnBholZww+Ex1IATUcBlFWDAZkF1QpExddCCw4BUIrLWUscwE+Hxt0Ny... Frame EF1A 0
0 208ms
127ms Document
text/html 3.160.150.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://getrunkhomuto.info/VDJmb1A1UAUCbzUPBEklJl5bSmISF1QpNDVIE1pnI18WAmFgUEgMPDtHAgkiO1wSQT4xRkNdFjhgIAxjAHUFAR8SWRc4FBUXVC0FZ3QxCxc3dwM5aS5RMwx1ZnAnBholZww+Ex1IATUcBlFWDAZkF1QpExddCCw4BUIrLWUscwE+Hxt0Ny0BAHMSOmMSZD8FJAN7AS1lN2QvBhIcXgsqA2R2LAI/EFMOJjw1XgkFGAcCUTgpZXECBxUXawoLOA5jAgQVFwJTOikZYyhcGRJUJwQnN1UwVwY6YFMtYjhnJAEZElQkLiQbYyBbATpRMCo+YWo2KBUQaDMlYg4DSzZoEksBFgEXWSAjKmF2BzkFF2sBPWcHagIHFToHPg0ULFQpLj87UQE6AAVcPAEHLWcrJggddAAuETx8IBg6AF8gAxItCjYhOjxTLToaZnc3NXVmcDM4IDp1PhcaMHovKTYWYwoiBg0XVC0UOXQKDAg4ZwVcOxFXDSooNVU/STonXQgfbQx8EiYWGlEsADMZ
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-43.fra60.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1226
content-type: text/html
date: Sat, 29 Jun 2024 21:43:46 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
x-amz-cf-id: yBjzyjcX0hVOnKC434aBO66-SrbVuZw1bKzPzr8CebkAoDA9Zs30AA==
x-amz-cf-pop: FRA60-P7
x-cache: Miss from cloudfront

GET
H3 204 ZzFyVlRIDhElaTZcSwIwM2sKARMtdDNlGgNrGQcEA3coOAY2UlQiPQMMQ2ZkVQVGYHIXWBZrZUFCBjcgEkJPZ3IOXxQ5aUFHT2d6VAVcZWJJBVQjaVYXBiY1AAxDcCQTRR5rZVAAS2BtUAVAYGRUAQ
rgeredrubygs.info/ 0
419 B 199ms
107ms Image
text/plain 104.21.42.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rgeredrubygs.info/ZzFyVlRIDhElaTZcSwIwM2sKARMtdDNlGgNrGQcEA3coOAY2UlQiPQMMQ2ZkVQVGYHIXWBZrZUFCBjcgEkJPZ3IOXxQ5aUFHT2d6VAVcZWJJBVQjaVYXBiY1AAxDcCQTRR5rZVAAS2BtUAVAYGRUAQ
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.42.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w1mTK8Dpb%2BsyN%2FB31uolwi5FwTKVffFeqjTQrjczaJwhsm4T3o8N6zmNYpINuBoNvQsc%2BsbqaOuvZP7TscXzJjVKeXQ%2F7r7TqQOdZG%2B937jeIVfBYwrL4h0Q5UOunDZZ8nwgQw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 89b91811bf0c66f6-AMS
alt-svc: h3=":443"; ma=86400

GET login.php
www.facebook.com/ 0
0

GET

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AS5LTATYE-7EIgoQiJ0seOKarbj1HySM6isANugxAcvNpdoRPxIe0OKoxPIvsrC...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AS5LTATgZ3FKDPOCClQaN9m74ljwdE41lHi0h5t3SyVFKJzwK0CNioYlShZCqPHw7R5LbHxBjf6P&passive=...

0
0

GET

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AS5LTATEXX3vzRDUQYPuwZILtHwvYHPDLziTi6W4OMJXfvzM78tiMlE8AAu...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AS5LTASwx63RotPIKDwSg_wNoXggFSsxZpil2UgCOZ3F_XZ_XoDXf_Vx5v7KuxGenV1--DmmN0pm&passive...

0
0

GET
H3 204 dlJGR2pZbSU0VzgFdx0JMAsEH1gwFyQwDhcLAxEAMhQQMjtEC2AzAxJvd3daRWd+cEwGOyJ6W050NTMLAic1eltQOyghBUt0MHpbWGJodURDdDN6W1AmNiYNS2NgNx4CPnt2XUdrcH5dQmBwd1JF
rgeredrubygs.info/ 0
378 B 194ms
108ms Image
text/plain 104.21.42.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rgeredrubygs.info/dlJGR2pZbSU0VzgFdx0JMAsEH1gwFyQwDhcLAxEAMhQQMjtEC2AzAxJvd3daRWd+cEwGOyJ6W050NTMLAic1eltQOyghBUt0MHpbWGJodURDdDN6W1AmNiYNS2NgNx4CPnt2XUdrcH5dQmBwd1JF
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.42.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GLFSXCcuCkamc7MFVoYUnjhEG2wrak2cX6y8OnxG9h3n32t%2BhRQIuovm7B0vbQ1v2TIl%2FreeeEToGqhuafsFWvoptNq0UKwY98FJZL1MswiC1NuiSaxsRIYkDKyBoKkq%2BXPnAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 89b91811bf0d66f6-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

main.js Show response
exego.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/ Frame 7941
Redirect Chain

https://exego.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://exego.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

8 KB
4 KB

33ms
26ms

Script
application/javascript

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exego.app/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

Requested by

Host: exego.app
URL: https://exego.app/hhN2Dtj

Protocol

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62d0d488d024e7d3ada98c6333d79e108ea7ac12eb4fbcb5df9e18058692318a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 29 Jun 2024 21:43:46 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lIxjTuC6v5WKRaE%2FxsBddX0nolOhvx6PjfJ6D20ZEylTK7hHHEMXPXSf9hFDlViHTXMC0untSclXgerBMeILTf18Sc9lVKTrnh6q8YemcXL7JWjeXIFqG9Tq4SM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 89b91811bda5b7c1-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 29 Jun 2024 21:43:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ovk720IITrYHhlTN%2BaR84qyfJqrzBuOTtV80GCKigkFka8U%2F7JUzK0MlDj09JQ99hCOx%2Fy2fC9VEcJs0XlAE9VzhHLLOfWhIimBtI52DOWIhAUxErNaem4H2k1I%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 89b918114d75b7c1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H/1.1 200
OK add Show response
datatechone.com/log/ 2 B
461 B 100ms
15ms XHR
text/plain 185.49.145.45
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697&ruid=a8671f06-f6f5-47bb-9b2a-abe6430913ab
Requested by: Host: cdntechone.com
URL: https://cdntechone.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.49.145.45 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.25.5 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 29 Jun 2024 21:43:46 GMT
Server: nginx/1.25.5
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://exego.app
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

POST
H3 200 89b9180e2b93b7c1 Show response
exego.app/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 7941 0
670 B 39ms
38ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://exego.app/cdn-cgi/challenge-platform/h/g/jsd/r/89b9180e2b93b7c1
Requested by: Host: exego.app
URL: https://exego.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 29 Jun 2024 21:43:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sD%2BKrh0px53XTGAqDOgiobxmbDYvRFVoVLGTGwAWUnCcvZKYCDnOshVqV2kc7p%2BsCDlZmlaPiP8b3k1hqeUtxAiFc1bYgmQ%2BgTSHKxCwop2Ih0d2up%2F%2FA83PG%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 89b91813aea5b7c1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 hb_v2.js Show response
cdn.pixfuture.com/ 54 KB
55 KB 79ms
24ms Script
application/javascript 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/hb_v2.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 925b561dc2edcd51842275b696a7f6e8853429fb72586ede84e3289bbabf3aff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16950
cf-polished: origSize=55835
cf-bgj: minify
last-modified: Mon, 27 May 2024 12:49:17 GMT
server: cloudflare
etag: W/"6654814d-da1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kha7%2BA5hAXNblwUMa0vStSC%2B2VsfaG26WLhP9keXD7sEOwQ2XCQyO1f4OCNaSEyxDNUc6MKFtFbY66xKpSsGg9Uv7m0TrStmYXH14jmZUaKX%2FWeRH3md5EctJbqvfkk8rnrLBvArqHirjLpFeCvG"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
cf-ray: 89b9181409710ba6-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 01 Jul 2024 17:01:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
90 KB 73ms
71ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W3HJBPZBCZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135952122-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

baeef4a7228d28a8ba0bd5f8b3c89f820ca963e77876535a8c9d32b877e5bca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92077
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 29 Jun 2024 21:43:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 74ms
19ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135952122-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 29 Jun 2024 20:34:59 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4127
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 29 Jun 2024 22:34:59 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
31 KB 522ms
65ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

cdc8f77845b009676fe5a08bc9c9295bca9365884e340c5842d45f326f8b2f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31245
x-xss-protection: 0
server: cafe
etag: 945 / 19903 / m202406250101 / config-hash: 14127960895537280856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jun 2024 21:43:47 GMT

GET
H2 200 pbix.js Show response
cdn.pixfuture.com/ 464 KB
465 KB 24ms
23ms Script
application/javascript 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/pbix.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91d5b23a2f1e8e6d08bcd05fc5e01d74c219311bf9f3316c63a6d2744bc060ff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16950
cf-polished: origSize=476266
cf-bgj: minify
last-modified: Wed, 22 May 2024 17:38:34 GMT
server: cloudflare
etag: W/"664e2d9a-7446a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2B8BJ%2FVV1x39OTxamAkch9OUvV51pnjZhd9620G86mC5jkO%2FxWauxSwruisExaCSDoThNLaBUChoU%2ByMTNZrp65FKKfM7jzMHjx%2F5x9BSv8iEw4NXK6eoXSdWC7S11rdq3G%2BlBFfPX8hvDymHtEr"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
cf-ray: 89b9181449d10ba6-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 01 Jul 2024 17:01:09 GMT

GET
H2 200 pixf_sync.html
cdn.pixfuture.com/ Frame 6D2B 0
0 151ms
114ms Document
text/html 2606:4700:20::ac43:4471
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/pixf_sync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 89b918149a1c1c81-AMS
content-encoding: br
content-type: text/html
date: Sat, 29 Jun 2024 21:43:46 GMT
last-modified: Wed, 07 Dec 2022 20:04:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Qc5fY1FmmAwBPnoNtfL4RGh1TRVePnaDuACjNQ5scTCK9G8YHznORhmnqSLuI8%2FDzfTPO3d%2FHIsx5sltbbE3FDBbH2EXbI9tsQJbrR1tZR3U%2FTe6me67z0Zs3mARPjTodFtrrEEeoWInkPfENui"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 r.js Show response
aa.agkn.com/adscores/ 0
466 B 486ms
27ms Script
application/javascript 3.126.23.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.23.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-23-23.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: application/javascript;charset=iso-8859-1
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 0
expires: 0

POST
H/1.1 200
OK hb_v2.php Show response
served-by.pixfuture.com/www/delivery/ 3 KB
4 KB 280ms
104ms XHR
application/json 161.35.253.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=46330x300x250x7870x_ADSLOT3&keywords=exeio&refUrl=&refresh=false&innerWidth=1600&cb=1719697426616
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 25fb24b2514df1d9bd4626ebed2f4db545df745a636c32263dac0dfc6169c91d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:46 GMT
transfer-encoding: chunked
content-type: application/json
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Pragma,Access-Control-Max-Age,Expires,Vary,Cache-Control,Access-Control-Allow-Origin
expires: 0

POST
H/1.1 200
OK hb_v2.php Show response
served-by.pixfuture.com/www/delivery/ 3 KB
4 KB 269ms
94ms XHR
application/json 161.35.253.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=46330x300x250x7870x_ADSLOT1&keywords=exeio&refUrl=&refresh=false&innerWidth=1600&cb=1719697426617
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a262c612ba84568eea8e0252800878fe2e18c5041539bf18d0bc5af36662296d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:46 GMT
transfer-encoding: chunked
content-type: application/json
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Pragma,Access-Control-Max-Age,Expires,Vary,Cache-Control,Access-Control-Allow-Origin
expires: 0

POST
H/1.1 200
OK hb_v2.php Show response
served-by.pixfuture.com/www/delivery/ 3 KB
4 KB 269ms
93ms XHR
application/json 161.35.253.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=46330x300x250x7870x_ADSLOT2&keywords=exeio&refUrl=&refresh=false&innerWidth=1600&cb=1719697426620
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 4ebe06c8ed09bb00f0f84a6524f1b66e792eeb9e981b2c6a1260c1b986aecce5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:46 GMT
transfer-encoding: chunked
content-type: application/json
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Pragma,Access-Control-Max-Age,Expires,Vary,Cache-Control,Access-Control-Allow-Origin
expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 22ms
20ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=479344517&t=pageview&_s=1&dl=https%3A%2F%2Fexego.app%2FhhN2Dtj&ul=nl-nl&de=UTF-8&dt=exe.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=688848660&gjid=1663037612&cid=1695006570.1719697427&tid=UA-135952122-1&_gid=994160750.1719697427&_r=1&gtm=457e46q0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=60223216

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 640ms
31ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-W3HJBPZBCZ&gtm=45je46q0v9125194207za200&_p=1719697425947&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1695006570.1719697427&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1719697426&sct=1&seg=0&dl=https%3A%2F%2Fexego.app%2FhhN2Dtj&dt=exe.io&en=page_view&_fv=1&_ss=1&tfd=1181&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W3HJBPZBCZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 popunder.gif
rgeredrubygs.info/ 35 B
529 B 23ms
23ms Image
image/gif 104.21.42.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rgeredrubygs.info/popunder.gif
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.42.147 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:46 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 69057
alt-svc: h3=":443"; ma=86400
content-length: 58
pragma: public
last-modified: Sat, 29 Jun 2024 02:32:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cd1j4miXBKm%2FJ3WVA%2Fyf95FR1v%2FQ4OFAoOZjtmzLfol3qcPeuTjCvJPULOx4fCU%2BGEJOCpjTufxBXiBxLpIVsYsAvb4e5iqbxzcznXTQU21CtoEuJjZxwKg1yc5gcs0AxFBqWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
accept-ranges: bytes
cf-ray: 89b91815ba7566f6-AMS

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
368 B 53ms
17ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fexego.app%2F&domain=exego.app&cw=1&lsw=1

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 218741
expires: 0

GET f
fid.agkn.com/ 0
0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 194 B
658 B 462ms
8ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

0f618e42192b869bb1c4cd22f4dd95817fc55e90e01e06b2e538f8bb28e64ca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://exego.app
date: Sat, 29 Jun 2024 21:43:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
418 B 504ms
53ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=yoni5uv&fmt=json
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 091b5dd1e99bb6a88341a1969ac6874aeae835897bf5e0cd96b01ed3c1e8849b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 29 Jun 2024 21:43:47 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://exego.app
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Mon, 29 Jul 2024 21:43:47 GMT

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=27578904%2C27578904&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578904%252C27578904%26t%3D1

0
1 KB

38ms
37ms

Script
application/javascript

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578904%252C27578904%26t%3D1

Requested by

Host: exego.app
URL: https://exego.app/hhN2Dtj

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
an-x-request-uuid: d4e57c95-d6ac-4f79-b187-db02a84d4354
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.150.119; 31.204.150.119; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
an-x-request-uuid: ebaaa96c-51c4-4ebf-9236-1a43e833c3c0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578904%252C27578904%26t%3D1
x-proxy-origin: 31.204.150.119; 31.204.150.119; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=27578927%2C27578927&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578927%252C27578927%26t%3D1

0
1 KB

36ms
35ms

Script
application/javascript

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578927%252C27578927%26t%3D1

Requested by

Host: exego.app
URL: https://exego.app/hhN2Dtj

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
an-x-request-uuid: 9a8133e5-a744-4973-9732-8870f1366ef1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.150.119; 31.204.150.119; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
an-x-request-uuid: f1011165-664e-4bb7-b038-753cdeeddf22
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578927%252C27578927%26t%3D1
x-proxy-origin: 31.204.150.119; 31.204.150.119; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 333ms
19ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fexego.app%2F&domain=exego.app&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://exego.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 29 Jun 2024 21:43:46 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 265418
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H/1.1 200
OK cookie_sync Show response
prebidserver.pixfuture.com/ 904 B
1 KB 561ms
88ms Fetch
application/json 165.227.253.30
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/cookie_sync
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.253.30 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 87a926e726c1cdeccef4313ac68270bbb0e5c39a4aaf1d28c65b1f8329838be1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 904
expires: 0

POST
H/1.1 200
OK auction Show response
prebidserver.pixfuture.com/openrtb2/ 258 B
577 B 626ms
200ms Fetch
application/json 165.227.253.30
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/openrtb2/auction
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.253.30 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 7489bb1f26285ae204a5b967180f5b103b5f6dc074c651ee59a6a92518df9220

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 258
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 496ms
37ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 63d34dd65582e6406cfeff3e063b94af3628b9a5bc9df094827e8cd97ceb962a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://exego.app
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 29 Jun 2024 21:43:47 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 347 B
683 B 608ms
45ms Fetch
application/json 5.135.209.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-5-135-209.eu
Software: /
Resource Hash: b44de73f37998e399e3b2f17c88d8c1240bc279903ebc2f21bcfd8cf890adffa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://exego.app
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 1 KB
2 KB 649ms
102ms Fetch
application/json 2607:f350:3:2569:0:10:0:200a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2212b5d0922aa239d%22%3A%22833199e4bd4003904bc3%7C300x250%7Cf%3D0.3%2Cgpid%3D46330x300x250x7870x_ADSLOT1%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fexego.app%2FhhN2Dtj&s=bfefa13f-1a44-4faf-85fa-00eabef60f52&pv=ea1c8b27-e2fe-4d4e-aa7e-948b5cbc7586&vp=desktop&lib_name=prebid&lib_v=8.49.0&us=0&iqid=%7B%22pcid%22%3A%22b2fd4781-8074-420e-982b-f781eb9b7ca2%22%2C%22pcidDate%22%3A1719697427084%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%221a923fc3-44e4-4f6b-b088-12ed149ee568%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22exego.app%22%2C%22publisher%22%3A%7B%22domain%22%3A%22exego.app%22%7D%2C%22page%22%3A%22https%3A%2F%2Fexego.app%2FhhN2Dtj%22%2C%22cat%22%3A%5B%22IAB6%2CIAB13-6%22%5D%2C%22sectioncat%22%3A%5B%22IAB6%2CIAB13-6%22%5D%2C%22pagecat%22%3A%5B%22IAB6%2CIAB13-6%22%5D%2C%22keywords%22%3A%22exeio%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22nl%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%5B%22126%22%5D%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%5B%228%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22126%22%5D%7D%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%227870%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c1ed27bf-1e7a-47b9-9988-857731c10531%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=exeio&coppa=0

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

6caa142b6fc84d9bbd6a3fd8cb12d901c0d4ff252ca2a1314f7a5a5f26c8c3b4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-192
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 691
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 5 KB
1 KB 690ms
21ms Fetch
application/json 185.239.172.170
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.239.172.170 Tower Hamlets, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 057d71b78ae57bc4cb80ae7ad783a4519299c3827140054fd0b5aae34981e8c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 29 Jun 2024 21:43:47 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://exego.app
Access-Control-Allow-Credentials: true
Permissions-Policy: browsing-topics=()
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1068

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 457 B
968 B 561ms
19ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=400550&zone_id=2245168&size_id=15&p_pos=atf&rp_schain=1.0,1!pixfuture.com,7870,1,,,&eid_pubcid.org=c1ed27bf-1e7a-47b9-9988-857731c10531%5E1&rf=https%3A%2F%2Fexego.app%2FhhN2Dtj&kw=exeio&tg_i.domain=exego.app&tg_i.page=https%3A%2F%2Fexego.app%2FhhN2Dtj&tg_i.cat=IAB6%2CIAB13-6&tg_i.sectioncat=IAB6%2CIAB13-6&tg_i.pagecat=IAB6%2CIAB13-6&tg_i.pbadslot=46330x300x250x7870x_ADSLOT1&tk_flint=pbjs_lite_v8.49.0&x_source.tid=1a923fc3-44e4-4f6b-b088-12ed149ee568&l_pb_bid_id=163bdcd147d76df&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&x_imp.ext.tid=66d66de3-5e33-4e85-9236-51daa90e4d3b&rp_maxbids=1&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.09030254102520341
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2bef393153b730e3cbaa00edbf3822dd89a1718bf68b70a4e2b17e2919772c3f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 457
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 0
210 B 554ms
17ms Fetch 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin: https://exego.app
cache-control: no-cache
access-control-allow-credentials: true
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 50 B
735 B 83ms
34ms Fetch
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
an-x-request-uuid: 58c199db-27b5-4ece-883b-9c8e18979b98
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://exego.app
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.150.119; 31.204.150.119; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 50
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
131 B 568ms
39ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 610828ccb7ff54eea3fa3074e1443996eb30aad95e458b75a8d231a889fd7034

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 29 Jun 2024 21:43:47 GMT
content-encoding: gzip
via: 1.1 google
observe-browsing-topics: ?1
vary: Origin
x-forwarded-for: 31.204.150.119
content-type: text/plain
access-control-allow-origin: https://exego.app
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 24 B
263 B 547ms
41ms Fetch
application/json 52.210.134.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.49.0
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.134.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-134-254.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0b64e52752fb16aa1c3f0a08c36a6ee5bb3c5b3f7467f147a564d21282be62e9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 29 Jun 2024 21:43:47 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://exego.app
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
97 B 578ms
113ms Fetch 3.71.164.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.71.164.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-164-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://exego.app
date: Sat, 29 Jun 2024 21:43:47 GMT
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
109 B 512ms
16ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://exego.app
date: Sat, 29 Jun 2024 21:43:47 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK auction Show response
prebidserver.pixfuture.com/openrtb2/ 258 B
577 B 424ms
253ms Fetch
application/json 165.227.253.30
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/openrtb2/auction
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.253.30 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: db3643f74548ff933039520df8675c10f9c5b28d918e035c9b451cc58dc2d613

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 258
expires: 0

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 5 KB
1 KB 645ms
22ms Fetch
application/json 185.83.69.58
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.69.58 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 9cd27444231695ef812bedaef22bf79db63d5002c939171dd133a64525ba96c4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 29 Jun 2024 21:43:47 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://exego.app
Access-Control-Allow-Credentials: true
Permissions-Policy: browsing-topics=()
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1069

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 24 B
264 B 537ms
40ms Fetch
application/json 52.210.134.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.49.0
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.134.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-134-254.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3b87ea153c102363423dd6e45710f88bfa24489ca620d9919719746c2261e434

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 29 Jun 2024 21:43:47 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://exego.app
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
785 B 485ms
148ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 25ff19eb5fa9f3842638d563f6e0d50d0d7345c156851cd70798634b987ad366

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://exego.app
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 29 Jun 2024 21:43:47 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 347 B
683 B 488ms
46ms Fetch
application/json 5.135.209.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-5-135-209.eu
Software: /
Resource Hash: b44de73f37998e399e3b2f17c88d8c1240bc279903ebc2f21bcfd8cf890adffa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:46 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://exego.app
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 0
211 B 511ms
16ms Fetch 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin: https://exego.app
cache-control: no-cache
access-control-allow-credentials: true
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 50 B
1 KB 42ms
32ms Fetch
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
an-x-request-uuid: 3967d988-38aa-4ec3-9194-5bfc7a5e71a6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://exego.app
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.150.119; 31.204.150.119; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 50
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 1 KB
2 KB 595ms
100ms Fetch
application/json 2607:f350:3:2569:0:10:0:200a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2249dd0bad09ef943%22%3A%22833199e4bd4003904bc3%7C300x250%7Cf%3D0.3%2Cgpid%3D46330x300x250x7870x_ADSLOT2%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fexego.app%2FhhN2Dtj&s=d7ca4577-3bdb-4221-8f91-fd5186a8c1ef&pv=ea1c8b27-e2fe-4d4e-aa7e-948b5cbc7586&vp=desktop&lib_name=prebid&lib_v=8.49.0&us=0&iqid=%7B%22pcid%22%3A%22b2fd4781-8074-420e-982b-f781eb9b7ca2%22%2C%22pcidDate%22%3A1719697427084%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%225dfbc99d-ab10-42cf-b229-dd4c657400c7%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22exego.app%22%2C%22publisher%22%3A%7B%22domain%22%3A%22exego.app%22%7D%2C%22page%22%3A%22https%3A%2F%2Fexego.app%2FhhN2Dtj%22%2C%22cat%22%3A%5B%22IAB6%2CIAB13-6%22%5D%2C%22sectioncat%22%3A%5B%22IAB6%2CIAB13-6%22%5D%2C%22pagecat%22%3A%5B%22IAB6%2CIAB13-6%22%5D%2C%22keywords%22%3A%22exeio%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22nl%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%5B%22126%22%5D%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%5B%228%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22126%22%5D%7D%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%227870%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c1ed27bf-1e7a-47b9-9988-857731c10531%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=exeio&coppa=0

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

2b8248f789cb17dcddc40358bc1c5f8c3d807523515bc74675a0a3f2c51062a7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-118
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 690
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
53 B 509ms
18ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://exego.app
date: Sat, 29 Jun 2024 21:43:46 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
290 B 530ms
38ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 094e18c109b7b2866db70c28b93aa6708aaee296ade7e2e691b0234290630359

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 29 Jun 2024 21:43:46 GMT
content-encoding: gzip
via: 1.1 google
observe-browsing-topics: ?1
vary: Origin
x-forwarded-for: 31.204.150.119
content-type: text/plain
access-control-allow-origin: https://exego.app
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
97 B 566ms
113ms Fetch 3.71.164.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.71.164.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-164-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://exego.app
date: Sat, 29 Jun 2024 21:43:47 GMT
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 457 B
797 B 525ms
33ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=400550&zone_id=2245168&size_id=15&p_pos=atf&rp_schain=1.0,1!pixfuture.com,7870,1,,,&eid_pubcid.org=c1ed27bf-1e7a-47b9-9988-857731c10531%5E1&rf=https%3A%2F%2Fexego.app%2FhhN2Dtj&kw=exeio&tg_i.domain=exego.app&tg_i.page=https%3A%2F%2Fexego.app%2FhhN2Dtj&tg_i.cat=IAB6%2CIAB13-6&tg_i.sectioncat=IAB6%2CIAB13-6&tg_i.pagecat=IAB6%2CIAB13-6&tg_i.pbadslot=46330x300x250x7870x_ADSLOT2&tk_flint=pbjs_lite_v8.49.0&x_source.tid=5dfbc99d-ab10-42cf-b229-dd4c657400c7&l_pb_bid_id=57581dc206f5f9d&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&x_imp.ext.tid=38db5e77-55d3-400d-b522-90900ea37e00&rp_maxbids=1&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.5864976598070557
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 625ce5f6ae8968d7d1cb461f32dcbdbdfe3a7326cde89cdfe320e73bb21770e6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 457
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK auction Show response
prebidserver.pixfuture.com/openrtb2/ 258 B
577 B 497ms
325ms Fetch
application/json 165.227.253.30
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/openrtb2/auction
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.253.30 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 3845499f3c9172948044c78bbe78ebb2f6dd5940c21f14b65af9b444abdf48db

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
x-prebid: pbs-go/unknown
vary: Origin
content-type: application/json
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 258
expires: 0

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
131 B 529ms
38ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 64accddcc5610cad7daff35eb6a7eec2fc944e545a2eeca5f5b064d2d43d67c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 29 Jun 2024 21:43:46 GMT
content-encoding: gzip
via: 1.1 google
observe-browsing-topics: ?1
vary: Origin
x-forwarded-for: 31.204.150.119
content-type: text/plain
access-control-allow-origin: https://exego.app
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
98 B 563ms
111ms Fetch 3.71.164.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.71.164.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-164-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://exego.app
date: Sat, 29 Jun 2024 21:43:47 GMT
access-control-allow-credentials: true

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 1 KB
2 KB 590ms
98ms Fetch
application/json 2607:f350:3:2569:0:10:0:200a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2270050714bde7b99%22%3A%22833199e4bd4003904bc3%7C300x250%7Cf%3D0.3%2Cgpid%3D46330x300x250x7870x_ADSLOT3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fexego.app%2FhhN2Dtj&s=1a19bc3b-5628-4eb5-bb46-9c482f9a240d&pv=ea1c8b27-e2fe-4d4e-aa7e-948b5cbc7586&vp=desktop&lib_name=prebid&lib_v=8.49.0&us=0&iqid=%7B%22pcid%22%3A%22b2fd4781-8074-420e-982b-f781eb9b7ca2%22%2C%22pcidDate%22%3A1719697427084%7D&fpd=%7B%22source%22%3A%7B%22tid%22%3A%228265f343-2ffb-47a9-89fd-aa43ca16d510%22%7D%2C%22site%22%3A%7B%22domain%22%3A%22exego.app%22%2C%22publisher%22%3A%7B%22domain%22%3A%22exego.app%22%7D%2C%22page%22%3A%22https%3A%2F%2Fexego.app%2FhhN2Dtj%22%2C%22cat%22%3A%5B%22IAB6%2CIAB13-6%22%5D%2C%22sectioncat%22%3A%5B%22IAB6%2CIAB13-6%22%5D%2C%22pagecat%22%3A%5B%22IAB6%2CIAB13-6%22%5D%2C%22keywords%22%3A%22exeio%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F126.0.0.0%20Safari%2F537.36%22%2C%22language%22%3A%22nl%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%5B%22126%22%5D%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%5B%228%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22126%22%5D%7D%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%227870%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c1ed27bf-1e7a-47b9-9988-857731c10531%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=exeio&coppa=0

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8c01cc8f4601f7767fa57ca55b1a5cb65f382e192af792183d97f29e3d1b88df

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-151
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 687
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK / Show response
ghb2.adtelligent.com/v2/auction/ 5 KB
1 KB 575ms
89ms Fetch
application/json 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb2.adtelligent.com/v2/auction/
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 46ae4a72bd213a2cf60d94660e7ec0a0dc29463654015c0e1c5ab03984bc2147

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 29 Jun 2024 21:43:47 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://exego.app
Access-Control-Allow-Credentials: true
Permissions-Policy: browsing-topics=()
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1072

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 347 B
683 B 571ms
135ms Fetch
application/json 5.135.209.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-5-135-209.eu
Software: /
Resource Hash: b44de73f37998e399e3b2f17c88d8c1240bc279903ebc2f21bcfd8cf890adffa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://exego.app
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 0
210 B 506ms
17ms Fetch 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin: https://exego.app
cache-control: no-cache
access-control-allow-credentials: true
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 457 B
796 B 505ms
34ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=400550&zone_id=2245168&size_id=15&p_pos=atf&rp_schain=1.0,1!pixfuture.com,7870,1,,,&eid_pubcid.org=c1ed27bf-1e7a-47b9-9988-857731c10531%5E1&rf=https%3A%2F%2Fexego.app%2FhhN2Dtj&kw=exeio&tg_i.domain=exego.app&tg_i.page=https%3A%2F%2Fexego.app%2FhhN2Dtj&tg_i.cat=IAB6%2CIAB13-6&tg_i.sectioncat=IAB6%2CIAB13-6&tg_i.pagecat=IAB6%2CIAB13-6&tg_i.pbadslot=46330x300x250x7870x_ADSLOT3&tk_flint=pbjs_lite_v8.49.0&x_source.tid=8265f343-2ffb-47a9-89fd-aa43ca16d510&l_pb_bid_id=78419f16e023c27&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&x_imp.ext.tid=18bd01f5-f379-47b8-b6f4-54507dc1d8b7&rp_maxbids=1&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.6794621922007997
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2363bee8ac0c3d8437815195af19580b0959d70152274b45e36f8e4698d1b6a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://exego.app
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 457
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
53 B 507ms
40ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://exego.app
date: Sat, 29 Jun 2024 21:43:46 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 50 B
1 KB 63ms
9ms Fetch
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
an-x-request-uuid: 769c6a04-65e1-4031-9359-340ed4d4e11d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://exego.app
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.150.119; 31.204.150.119; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 50
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
785 B 353ms
43ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 28ad9942ec7c5c17978d67001c6f3e53132dc07cbefddbeb17d071c450bf7c47

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:47 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://exego.app
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 29 Jun 2024 21:43:47 GMT

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 24 B
263 B 508ms
43ms Fetch
application/json 52.210.134.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.49.0
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.134.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-134-254.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4895e15eeae2d81bc7b28fd6420f426af0e59726c596267e41da21792ebe0f46

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 29 Jun 2024 21:43:47 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://exego.app
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/ 466 KB
145 KB 72ms
59ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

ecfda2a1a2411ea1f4ad1904a83069d02229ef72ce33c2ba195e2d432ef12757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 22:55:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82092
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148619
x-xss-protection: 0
server: cafe
etag: 15197200631174858937
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 28 Jun 2025 22:55:35 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
481 B 139ms
56ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=exego.app

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

973e8d7f6b287345d56c35379b3ba607c072630da4a513b3483fd2e3081e2b3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 456
x-xss-protection: 0
expires: Sat, 29 Jun 2024 21:43:47 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
269 B 523ms
40ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

8e5b77482b8874ab838ebe343f76a197bd9799b9218fe28b31d3c04c5733641d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://exego.app
date: Sat, 29 Jun 2024 21:43:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1

200
OK

setuid
prebidserver.pixfuture.com/ Frame 6B7B
Redirect Chain

https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&g...
https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=

0
0

290ms
99ms

Document
text/html

165.227.253.30
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.253.30 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html
date: Sat, 29 Jun 2024 21:43:48 GMT
expires: 0
pragma: no-cache
vary: Origin

Redirect headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
content-length: 0
location: https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=
strict-transport-security: max-age=15552000

GET
H2 200 339263271 Show response
fundingchoicesmessages.google.com/i/ 23 KB
10 KB 565ms
21ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/339263271?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406250101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e283542b80bbcdf259c2ee2d437f0451cc7c388842cb895236e7939adb66be1e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-pPRpXNugpXrRdT0tWTbsEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-pPRpXNugpXrRdT0tWTbsEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmII0pBiOHnrNtNFID7vdIfpOhBLfH3JpAXETukzWEOA2Kd-BmscELfePMc6HYg_Pz7H-huIk_6dZy0B4iURF1mPJF5kPfj4IutJIBbi4ZjS0LSFTeDHnH8NTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBmZG5noGpvEFBgCY-D65"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 529.json Show response
id5-sync.com/g/v2/ 251 B
440 B 27ms
26ms Fetch
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/529.json

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

356e3d43f39a13cdbd13e89eaaf3a03e7755ba9cd462f05ad7d17fdc4a8b1531

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://exego.app
date: Sat, 29 Jun 2024 21:43:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin
content-type: application/json

GET
H2 200 pxft_iel.js Show response
cdn.pixfuture.com/ 5 KB
5 KB 39ms
32ms Script
application/javascript 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/pxft_iel.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22de3cfef032de2d4fdb9617e21c37a4e1b94d3c388eacf661428139aac3e19c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16954
cf-bgj: minify
last-modified: Fri, 09 Dec 2022 15:37:52 GMT
server: cloudflare
etag: W/"63935650-139c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FJSk8Vr6ZVKimr0jCM3iyJ%2FimEfhxeSigZnimEUUFyoe8RMO6uV300SpWj8r0Fr0MFtf6JyVpmY89Wg1ehUROFuh6kt%2F10Av%2F72cizqwFBGkleQN3rWmV5f9z%2Bw7cTEaSViDlIbfka45QvOxYyDP"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
cf-ray: 89b9181e3ca80ba6-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 01 Jul 2024 17:01:09 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/ 26 KB
9 KB 554ms
0ms Script
text/javascript 18.244.18.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04da339baae1948d51e6ffcd4f1f118fe304f7aef2884cd164714df856f0e7f0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 0Wki3095rBiC8xDP56.qUYf2JNRTRIn7
content-encoding: gzip
via: 1.1 b88a4e10ec6aa05046ba32d44beb97f2.cloudfront.net (CloudFront)
date: Sat, 29 Jun 2024 02:40:04 GMT
last-modified: Mon, 07 Nov 2022 19:46:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 68625
etag: W/"34bbd675e8b425becff971d5a4756c10"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: gT0pHdUGyECFQ2cyN3vmbCoxgqNHavXcIAIR7rT5muqgKl3vfKAS2g==

GET
H2 200 300x250.gif
cdn.pixfuture.com/banners/ Frame 33C6 206 KB
206 KB 39ms
34ms Image
image/gif 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixfuture.com/banners/300x250.gif
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b40b9489c2730f2416282d63141e3a5f1a4a1c87df05d7c3095d5dfdf784c1f4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16948
content-length: 210847
last-modified: Fri, 01 Sep 2023 13:59:06 GMT
server: cloudflare
etag: "64f1ee2a-3379f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=leIK%2Fh4ywFUJ4F8BeM%2FaWOdXxRA%2Fk5ZWRPQmSsxCLi9DID9aKQXbafw3W8JntOir9jR%2FJcbOAC%2B4XuY%2B5CFccpZ%2F8KHUwSCoVitAMW1N0ZYP%2F43MSMcVxE2qGNKPVl%2BDImzLqn1%2BWccXJLJMFum1"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89b9181e2ca40ba6-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 01 Jul 2024 17:01:09 GMT

POST
H/1.1 200
OK tracking.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ 0
189 B 92ms
91ms XHR
text/plain 161.35.253.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jun 2024 21:43:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 300x250.gif
cdn.pixfuture.com/banners/ Frame 6848 206 KB
0 39ms
34ms Image
image/gif 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixfuture.com/banners/300x250.gif
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b40b9489c2730f2416282d63141e3a5f1a4a1c87df05d7c3095d5dfdf784c1f4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16948
content-length: 210847
last-modified: Fri, 01 Sep 2023 13:59:06 GMT
server: cloudflare
etag: "64f1ee2a-3379f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=leIK%2Fh4ywFUJ4F8BeM%2FaWOdXxRA%2Fk5ZWRPQmSsxCLi9DID9aKQXbafw3W8JntOir9jR%2FJcbOAC%2B4XuY%2B5CFccpZ%2F8KHUwSCoVitAMW1N0ZYP%2F43MSMcVxE2qGNKPVl%2BDImzLqn1%2BWccXJLJMFum1"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89b9181e2ca40ba6-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 01 Jul 2024 17:01:09 GMT

POST
H/1.1 200
OK tracking.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ 0
189 B 162ms
92ms XHR
text/plain 161.35.253.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jun 2024 21:43:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 300x250.gif
cdn.pixfuture.com/banners/ Frame 086F 206 KB
0 39ms
34ms Image
image/gif 2606:4700:20::681a:744
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixfuture.com/banners/300x250.gif
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:744 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b40b9489c2730f2416282d63141e3a5f1a4a1c87df05d7c3095d5dfdf784c1f4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16948
content-length: 210847
last-modified: Fri, 01 Sep 2023 13:59:06 GMT
server: cloudflare
etag: "64f1ee2a-3379f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=leIK%2Fh4ywFUJ4F8BeM%2FaWOdXxRA%2Fk5ZWRPQmSsxCLi9DID9aKQXbafw3W8JntOir9jR%2FJcbOAC%2B4XuY%2B5CFccpZ%2F8KHUwSCoVitAMW1N0ZYP%2F43MSMcVxE2qGNKPVl%2BDImzLqn1%2BWccXJLJMFum1"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=172800, no-transform
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89b9181e2ca40ba6-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 01 Jul 2024 17:01:09 GMT

POST
H/1.1 200
OK tracking.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ 0
189 B 121ms
92ms XHR
text/plain 161.35.253.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jun 2024 21:43:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

setuid
prebidserver.pixfuture.com/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_c...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&...
https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=bfe9d370-9c94-451a-9577-9960b99fbc40

86 B
520 B

108ms
95ms

Image
image/png

165.227.253.30
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=bfe9d370-9c94-451a-9577-9960b99fbc40
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: HTTP/1.1
Server: 165.227.253.30 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Sat, 29 Jun 2024 21:43:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 86
vary: Origin
content-type: image/png

Redirect headers

Location: https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=bfe9d370-9c94-451a-9577-9960b99fbc40
Date: Sat, 29 Jun 2024 21:43:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
971 B 171ms
24ms Fetch
application/json 18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-41.fra56.r.cloudfront.net
Software: /
Resource Hash: c5df855bb7f3551f87eef4460c632047936ad10699f9c1bc5b4495a8751ae9ae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:29:49 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront), 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2, FRA56-P5
age: 69239
x-amzn-requestid: 2f385712-e26a-4ae4-8e82-ec7564de2b34
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: aG6wnH7diYcEsBQ=
content-length: 555
x-amz-cf-id: qQFLexwJxxgB0Z_E3A0dZB8i_OCogltw-7F9zSJ_sIQ5VbxuEvMFSA==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 28 KB
9 KB 187ms
28ms Script
application/javascript 143.204.98.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-94.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59ac7e0e835546751a1acf6fcb71a35bf336b3fee79a513b67bb980effbdb280

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2WLBaaYpKDZubag90IiHLi6VDlDn8DZh
content-encoding: br
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
date: Sat, 29 Jun 2024 13:11:01 GMT
last-modified: Thu, 13 Jun 2024 11:33:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 30768
x-amz-server-side-encryption: AES256
etag: W/"0749653c6819a0e6ec01faf3005bd681"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: hn7cDZV11C187mLJKfk-Wa8mxPCz3YTTocTP9xB4fdzBS0JhpCUGFw==

GET
H2 404 %2FhhN2Dtj Show response
signal-segments.s-onetag.com/desktop/exego.app/ 0
284 B 383ms
225ms Fetch
application/json 13.32.27.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/exego.app/%2FhhN2Dtj
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-44.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:49 GMT
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
content-length: 0
apigw-requestid: aJjzVhtTCYcEPaA=
x-amz-cf-id: Kr5hpfy4Z_O6H7DX-a6iy3oihb2fLn5mp7Kw2TkBpn49fjFOleF-zA==

GET
H2 404 exego.app Show response
signal-segments.s-onetag.com/desktop/ 0
294 B 176ms
24ms Fetch
application/json 13.32.27.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/exego.app
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-44.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 17:54:20 GMT
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 13768
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
content-length: 0
apigw-requestid: aJCL7iW_iYcEMrQ=
x-amz-cf-id: 0_k2uJfKKdY_7bI5yhY6EcETmVdBpgl5WqVSR37d-hd1Vr_1-wMlgA==

GET
H2

200

/
ads.us.e-planning.net/uspd/1/ Frame 0FA3
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID

0
0

59ms
37ms

Document
text/html

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: max-age=0, no-cache
content-length: 741
content-type: text/html
date: Sat, 29 Jun 2024 21:43:49 GMT
expires: Sat, 29 Jun 2024 21:43:49 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-937

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Sat, 29 Jun 2024 21:43:49 GMT
location: /uspd/1/?ct=1&du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-937

GET
H2 200 cookie
cm.adform.net/ Frame C27E 0
0 359ms
46ms Document
image/gif 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D50%26traffic_source%3Dsnippet%26session%3D1FD9C477F9B4A95A%26sp%3D500592%26pb%3D305453%26c%3D709112%26a%3D743293%26domain%3Dhttps%3A%2F%2Fexego.app%2FhhN2Dtj%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D%24UID
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
content-type: image/gif
date: Sat, 29 Jun 2024 21:43:49 GMT
server: nginx

GET
H2 200 pd
pixfuture2-d.openx.net/w/1.0/ Frame F610 0
0 340ms
39ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/pd
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Sat, 29 Jun 2024 21:43:49 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 sync
vid.vidoomy.com/ Frame 5AA8 0
0 592ms
105ms Document
text/html 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D380%26traffic_source%3Dsnippet%26session%3D1FD9C477F9B4A95A%26sp%3D500592%26pb%3D305453%26c%3D632122%26a%3D556847%26domain%3Dhttps%3A%2F%2Fexego.app%2FhhN2Dtj%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D%7B%7BVID%7D%7D
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
content-encoding: gzip
content-type: text/html
date: Sat, 29 Jun 2024 21:43:49 GMT
etag: W/"a9290c6b5f8c75ebc321b414a16a5c2a"
last-modified: Tue, 12 Dec 2023 09:09:26 GMT
server: CDN77-Turbo
vary: Accept-Encoding Accept-Encoding
x-77-age: 289142
x-77-cache: HIT
x-77-nzt: A5ySIYg3Nzf/dmkEANRmOBE3NzfbAdIPAG09WgJkdZwA
x-77-nzt-ray: f6587a1de37604ae15808066c185c12e
x-77-pop: frankfurtDE
x-accel-date: 1719408287
x-accel-date-max: 1703495961
x-accel-expires: @1720445087
x-age: 289142
x-amz-request-id: tx000002fc06539416a6366-0065894919-2bb0e51-prg
x-amz-storage-class: STANDARD
x-cache: HIT
x-rgw-object-type: Normal

GET
H2 204 /
onetag-sys.com/usync/ Frame DD6E 0
0 67ms
52ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1719697428126

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2

200

/
ads.us.e-planning.net/uspd/1/ Frame CF9E
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26traffic_source%3Dsnippet%26session%3D1FD9C477F9B4A95A%26sp%3D500592%26pb%3D305453%26c%3D48412...
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26traffic_source%3Dsnippet%26session%3D1FD9C477F9B4A95A%26sp%3D500592%26pb%3D305453%26c%3D...

0
0

59ms
38ms

Document
text/html

193.3.178.4
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26traffic_source%3Dsnippet%26session%3D1FD9C477F9B4A95A%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fexego.app%2FhhN2Dtj%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D%24UID
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: max-age=0, no-cache
content-length: 845
content-type: text/html
date: Sat, 29 Jun 2024 21:43:49 GMT
expires: Sat, 29 Jun 2024 21:43:49 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-937

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Sat, 29 Jun 2024 21:43:49 GMT
location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26traffic_source%3Dsnippet%26session%3D1FD9C477F9B4A95A%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fexego.app%2FhhN2Dtj%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D%24UID
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: AMS-937

GET
H2 204 /
onetag-sys.com/usync/ Frame 370A 0
0 54ms
53ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D156 0
0 280ms
50ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26traffic_source%3Dsnippet%26session%3D1FD9C477F9B4A95A%26sp%3D500592%26pb%3D305453%26c%3D631382%26a%3D558003%26domain%3Dhttps%3A%2F%2Fexego.app%2FhhN2Dtj%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=66927
content-encoding: gzip
content-length: 5492
content-type: text/html
date: Sat, 29 Jun 2024 21:43:49 GMT
expires: Sun, 30 Jun 2024 16:19:16 GMT
last-modified: Wed, 05 Jun 2024 06:37:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 9A06 0
0 925ms
639ms Document
text/plain 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26traffic_source%3Dsnippet%26session%3D1FD9C477F9B4A95A%26sp%3D500592%26pb%3D305453%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fexego.app%2FhhN2Dtj%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D%26extuid%3D33XUSERID33X
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: 33XP014 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:49 GMT
server: 33XP014
x-33x-status: 2000208

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BEEC 0
0 265ms
51ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: max-age=66927
content-encoding: gzip
content-length: 5492
content-type: text/html
date: Sat, 29 Jun 2024 21:43:49 GMT
expires: Sun, 30 Jun 2024 16:19:16 GMT
last-modified: Wed, 05 Jun 2024 06:37:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 checksync.php
contextual.media.net/ Frame ABAE 0
0 274ms
77ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2055%2C2075%2C2030%2C3020%2C251%2C233%2C2027%2C2026%2C236%2C2069%2C237%2C238%2C359%2C338%2C459%2C70%2C97%2C55%2C77%2C2022%2C3012%2C2043%2C262%2C461%2C244%2C201%2C2039%2C4%2C126%2C203%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=172800
content-encoding: gzip
content-length: 8427
content-type: text/html; charset=UTF-8
date: Sat, 29 Jun 2024 21:43:49 GMT
expires: Mon, 01 Jul 2024 21:43:49 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 71F5 0
0 214ms
41ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 224
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jun 2024 21:43:49 GMT
ETag: "2052a-10d-6142d69a886c0"
Last-Modified: Thu, 21 Mar 2024 15:32:19 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 2F48
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D...
https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=1FD9C477F9B4A95A&sp=500592&pb=305453&c=750708&a=754412&domain=https://exego.app/hhN2Dtj&gdpr=0&gdpr_source=&gdpr_consent...

0
0

332ms
106ms

Document
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=1FD9C477F9B4A95A&sp=500592&pb=305453&c=750708&a=754412&domain=https://exego.app/hhN2Dtj&gdpr=0&gdpr_source=&gdpr_consent=&extuid=0000EEA
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Sat, 29 Jun 2024 21:43:49 GMT
Etag: 7f4098319fcda6e7
Server: Adtelligent

Redirect headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=0, no-cache, no-store
content-length: 154
content-type: text/html
date: Sat, 29 Jun 2024 21:43:49 GMT
expires: Sat, 29 Jun 2024 21:43:49 GMT
location: https://sync.adtelligent.com/csync?t=g&ep=142&traffic_source=snippet&session=1FD9C477F9B4A95A&sp=500592&pb=305453&c=750708&a=754412&domain=https://exego.app/hhN2Dtj&gdpr=0&gdpr_source=&gdpr_consent=&extuid=0000EEA
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma: no-cache
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2: E

GET
H/1.1 200
OK sync.html
s.console.adtarget.com.tr/ Frame 5D48 0
0 524ms
45ms Document
text/html 2a01:4f8:262:3e04::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:262:3e04::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Adtarget /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 980
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jun 2024 21:43:49 GMT
Permissions-Policy: browsing-topics=()
Server: Adtarget
X-Robots-Tag: noindex

GET
H2

200

us.gif
sync.go.sonobi.com/
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=286
https://sync.go.sonobi.com/us.gif?nw=st&nuid=hvlZaYGVXq5YLZk36G9rcR_Mlnc

49 B
444 B

225ms
118ms

Image
image/gif

2607:f350:3:2569:0:10:0:200c
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=st&nuid=hvlZaYGVXq5YLZk36G9rcR_Mlnc

Requested by

Host: exego.app
URL: https://exego.app/hhN2Dtj

Protocol

Server

2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:49 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-192
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=st&nuid=hvlZaYGVXq5YLZk36G9rcR_Mlnc
Date: Sat, 29 Jun 2024 21:43:49 GMT
Connection: keep-alive
Content-Length: 99
Content-Type: text/html; charset=utf-8

GET
H2

200

us.gif
sync.go.sonobi.com/
Redirect Chain

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dif%26nuid%3D[MM_UUID]
https://sync.go.sonobi.com/us.gif?nw=if&nuid=59a06680-8015-4500-ba02-43097856bfb4

49 B
444 B

328ms
127ms

Image
image/gif

2607:f350:3:2569:0:10:0:200c
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=if&nuid=59a06680-8015-4500-ba02-43097856bfb4

Requested by

Host: exego.app
URL: https://exego.app/hhN2Dtj

Protocol

Server

2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:49 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-192
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 29 Jun 2024 21:43:49 GMT
Strict-Transport-Security: 31536000
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: all
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
Referrer-Policy: strict-origin
Server: MT3 1637 26565ec master ord ord-pixel-x13 config_version:"691"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://sync.go.sonobi.com/us.gif?nw=if&nuid=59a06680-8015-4500-ba02-43097856bfb4
Cache-Control: no-cache,no-store,must-revalidate
Keep-Alive: timeout=360

GET
H/1.1 200 7318ffc0e8fa1d771446
aax-eu.amazon-adsystem.com/x/ 47 B
47 B 383ms
95ms Image
text/javascript 52.95.115.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/x/7318ffc0e8fa1d771446

Requested by

Host: exego.app
URL: https://exego.app/hhN2Dtj

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 21:43:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7VRWRTDSDKM3F1RXM4NQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8
Connection: keep-alive
Content-Length: 47

GET
H2

200

us.gif
sync.go.sonobi.com/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=140&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=140&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=62f49af8-ea3c-4674-9cc5-ae2dc4096808-66808015-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=62f49af8-ea3c-4674-9cc5-ae2dc4096808-66808015-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26nuid%3D...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=62f49af8-ea3c-4674-9cc5-ae2dc4096808-66808015-5553&partner_url=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dbs%26n...
https://sync.go.sonobi.com/us.gif?nw=bs&nuid=62f49af8-ea3c-4674-9cc5-ae2dc4096808-66808015-5553&gdpr=0&gdpr_consent=

49 B
783 B

94ms
93ms

Image
image/gif

2607:f350:3:2569:0:10:0:200c
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bs&nuid=62f49af8-ea3c-4674-9cc5-ae2dc4096808-66808015-5553&gdpr=0&gdpr_consent=

Requested by

Host: exego.app
URL: https://exego.app/hhN2Dtj

Protocol

Server

2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:50 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-192
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 29 Jun 2024 21:43:50 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://sync.go.sonobi.com/us.gif?nw=bs&nuid=62f49af8-ea3c-4674-9cc5-ae2dc4096808-66808015-5553&gdpr=0&gdpr_consent=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

us.gif
sync.go.sonobi.com/
Redirect Chain

https://p.rfihub.com/cm?pub=35683&in=1
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5141210831465981879

49 B
445 B

432ms
117ms

Image
image/gif

2607:f350:3:2569:0:10:0:200c
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5141210831465981879

Requested by

Host: exego.app
URL: https://exego.app/hhN2Dtj

Protocol

Server

2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:49 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-192
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5141210831465981879
Date: Sat, 29 Jun 2024 21:43:49 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

us.gif
sync.go.sonobi.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=bfe9d370-9c94-451a-9577-9960b99fbc40&google_hm=YmZlOWQzNzAtOWM5NC00NTFhLTk1NzctOTk2MGI5OWZiYzQw&...
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=sonobi&bsw_param=bfe9d370-9c94-451a-9577-9960b99fbc40&google_hm=YmZlOWQzNzAtOWM5NC00NTFhLTk1NzctOTk2MGI5OWZiYzQ...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEE8KTQnyNVDXjP0yGw7xgd0&google_cver=1&ssp=sonobi&bsw_param=bfe9d370-9c94-451a-9577-9960b99fbc40&gdpr_consent=&gdpr=0
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=bfe9d370-9c94-451a-9577-9960b99fbc40&gdpr=0&gdpr_consent=&us_privacy=

49 B
845 B

127ms
124ms

Image
image/gif

2607:f350:3:2569:0:10:0:200c
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=bfe9d370-9c94-451a-9577-9960b99fbc40&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: exego.app
URL: https://exego.app/hhN2Dtj

Protocol

Server

2607:f350:3:2569:0:10:0:200c , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:49 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-192
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 49
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=bfe9d370-9c94-451a-9577-9960b99fbc40&gdpr=0&gdpr_consent=&us_privacy=
Date: Sat, 29 Jun 2024 21:43:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=f92939a9-bfdf-4787-a0e2-7d1bab3c3d55&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=MW90X1pEb3duNHNRUDVLVlFWa2wwQQ&gdpr=&gdpr_consent=

170 B
232 B

85ms
63ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=MW90X1pEb3duNHNRUDVLVlFWa2wwQQ&gdpr=&gdpr_consent=

Requested by

Host: exego.app
URL: https://exego.app/hhN2Dtj

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: nl-NL
location: https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=MW90X1pEb3duNHNRUDVLVlFWa2wwQQ&gdpr=&gdpr_consent=
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7d68d5c85f-p6hbt
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
243 B 367ms
78ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=ZjkyOTM5YTktYmZkZi00Nzg3LWEwZTItN2QxYmFiM2MzZDU1

Requested by

Host: exego.app
URL: https://exego.app/hhN2Dtj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 29 Jun 2024 21:43:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ 43 B
235 B 86ms
44ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=themediagrid
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 21:43:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ 0
134 B 312ms
38ms Image
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=221544&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D159%26partneruserid%3D%7BUID%7D
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 21:43:49 GMT
Cache-Control: no-store
Server: nginx
Connection: close
Content-Length: 0

GET
H3 200 pixel
capi.connatix.com/us/ 82 B
82 B 236ms
90ms Image
image/gif 172.64.146.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=f92939a9-bfdf-4787-a0e2-7d1bab3c3d55&pId=43&gdpr_consent=&callback=&us_privacy=
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.146.152 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 89b91826b87e0b62-AMS
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 95
alt-svc: h3=":443"; ma=86400

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
148 B 50ms
43ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=0b24fdfc82&gdpr=0&gdpr_consent=
Requested by: Host: exego.app
URL: https://exego.app/hhN2Dtj
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:49 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3 200 fv.ico
exego.app/ 5 KB
2 KB 27ms
25ms Other
image/x-icon 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://exego.app/fv.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55eff9bbf96b84791e00190a79c3791441ee08069953ecff92ff76222c757eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 21:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 419309
alt-svc: h3=":443"; ma=86400
content-length: 1338
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Aug 2019 06:50:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: image/x-icon
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SYhuOwysYsrmH8ubC5rSPk5uXDAus%2FczChKJkLpi8abJHn%2F%2BNh1e3366IdyPWreytmwnupZqyl81K%2Fx7uILVTPJzYxxRTh851rlWAinm8Nep6ERGtNtOlHRencA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 89b9182c2dd8b7c1-AMS
expires: Wed, 25 Jun 2025 01:15:21 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp

Domain: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AS5LTATgZ3FKDPOCClQaN9m74ljwdE41lHi0h5t3SyVFKJzwK0CNioYlShZCqPHw7R5LbHxBjf6P&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S638187697%3A1719697426255084&ddm=0

Domain: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AS5LTASwx63RotPIKDwSg_wNoXggFSsxZpil2UgCOZ3F_XZ_XoDXf_Vx5v7KuxGenV1--DmmN0pm&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2012940179%3A1719697426259407&ddm=0

Domain: fid.agkn.com
URL: https://fid.agkn.com/f?apiKey=2194730263&i4=31.204.150.119&r=https%3A%2F%2Fexego.app%2FhhN2Dtj

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

69 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
exego.app/	1969-12-31 23:59:59	Name: AppSession Value: 58064c54efb8ae603738f22b3e642ade
exego.app/	1969-12-31 23:59:59	Name: csrfToken Value: 44e24325303ed3fa9da816531145b40993fe83e660b1be646e39557b26e912b58ed90a0fce4e01a400ed9568810dad9a937e5b3425b6f5e9540ef60b344348ee
exego.app/	1970-01-21 06:27:13	Name: origin Value: exe
pogothere.xyz/	1970-01-21 06:20:01	Name: csu Value: 363313655543493@1@1719697426
.exego.app/	1970-01-21 06:27:13	Name: cf_clearance Value: tflif94wdYtOmJ7sWN6ZTW8pEzA.fSEqvctEwWX4gq0-1719697426-1.0.1.1-XIp8QCKRT1vZEahkLywNOlu_VOmYAlQhnB_GTVpM8r29cl92Eq1KiOgNczpEoXejckXRkMQ34.QFtCYKE071ag
.exego.app/	1970-01-20 21:43:03	Name: _gid Value: GA1.2.994160750.1719697427
.exego.app/	1970-01-20 21:41:37	Name: _gat_gtag_UA_135952122_1 Value: 1
.exego.app/	1970-01-21 07:17:37	Name: _ga_W3HJBPZBCZ Value: GS1.1.1719697426.1.0.1719697426.0.0.0
.exego.app/	1970-01-21 07:17:37	Name: _ga Value: GA1.1.1695006570.1719697427
.exego.app/	1970-01-21 02:00:49	Name: _pubcid Value: c1ed27bf-1e7a-47b9-9988-857731c10531
.exego.app/	1970-01-21 02:00:49	Name: _pubcid_cst Value: zix7LPQsHA%3D%3D
exego.app/	1970-01-20 21:41:41	Name: _lr_retry_request Value: true
exego.app/	1970-01-20 22:24:49	Name: _lr_env_src_ats Value: false
.agkn.com/	1970-01-21 06:27:13	Name: ab Value: 0001%3AsvLGiE%2BPS%2FeGUUs%2Bdr9PVB%2BIOvxrhzwC
.id5-sync.com/	1970-01-20 23:51:13	Name: id5 Value: 791e9cee-ee21-72a3-be94-4110e60272bd#1719697427356#1
.adnxs.com/	1970-01-21 07:17:37	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:51:13	Name: XANDR_PANID Value: DtiAkJEL9DqZf88kQwXwM_Z8PLMSpdTNntYoXjgYYLBbrqrZeM5RGL_KsLO5TxQ6yvAH9fazFhd0MUeNGBNmSW7CMBGpNM5BsSKjkr7V_DA.
.adnxs.com/	1970-01-20 23:51:13	Name: uuid2 Value: 4217832314998409366
exego.app/	1970-01-20 23:08:01	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-06-29T21%3A43%3A47%22%7D
exego.app/	1970-01-20 23:08:01	Name: pbjs-unifiedid_cst Value: zix7LPQsHA%3D%3D
.adnxs.com/	1970-01-20 23:51:13	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GUiY$hLA!1yIE'Yg-$0y=/d!!'*.$SHIo
prebid.media.net/	1970-01-21 02:00:49	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 06:27:13	Name: khaos Value: LY0NG3Q0-M-APV0
.rubiconproject.com/	1970-01-21 06:27:13	Name: audit Value: 1\|yQuirGeEF6C1WgAmjA4FRefhqFI7AU9U903mtsHdljBfJj6TY/R2ojNFM3QpQPBAQwBUSubxVRNIHHY/eKfzM2RGgOhmcs0aIo8tEQuGXfEijy0RC4Zd8aZr5ZVxLWDe
.go.sonobi.com/	1970-01-20 21:43:03	Name: _usd_exego.app Value: ea1c8b27-e2fe-4d4e-aa7e-948b5cbc7586
apex.go.sonobi.com/	1969-12-31 23:59:59	Name: Value: receive-cookie-deprecation: 1
.go.sonobi.com/	1970-01-20 21:41:37	Name: __uih Value: 1
.go.sonobi.com/	1970-01-20 21:43:03	Name: __uin_z1 Value: 1
.go.sonobi.com/	1970-01-20 21:42:11	Name: __uir_z1 Value: 47162627
.go.sonobi.com/	1970-01-20 22:28:25	Name: __uin_cx Value: 1
.go.sonobi.com/	1970-01-20 22:00:20	Name: __uir_cx Value: 47162627
.go.sonobi.com/	1970-01-20 22:24:49	Name: __uis Value: d64f6ef8-84e9-4648-9291-35261221fd6b
.bidswitch.net/	1970-01-21 06:27:13	Name: tuuid Value: bfe9d370-9c94-451a-9577-9960b99fbc40
.bidswitch.net/	1970-01-21 06:27:13	Name: c Value: 1719697428
.bidswitch.net/	1970-01-21 06:27:13	Name: tuuid_lu Value: 1719697428
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.contextweb.com/	1970-01-21 06:20:01	Name: VP Value: part_fBUitzX5Nwac
.contextweb.com/	1970-01-21 06:27:13	Name: pb_rtb_ev_part Value: 3-1s7s\|7LJ.0.f92939a9-bfdf-4787-a0e2-7d1bab3c3d55
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 283b56275e0412b6
.e-planning.net/	1970-01-21 07:17:37	Name: E Value: ACluEEEArYFHR-1D
.sitescout.com/	1970-01-21 06:27:13	Name: ssi Value: 62f49af8-ea3c-4674-9cc5-ae2dc4096808#1719697429556
.adform.net/	1970-01-20 23:08:01	Name: uid Value: 2220415334915677088
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwNjQxM7W0MLQwtxTiM9Q1CMnLz4py96vMqEwBAPv5j9AlAAAA
.rfihub.com/	1970-01-21 07:03:13	Name: eud Value: H4sIAAAAAAAA_1slymtobmhpZmluYmRpamkMABNYOaQQAAAA
.rfihub.com/	1970-01-21 07:03:13	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwNjQxM7W0MLQwtxTiM9Q1CMnLz4py96vMqEwBAPv5j9AlAAAA
.sitescout.com/	1970-01-20 22:24:49	Name: _ssuma Value: eyIzOSI6MTcxOTY5NzQyOTYxMSwiNyI6MTcxOTY5NzQyOTYxMX0
.mathtag.com/	1970-01-21 07:07:32	Name: uuid Value: 59a06680-8015-4500-ba02-43097856bfb4
sync.srv.stackadapt.com/	1970-01-21 06:27:13	Name: sa-user-id Value: s%3A0-86f95969-8195-5eae-582d-9937e86f6b71.RUs3g4q5Evxjx6U9BlsrC7sKm7gExcnMEQBxSPAFIpc
.srv.stackadapt.com/	1970-01-21 06:27:13	Name: sa-user-id Value: s%3A0-86f95969-8195-5eae-582d-9937e86f6b71.RUs3g4q5Evxjx6U9BlsrC7sKm7gExcnMEQBxSPAFIpc
sync.srv.stackadapt.com/	1970-01-21 06:27:13	Name: sa-user-id-v2 Value: s%3AhvlZaYGVXq5YLZk36G9rcR_Mlnc.EgW78Kp4U8%2BU%2Bl1anW3trGYQMKiJfWFHK5Uzjg9YwQY
.srv.stackadapt.com/	1970-01-21 06:27:13	Name: sa-user-id-v2 Value: s%3AhvlZaYGVXq5YLZk36G9rcR_Mlnc.EgW78Kp4U8%2BU%2Bl1anW3trGYQMKiJfWFHK5Uzjg9YwQY
sync.srv.stackadapt.com/	1970-01-21 06:27:13	Name: sa-user-id-v3 Value: s%3AAQAKIKDfV52IH77KK6zyO_Xc98DPH5W3tG0tPA51q0w0BIUfEHwYBCCVgIK0BjABOgRpr-VwQgSwilS8.o6lwlmQG9iop0eNaxTRhtv0%2F9qhbaeYEIptPY6DBiQw
.srv.stackadapt.com/	1970-01-21 06:27:13	Name: sa-user-id-v3 Value: s%3AAQAKIKDfV52IH77KK6zyO_Xc98DPH5W3tG0tPA51q0w0BIUfEHwYBCCVgIK0BjABOgRpr-VwQgSwilS8.o6lwlmQG9iop0eNaxTRhtv0%2F9qhbaeYEIptPY6DBiQw
prebidserver.pixfuture.com/	1970-01-20 23:51:13	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJlcGxhbm5pbmciOnsidWlkIjoiQUlMU204dGhTRlIwdXhBVCIsImV4cGlyZXMiOiIyMDI0LTA3LTEzVDIxOjQzOjQ5Ljc3NTM4NjA1WiJ9LCJncmlkIjp7InVpZCI6ImJmZTlkMzcwLTljOTQtNDUxYS05NTc3LTk5NjBiOTlmYmM0MCIsImV4cGlyZXMiOiIyMDI0LTA3LTEzVDIxOjQzOjQ4Ljk5ODM2OTUwMVoifX19
.doubleclick.net/	1970-01-21 07:03:13	Name: IDE Value: AHWqTUkXGJisBvRXQLTVhpKjPKF9v_9v4Nh4KLCDMOKzgweeZMGMS8l96iowTQSl8Zk
.adtelligent.com/	1970-01-20 23:55:32	Name: g142 Value: 0000EEA
.adtelligent.com/	1970-01-20 23:55:32	Name: vmuid Value: 6e9ad8d4aa0688a8
.adtelligent.com/	1970-01-20 23:55:32	Name: g90 Value: ACluEEEArYFHR-1D
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85192\|ZoCAG
.go.sonobi.com/	1970-01-20 23:51:13	Name: __uir_bw Value: 202561949195543813
.go.sonobi.com/	1970-01-21 06:27:13	Name: __uin_bw Value: bfe9d370-9c94-451a-9577-9960b99fbc40
.tapad.com/	1970-01-20 23:08:01	Name: TapAd_TS Value: 1719697430239
.tapad.com/	1970-01-20 23:08:01	Name: TapAd_DID Value: aecf9623-4ab8-4cbd-ac55-1bb0ca1caa88
.tapad.com/	1970-01-20 23:08:01	Name: TapAd_3WAY_SYNCS Value:
.creativecdn.com/	1970-01-21 06:27:13	Name: g Value: 8HqdCOuK4fg3HqPvA4Ga_1719697430330
.creativecdn.com/	1970-01-21 06:27:13	Name: ts Value: 1719697430
.go.sonobi.com/	1970-01-20 22:28:25	Name: __uir_bs Value: 202561949195543813
.go.sonobi.com/	1970-01-21 06:27:13	Name: __uin_bs Value: 62f49af8-ea3c-4674-9cc5-ae2dc4096808-66808015-5553
.adtelligent.com/	1970-01-20 23:55:32	Name: g380 Value: f31ab7145e00931aa5bfe8fb7936275e

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://exego.app/hhN2Dtj Message: Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694' from origin 'https://exego.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://exego.app/hhN2Dtj Message: Access to fetch at 'https://fid.agkn.com/f?apiKey=2194730263&i4=31.204.150.119&r=https%3A%2F%2Fexego.app%2FhhN2Dtj' from origin 'https://exego.app' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.
network	error	URL: https://fid.agkn.com/f?apiKey=2194730263&i4=31.204.150.119&r=https%3A%2F%2Fexego.app%2FhhN2Dtj Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://signal-segments.s-onetag.com/desktop/exego.app Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://signal-segments.s-onetag.com/desktop/exego.app/%2FhhN2Dtj Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aax-eu.amazon-adsystem.com
accounts.google.com
ads.pubmatic.com
ads.us.e-planning.net
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
bh.contextweb.com
btlr.sharethrough.com
capi.connatix.com
cdn.cuty.io
cdn.pixfuture.com
cdntechone.com
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
datatechone.com
eus.rubiconproject.com
exe.io
exego.app
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
get.s-onetag.com
getrunkhomuto.info
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
ib.adnxs.com
id5-sync.com
lb.eu-1-id5-sync.com
match.adsrvr.org
onetag-geo.s-onetag.com
onetag-sys.com
p.rfihub.com
pixel-sync.sitescout.com
pixel.tapad.com
pixfuture2-d.openx.net
pogothere.xyz
prebid.media.net
prebidserver.pixfuture.com
prg.smartadserver.com
region1.google-analytics.com
rgeredrubygs.info
rtb.openx.net
s.console.adtarget.com.tr
secure.adnxs.com
securepubads.g.doubleclick.net
sentativesathya.info
served-by.pixfuture.com
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
ssc-cms.33across.com
sync.adkernel.com
sync.adtelligent.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
vid.vidoomy.com
web.hb.ad.cpe.dotomi.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
accounts.google.com
api.rlcdn.com
fid.agkn.com
www.facebook.com
104.21.42.147
108.128.111.241
13.224.132.86
13.32.27.44
142.250.185.226
143.204.98.94
15.197.193.217
161.35.253.218
162.19.138.119
162.19.138.120
165.227.253.30
172.64.146.152
172.67.139.32
18.244.18.114
18.66.112.41
184.30.16.195
184.30.20.22
184.30.22.30
185.239.172.170
185.49.145.45
185.64.189.112
185.83.69.58
185.83.71.234
188.114.96.3
188.114.97.3
193.0.160.130
193.3.178.4
2001:4860:4802:32::178
2001:4860:4802:34::36
208.93.169.131
216.200.232.249
216.58.206.34
23.32.100.25
2602:803:c003:200::21
2606:4700:20::681a:744
2606:4700:20::ac43:4471
2607:f350:3:2569:0:10:0:200a
2607:f350:3:2569:0:10:0:200c
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2008
2a00:1450:4001:81c::200a
2a01:4f8:262:3e04::2
2a02:2638:3::c
2a02:6ea0:c700::17
2a02:fa8:8806:16::1460
2a06:98c1:3121::3
2a0c:5c87:5241::2
3.126.23.23
3.160.150.43
3.71.164.184
34.111.113.62
34.120.63.153
34.36.216.150
35.214.149.91
35.227.252.103
35.244.159.8
37.157.5.133
37.252.171.52
5.135.209.96
51.89.9.251
52.210.134.254
52.95.115.255
54.159.1.74
67.202.105.23
77.245.57.72
04da339baae1948d51e6ffcd4f1f118fe304f7aef2884cd164714df856f0e7f0
057d71b78ae57bc4cb80ae7ad783a4519299c3827140054fd0b5aae34981e8c3
091b5dd1e99bb6a88341a1969ac6874aeae835897bf5e0cd96b01ed3c1e8849b
094e18c109b7b2866db70c28b93aa6708aaee296ade7e2e691b0234290630359
0b64e52752fb16aa1c3f0a08c36a6ee5bb3c5b3f7467f147a564d21282be62e9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f618e42192b869bb1c4cd22f4dd95817fc55e90e01e06b2e538f8bb28e64ca9
1d6d458839b6ff30164af7f207bd45832938dece17a709846e1ff9d8babf9a38
22de3cfef032de2d4fdb9617e21c37a4e1b94d3c388eacf661428139aac3e19c
2363bee8ac0c3d8437815195af19580b0959d70152274b45e36f8e4698d1b6a3
25fb24b2514df1d9bd4626ebed2f4db545df745a636c32263dac0dfc6169c91d
25ff19eb5fa9f3842638d563f6e0d50d0d7345c156851cd70798634b987ad366
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28ad9942ec7c5c17978d67001c6f3e53132dc07cbefddbeb17d071c450bf7c47
2b8248f789cb17dcddc40358bc1c5f8c3d807523515bc74675a0a3f2c51062a7
2bef393153b730e3cbaa00edbf3822dd89a1718bf68b70a4e2b17e2919772c3f
2c64b659cce3c48c7892822eb011f9f4264327092084694522a8dda480d2811f
2eadf84729d331fc54572fe0fa0161b175e2ad2d764fd7846a47cfa195d2eee6
356e3d43f39a13cdbd13e89eaaf3a03e7755ba9cd462f05ad7d17fdc4a8b1531
3845499f3c9172948044c78bbe78ebb2f6dd5940c21f14b65af9b444abdf48db
3b87ea153c102363423dd6e45710f88bfa24489ca620d9919719746c2261e434
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46ae4a72bd213a2cf60d94660e7ec0a0dc29463654015c0e1c5ab03984bc2147
4895e15eeae2d81bc7b28fd6420f426af0e59726c596267e41da21792ebe0f46
4ebe06c8ed09bb00f0f84a6524f1b66e792eeb9e981b2c6a1260c1b986aecce5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55eff9bbf96b84791e00190a79c3791441ee08069953ecff92ff76222c757eab
59ac7e0e835546751a1acf6fcb71a35bf336b3fee79a513b67bb980effbdb280
5ae0d442d77ea9528a5c8162816db73c0ac35e6ebc0d6359b28645565cdac160
5b414a201d433a80079bb11f4efacae1f09b93d28cd3540a543e5c4036626898
5cea69ec2030a73d1dc4e426b71cbaba190f1ea585ac99e3e1b2358a8690f8c8
610828ccb7ff54eea3fa3074e1443996eb30aad95e458b75a8d231a889fd7034
625ce5f6ae8968d7d1cb461f32dcbdbdfe3a7326cde89cdfe320e73bb21770e6
62d0d488d024e7d3ada98c6333d79e108ea7ac12eb4fbcb5df9e18058692318a
63d34dd65582e6406cfeff3e063b94af3628b9a5bc9df094827e8cd97ceb962a
64accddcc5610cad7daff35eb6a7eec2fc944e545a2eeca5f5b064d2d43d67c3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6caa142b6fc84d9bbd6a3fd8cb12d901c0d4ff252ca2a1314f7a5a5f26c8c3b4
7489bb1f26285ae204a5b967180f5b103b5f6dc074c651ee59a6a92518df9220
7cb6e189b5c7fa3bb75d2b7c3f3b9b8628d5890db27ce8fc2f676d7b44ea81be
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87a926e726c1cdeccef4313ac68270bbb0e5c39a4aaf1d28c65b1f8329838be1
8c01cc8f4601f7767fa57ca55b1a5cb65f382e192af792183d97f29e3d1b88df
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5b77482b8874ab838ebe343f76a197bd9799b9218fe28b31d3c04c5733641d
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
91d5b23a2f1e8e6d08bcd05fc5e01d74c219311bf9f3316c63a6d2744bc060ff
925b561dc2edcd51842275b696a7f6e8853429fb72586ede84e3289bbabf3aff
973e8d7f6b287345d56c35379b3ba607c072630da4a513b3483fd2e3081e2b3a
99ab93770b29102ffce4dce48f640b0d261232d55b5fef43e5e85063b13215c3
9cd27444231695ef812bedaef22bf79db63d5002c939171dd133a64525ba96c4
a262c612ba84568eea8e0252800878fe2e18c5041539bf18d0bc5af36662296d
ad7b909be0ac771a93aa56619d42d861b55c5e24b1913b945a6abda3f3b80a4d
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b40b9489c2730f2416282d63141e3a5f1a4a1c87df05d7c3095d5dfdf784c1f4
b44de73f37998e399e3b2f17c88d8c1240bc279903ebc2f21bcfd8cf890adffa
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
baeef4a7228d28a8ba0bd5f8b3c89f820ca963e77876535a8c9d32b877e5bca8
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c5df855bb7f3551f87eef4460c632047936ad10699f9c1bc5b4495a8751ae9ae
c63f2781570d012d67b1e5ed27544bf90097a71ca5ddbbcd86a98a0f52871534
cdc8f77845b009676fe5a08bc9c9295bca9365884e340c5842d45f326f8b2f6c
db3643f74548ff933039520df8675c10f9c5b28d918e035c9b451cc58dc2d613
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e283542b80bbcdf259c2ee2d437f0451cc7c388842cb895236e7939adb66be1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecfda2a1a2411ea1f4ad1904a83069d02229ef72ce33c2ba195e2d432ef12757
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

exego.app Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

129 Requests

88 %HTTPS

26 %IPv6

52 Domains

71 Subdomains

59 IPs

9 Countries

1447 kBTransfer

2881 kBSize

69 Cookies

2 Outgoing links

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

exego.app Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

88 %
HTTPS

26 %
IPv6

52
Domains

71
Subdomains

59
IPs

9
Countries

1447 kB
Transfer

2881 kB
Size

69
Cookies

129 HTTP transactions
0 data transactions