tr1.biketreks.net Open in urlscan Pro
2606:4700:3037::6815:4159 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d
Submission: On December 04 via api (December 4th 2022, 4:08:30 am UTC) from JP — Scanned from JP

Summary HTTP 194 Redirects Links 58 Behaviour Indicators

Summary

This website contacted 55 IPs in 13 countries across 72 domains to perform 194 HTTP transactions. The main IP is 2606:4700:3037::6815:4159, located in United States and belongs to CLOUDFLARENET, US. The main domain is tr1.biketreks.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 29th 2022. Valid for: a year.

This is the only time tr1.biketreks.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:303... 2606:4700:3037::6815:4159	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
1	185.177.94.108 185.177.94.108	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
6	95.216.65.102 95.216.65.102	24940 (HETZNER-AS) (HETZNER-AS)
1 5	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
7	2404:6800:400... 2404:6800:4004:81d::2010	15169 (GOOGLE) (GOOGLE)
1	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
30	2606:4700:1::... 2606:4700:1::6813:884e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
2	2001:41d0:701... 2001:41d0:701:1000::31d2	16276 (OVH) (OVH)
2	209.58.162.206 209.58.162.206	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2 2	109.206.161.21 109.206.161.21	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	23.106.127.39 23.106.127.39	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
4 8	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
7 7	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 4	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	80.77.87.166 80.77.87.166	46636 (NATCOWEB) (NATCOWEB)
1	2606:4700::68... 2606:4700::6810:c749	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
11 14	142.251.42.194 142.251.42.194	15169 (GOOGLE) (GOOGLE)
1 1	34.98.67.3 34.98.67.3	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
7 7	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
1 23	103.231.99.80 103.231.99.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	13.251.221.192 13.251.221.192	16509 (AMAZON-02) (AMAZON-02)
2 2	103.231.99.242 103.231.99.242	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 4	103.231.99.81 103.231.99.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	23.227.145.146 23.227.145.146	55081 (24SHELLS) (24SHELLS)
2	51.79.234.101 51.79.234.101	16276 (OVH) (OVH)
1 1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
1	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
3	23.39.216.189 23.39.216.189	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	64.120.110.136 64.120.110.136	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2 2	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
2 19	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
1 1	54.38.197.123 54.38.197.123	16276 (OVH) (OVH)
7 7	103.43.90.53 103.43.90.53	29990 (ASN-APPNEX) (ASN-APPNEX)
3 4	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:d30... 2a02:6ea0:d300::1	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	63.251.14.14 63.251.14.14	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	103.231.99.243 103.231.99.243	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	13.225.165.113 13.225.165.113	16509 (AMAZON-02) (AMAZON-02)
1	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3 3	103.229.206.241 103.229.206.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	119.9.108.191 119.9.108.191	45187 (RACKSPACE...) (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong)
1 6	3.0.153.43 3.0.153.43	16509 (AMAZON-02) (AMAZON-02)
4 5	107.178.244.193 107.178.244.193	15169 (GOOGLE) (GOOGLE)
1 2	34.142.175.23 34.142.175.23	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	124.146.215.49 124.146.215.49	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	35.213.93.179 35.213.93.179	15169 (GOOGLE) (GOOGLE)
3 3	185.84.60.23 185.84.60.23	198622 (ADFORM) (ADFORM)
3 7	52.73.105.161 52.73.105.161	14618 (AMAZON-AES) (AMAZON-AES)
3	198.206.157.241 198.206.157.241	399668 (E-PLANNING-) (E-PLANNING-)
1	204.93.150.153 204.93.150.153	30081 (CACHENETW...) (CACHENETWORKS)
3	65.9.42.64 65.9.42.64	16509 (AMAZON-02) (AMAZON-02)
1	51.158.28.82 51.158.28.82	12876 (Online SAS) (Online SAS)
2	54.179.142.225 54.179.142.225	16509 (AMAZON-02) (AMAZON-02)
1 1	23.194.224.97 23.194.224.97	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.207.98.70 23.207.98.70	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
8	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	34.117.239.71 34.117.239.71	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	18.176.247.126 18.176.247.126	16509 (AMAZON-02) (AMAZON-02)
1 1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	54.239.33.158 54.239.33.158	16509 (AMAZON-02) (AMAZON-02)
1 2	2406:da18:929... 2406:da18:929:5a00:e0a2:7187:a56d:f5af	16509 (AMAZON-02) (AMAZON-02)
2 3	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1 1	106.10.236.147 106.10.236.147	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
2 2	103.43.90.54 103.43.90.54	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.44.52.187 23.44.52.187	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	52.205.53.251 52.205.53.251	14618 (AMAZON-AES) (AMAZON-AES)
4 4	202.131.200.84 202.131.200.84	17941 (BIT-ISLE ...) (BIT-ISLE Equinix Japan Enterprise K.K.)
1 1	202.131.200.82 202.131.200.82	17941 (BIT-ISLE ...) (BIT-ISLE Equinix Japan Enterprise K.K.)
2 2	2001:df2:a300... 2001:df2:a300:bbbb::135	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	54.95.122.241 54.95.122.241	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	18.176.115.166 18.176.115.166	16509 (AMAZON-02) (AMAZON-02)
1 1	172.104.105.5 172.104.105.5	63949 (LINODE-AP...) (LINODE-AP Linode)
1 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	54.168.116.126 54.168.116.126	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800e... 2620:116:800e:21:a878:7c6e:cf7b:3362	16509 (AMAZON-02) (AMAZON-02)
2 2	52.220.190.50 52.220.190.50	16509 (AMAZON-02) (AMAZON-02)
1 1	18.178.22.21 18.178.22.21	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:fa8:c411... 2a02:fa8:c411:11::730	399104 (CNVR-APAC) (CNVR-APAC)
2 2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
194	55

11 2606:4700:3037::6815:4159 (United States)

ASN13335 (CLOUDFLARENET, US)

tr1.biketreks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
biketreks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.biketreks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.94.108 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-108.ah-server.com

dr5.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.216.65.102 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua

www.bigmp3db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4004:81d::2010 (Australia)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

site2text-2021.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:41d0:701:1000::31d2 (France)

ASN16276 (OVH, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.58.162.206 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.161.21 (Netherlands) 2 redirects

ASN50245 (SERVEREL-AS, US)
PTR: 109.206.161.21.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.39 (Singapore, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 8.39.36.141 (Los Angeles, United States) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.71.131.137 (United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.166 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:c749 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.251.42.194 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.3 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.33.111 (Germany) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.213.12.39 (Tokyo, Japan) 7 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 103.231.99.80 (Japan) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.251.221.192 (Singapore, Singapore) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-221-192.ap-southeast-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.99.242 (Japan) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.231.99.81 (Japan) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.145.146 (Piscataway, United States)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (Palos Park, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.33 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.39.216.189 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-216-189.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.120.110.136 (Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.223.115 (Groningen, Netherlands) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 23.227.139.243 (Piscataway, United States) 2 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.spotim.market	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.197.123 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 103.43.90.53 (Singapore, Singapore) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.253.211 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:d300::1 (Japan)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.14.14 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.99.243 (Japan)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.165.113 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-165-113.nrt12.r.cloudfront.net

cr-p10.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.229.206.241 (Singapore) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.9.108.191 (Hong Kong) 1 redirects

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.0.153.43 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-153-43.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 107.178.244.193 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.142.175.23 (Singapore, Singapore) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 23.175.142.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 124.146.215.49 (Japan) 2 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.93.179 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.84.60.23 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.73.105.161 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-105-161.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.206.157.241 (New York, United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net

s.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.93.150.153 (Arlington Heights, United States)

ASN30081 (CACHENETWORKS, US)

i.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.42.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-64.nrt12.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.28.82 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-82.rev.poneytelecom.eu

js.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.179.142.225 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-142-225.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.194.224.97 (Tokyo, Japan) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-194-224-97.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.207.98.70 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-98-70.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.202.105.23 (Palos Park, United States) 5 redirects

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com

events-ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.176.247.126 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-247-126.ap-northeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.39.36.142 (United States) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.239.33.158 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:da18:929:5a00:e0a2:7187:a56d:f5af (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.182.161 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 106.10.236.147 (Singapore, Singapore) 1 redirects

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: spcms.pbp.vip.sg3.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.43.90.54 (Singapore, Singapore) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.44.52.187 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-52-187.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.205.53.251 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-53-251.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 202.131.200.84 (Japan) 4 redirects

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)

sync-dsp.ad-m.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.131.200.82 (Japan) 1 redirects

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)

sync-tapi.admatrix.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:df2:a300:bbbb::135 (United States) 2 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.95.122.241 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-122-241.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.176.115.166 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-115-166.ap-northeast-1.compute.amazonaws.com

dps.jp.cinarra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.105.5 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1715-5.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.168.116.126 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-116-126.ap-northeast-1.compute.amazonaws.com

adsd-sync.amanad.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:a878:7c6e:cf7b:3362 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.220.190.50 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-190-50.ap-southeast-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.178.22.21 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-22-21.ap-northeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:c411:11::730 (Amsterdam, Netherlands) 2 redirects

ASN399104 (CNVR-APAC, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	pubmatic.com 4 redirects simage2.pubmatic.com — Cisco Umbrella Rank: 611 image8.pubmatic.com — Cisco Umbrella Rank: 594 image2.pubmatic.com — Cisco Umbrella Rank: 815 image4.pubmatic.com — Cisco Umbrella Rank: 843 ads.pubmatic.com — Cisco Umbrella Rank: 474 image6.pubmatic.com — Cisco Umbrella Rank: 658 simage4.pubmatic.com — Cisco Umbrella Rank: 1131	40 KB
30	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8000 c.mgid.com — Cisco Umbrella Rank: 6193 cdn.mgid.com — Cisco Umbrella Rank: 10934 servicer.mgid.com — Cisco Umbrella Rank: 8254 s-img.mgid.com — Cisco Umbrella Rank: 5328 cm.mgid.com — Cisco Umbrella Rank: 1249	227 KB
16	rubiconproject.com 10 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 292 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 832 eus.rubiconproject.com — Cisco Umbrella Rank: 558 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 987 token.rubiconproject.com — Cisco Umbrella Rank: 540	19 KB
15	adtelligent.com 1 redirects s.adtelligent.com — Cisco Umbrella Rank: 8053 sync.adtelligent.com — Cisco Umbrella Rank: 3965	8 KB
14	doubleclick.net 11 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 194	2 KB
12	openx.net 3 redirects rtb.openx.net — Cisco Umbrella Rank: 1403 us-u.openx.net — Cisco Umbrella Rank: 399 jp-u.openx.net — Cisco Umbrella Rank: 9494	2 KB
11	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 706 tags.crwdcntrl.net — Cisco Umbrella Rank: 1156 bcp.crwdcntrl.net — Cisco Umbrella Rank: 853	22 KB
11	biketreks.net tr1.biketreks.net biketreks.net a.biketreks.net	728 KB
10	33across.com 5 redirects ssc-cms.33across.com — Cisco Umbrella Rank: 876 events-ssc.33across.com — Cisco Umbrella Rank: 1962	4 KB
9	adnxs.com 9 redirects ib.adnxs.com — Cisco Umbrella Rank: 204 secure.adnxs.com — Cisco Umbrella Rank: 407	9 KB
7	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 1778	6 KB
7	bidswitch.net 7 redirects x.bidswitch.net — Cisco Umbrella Rank: 274	3 KB
7	adsrvr.org 7 redirects match.adsrvr.org — Cisco Umbrella Rank: 307	4 KB
7	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 383	32 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 874 s.amazon-adsystem.com — Cisco Umbrella Rank: 270	4 KB
6	e-planning.net 1 redirects ads.us.e-planning.net — Cisco Umbrella Rank: 2965 s.e-planning.net — Cisco Umbrella Rank: 4783 i.e-planning.net — Cisco Umbrella Rank: 4852	4 KB
6	adtarget.com.tr 1 redirects s.console.adtarget.com.tr — Cisco Umbrella Rank: 16344 sync.console.adtarget.com.tr	3 KB
6	bigmp3db.com www.bigmp3db.com — Cisco Umbrella Rank: 511682	20 KB
5	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 596 dmp.adform.net — Cisco Umbrella Rank: 3654 cm.adform.net — Cisco Umbrella Rank: 1389	2 KB
5	tapad.com 4 redirects pixel.tapad.com — Cisco Umbrella Rank: 402	840 B
5	id5-sync.com 2 redirects cdn.id5-sync.com — Cisco Umbrella Rank: 1076 id5-sync.com — Cisco Umbrella Rank: 447	22 KB
5	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3665	74 KB
4	ad-m.asia 4 redirects sync-dsp.ad-m.asia — Cisco Umbrella Rank: 2674	1 KB
4	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 434 cms.analytics.yahoo.com — Cisco Umbrella Rank: 804 ups.analytics.yahoo.com — Cisco Umbrella Rank: 272	3 KB
4	360yield.com 4 redirects ad.360yield.com — Cisco Umbrella Rank: 641	1021 B
4	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 550 idsync.rlcdn.com — Cisco Umbrella Rank: 320	881 B
4	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1173 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1397	1 KB
4	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 253524	28 KB
3	mathtag.com 3 redirects sync.mathtag.com — Cisco Umbrella Rank: 442	2 KB
3	ladsp.com 3 redirects cr-p10.ladsp.com — Cisco Umbrella Rank: 545459 cr-p3.ladsp.com — Cisco Umbrella Rank: 25843	2 KB
3	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 548	931 B
2	dotomi.com 2 redirects pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2384	744 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 705	2 KB
2	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 4279	673 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 547	742 B
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 707	959 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 668	901 B
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 905	2 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2087	967 B
2	socdm.com 2 redirects tg.socdm.com — Cisco Umbrella Rank: 826	2 KB
2	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 749	1 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1052	1 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 592	1 KB
2	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 738	434 B
2	tynt.com 1 redirects ic.tynt.com — Cisco Umbrella Rank: 6078 de.tynt.com — Cisco Umbrella Rank: 1429	3 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 739	2 KB
2	pippio.com 2 redirects pippio.com — Cisco Umbrella Rank: 688	717 B
2	e-volution.ai 2 redirects sync.e-volution.ai — Cisco Umbrella Rank: 2552	918 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 629	593 B
1	adtdp.com 1 redirects adsd-sync.amanad.adtdp.com — Cisco Umbrella Rank: 13682	721 B
1	appier.net 1 redirects gocm.c.appier.net — Cisco Umbrella Rank: 1816	395 B
1	cinarra.com dps.jp.cinarra.com — Cisco Umbrella Rank: 19613	220 B
1	uncn.jp 1 redirects ds.uncn.jp — Cisco Umbrella Rank: 18724	455 B
1	admatrix.jp 1 redirects sync-tapi.admatrix.jp — Cisco Umbrella Rank: 94923	500 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 581	191 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 475	465 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 355	570 B
1	cookieless-data.com js.cookieless-data.com — Cisco Umbrella Rank: 4662	535 B
1	spotim.market sync.spotim.market — Cisco Umbrella Rank: 2119	318 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 628	363 B
1	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 3578
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 9294	258 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 873	641 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1348	620 B
1	linksynergy.com 1 redirects tags.rd.linksynergy.com — Cisco Umbrella Rank: 3641	390 B
1	idealmedia.io cm.idealmedia.io — Cisco Umbrella Rank: 18886	143 B
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 1119	651 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 846	347 B
1	web.app site2text-2021.web.app — Cisco Umbrella Rank: 483340	422 B
1	dr5.biz dr5.biz — Cisco Umbrella Rank: 545529	20 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	2 KB
0	nex8.net Failed cs.nex8.net Failed
194	72

	Domain	Requested by
19	simage2.pubmatic.com	ads.pubmatic.com s.adtelligent.com
14	cm.g.doubleclick.net	11 redirects eus.rubiconproject.com us-u.openx.net
13	sync.adtelligent.com	1 redirects s.adtelligent.com ads.pubmatic.com ads.us.e-planning.net s.console.adtarget.com.tr
11	cm.mgid.com	jsc.mgid.com s.adtelligent.com
8	pixel.rubiconproject.com	4 redirects eus.rubiconproject.com
7	a.audrte.com	3 redirects ads.us.e-planning.net a.audrte.com s.adtelligent.com
7	ib.adnxs.com	7 redirects
7	x.bidswitch.net	7 redirects
7	match.adsrvr.org	7 redirects
7	storage.googleapis.com	cdn.zx-adnet.com
6	sync.crwdcntrl.net	1 redirects ads.pubmatic.com bcp.crwdcntrl.net
6	cdn.mgid.com	jsc.mgid.com
6	www.bigmp3db.com	tr1.biketreks.net www.bigmp3db.com
6	a.biketreks.net	tr1.biketreks.net
5	sync.console.adtarget.com.tr	1 redirects s.console.adtarget.com.tr
5	events-ssc.33across.com	de.tynt.com eus.rubiconproject.com us-u.openx.net
5	ssc-cms.33across.com	5 redirects
5	pixel.tapad.com	4 redirects ads.pubmatic.com
5	s-img.mgid.com
5	mc.yandex.ru	1 redirects tr1.biketreks.net mc.yandex.ru
4	jp-u.openx.net	us-u.openx.net
4	sync-dsp.ad-m.asia	4 redirects
4	token.rubiconproject.com	4 redirects
4	us-u.openx.net	de.tynt.com us-u.openx.net
4	rtb.openx.net	3 redirects us-u.openx.net
4	image2.pubmatic.com	1 redirects ads.pubmatic.com
4	ad.360yield.com	4 redirects
4	id5-sync.com	2 redirects cdn.id5-sync.com
4	jsc.mgid.com	www.bigmp3db.com jsc.mgid.com
4	cdn.zx-adnet.com	tr1.biketreks.net cdn.zx-adnet.com
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	tags.crwdcntrl.net	s.e-planning.net tags.crwdcntrl.net
3	s.e-planning.net	ads.us.e-planning.net
3	sync.mathtag.com	3 redirects
3	ads.pubmatic.com	s.adtelligent.com ads.pubmatic.com
3	idsync.rlcdn.com	2 redirects
3	creativecdn.com	2 redirects s.console.adtarget.com.tr
3	biketreks.net	tr1.biketreks.net
2	cm.adform.net	2 redirects
2	pubmatic-match.dotomi.com	2 redirects
2	pm.w55c.net	2 redirects
2	ipac.ctnsnet.com	1 redirects ads.pubmatic.com
2	sync-tm.everesttech.net	2 redirects
2	ad.turn.com	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	secure.adnxs.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects s.adtelligent.com
2	ps.eyeota.net	1 redirects s.adtelligent.com
2	eus.rubiconproject.com	de.tynt.com eus.rubiconproject.com
2	simage4.pubmatic.com	ads.pubmatic.com
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	c1.adform.net	2 redirects
2	a.sportradarserving.com	2 redirects
2	tg.socdm.com	2 redirects
2	um.simpli.fi	1 redirects ads.pubmatic.com
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	cr-p10.ladsp.com	2 redirects
2	image6.pubmatic.com	ads.pubmatic.com
2	ap.lijit.com	2 redirects
2	csync.loopme.me	2 redirects
2	ads.us.e-planning.net	1 redirects s.adtelligent.com
2	onetag-sys.com	s.adtelligent.com
2	image4.pubmatic.com	1 redirects s.adtelligent.com
2	image8.pubmatic.com	2 redirects
2	pippio.com	2 redirects
2	sync.e-volution.ai	2 redirects
2	s.adtelligent.com	cm.mgid.com s.adtelligent.com
2	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
2	lb.eu-1-id5-sync.com	cdn.id5-sync.com
2	servicer.mgid.com	jsc.mgid.com
2	c.mgid.com	jsc.mgid.com
2	tr1.biketreks.net	tr1.biketreks.net
1	ups.analytics.yahoo.com	1 redirects
1	cms.quantserve.com	1 redirects
1	adsd-sync.amanad.adtdp.com	1 redirects
1	gocm.c.appier.net	1 redirects
1	dps.jp.cinarra.com	ads.pubmatic.com
1	ds.uncn.jp	1 redirects
1	cr-p3.ladsp.com	1 redirects
1	sync-tapi.admatrix.jp	1 redirects
1	pixel-sync.sitescout.com	bcp.crwdcntrl.net
1	tags.bluekai.com	bcp.crwdcntrl.net
1	cms.analytics.yahoo.com	1 redirects
1	px.ads.linkedin.com	eus.rubiconproject.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	dmp.adform.net	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	js.cookieless-data.com	s.e-planning.net
1	i.e-planning.net	ads.us.e-planning.net
1	sync.spotim.market	s.adtelligent.com
1	dis.criteo.com	ads.pubmatic.com
1	vid.vidoomy.com	s.adtelligent.com
1	a4p.adpartner.pro	1 redirects
1	de.tynt.com	s.adtelligent.com
1	ic.tynt.com	1 redirects
1	s.console.adtarget.com.tr	s.adtelligent.com
1	odr.mookie1.com
1	sync.inmobi.com	1 redirects
1	tags.rd.linksynergy.com	1 redirects
1	cm.idealmedia.io
1	cs.admanmedia.com	1 redirects
1	id.rlcdn.com
1	ssbsync.smartadserver.com	1 redirects
1	cdn.id5-sync.com	jsc.mgid.com
1	site2text-2021.web.app	storage.googleapis.com
1	dr5.biz	tr1.biketreks.net
1	cdn.jsdelivr.net	tr1.biketreks.net
0	cs.nex8.net Failed	us-u.openx.net
194	109

This site contains links to these domains. Also see Links.

Domain
www.cookiesandyou.com
widgets.mgid.com
www.mgid.com
clck.mgid.com
biketreks.net
ar.biketreks.net
az.biketreks.net
be1.biketreks.net
bg.biketreks.net
bn.biketreks.net
ca1.biketreks.net
cs.biketreks.net
da.biketreks.net
de1.biketreks.net
el1.biketreks.net
es.biketreks.net
et.biketreks.net
ga.biketreks.net
fa.biketreks.net
fi1.biketreks.net
fr1.biketreks.net
hi1.biketreks.net
hr1.biketreks.net
hu1.biketreks.net
id1.biketreks.net
is.biketreks.net
it1.biketreks.net
iw.biketreks.net
ja.biketreks.net
ka.biketreks.net
ko.biketreks.net
kk.biketreks.net
ky.biketreks.net
lb.biketreks.net
lt1.biketreks.net
lv.biketreks.net
ms1.biketreks.net
mr.biketreks.net
nl1.biketreks.net
pl1.biketreks.net
pt1.biketreks.net
ro1.biketreks.net
ru1.biketreks.net
sk1.biketreks.net
sl1.biketreks.net
sq.biketreks.net
sr.biketreks.net
ta1.biketreks.net
te1.biketreks.net
tg.biketreks.net
th1.biketreks.net
tl1.biketreks.net
uk1.biketreks.net
ur1.biketreks.net
uz.biketreks.net
vi1.biketreks.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-29` - `2023-08-29`	a year	crt.sh
ringspirations.com GTS CA 1D4	`2022-10-17` - `2023-01-15`	3 months	crt.sh
0.mo11.biz R3	`2022-10-07` - `2023-01-05`	3 months	crt.sh
www.bigmp3db.com R3	`2022-10-30` - `2023-01-28`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
web.app GTS CA 1D4	`2022-10-19` - `2023-01-17`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-11-28` - `2023-02-26`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2022-11-24` - `2023-02-22`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
ads.us.e-planning.net R3	`2022-10-10` - `2023-01-08`	3 months	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-11-25` - `2023-02-23`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.audrte.com Amazon	`2022-02-24` - `2023-03-24`	a year	crt.sh
*.e-planning.net R3	`2022-10-10` - `2023-01-08`	3 months	crt.sh
i.e-planning.net Sectigo RSA Domain Validation Secure Server CA	`2022-02-23` - `2023-02-03`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.cookieless-data.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-23` - `2023-03-22`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
events-ssc.33across.com GTS CA 1D4	`2022-11-13` - `2023-02-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.jp.cinarra.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-14` - `2023-06-13`	a year	crt.sh
*.ctnsnet.com DigiCert SHA2 Secure Server CA	`2022-09-27` - `2023-03-08`	5 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh
sync.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2022-11-23` - `2023-02-21`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh

This page contains 43 frames:

Primary Page: https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d
Frame ID: CD2BBAFD8532452333043DCF44B19FE2
Requests: 83 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1670126895176238057533
Frame ID: 5E038CABB0B0C24560EF8D3B6C04F1FF
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=754484
Frame ID: C8C2BE13C2D083A47FF453C888366E6D
Requests: 9 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 8B6C7B9622E651A820F45DF69642AFBD
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 3A37370E917FD5762D8A651C27DC7777
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: B4FFF2CF0DF0889FC731F069905653AC
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: FE3441599E4567B4A493AAAA9496923E
Requests: 13 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: F14F3EF272195F19797C1E362FAB2468
Requests: 11 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 12C1EA257D802D3B868434557312FBC0
Requests: 3 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=8cb2a072-c1a7-44d2-a1db-d41273d5726c&gdpr_consent=${GDPR_CONSENT_109}&gdpr=$0
Frame ID: FFF14F3D454D4B6FBBFC6C63FD784815
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=ARnMK6N4VfGuks8ADx3mbENYT88AAAGE21IFnA
Frame ID: FC6248E0414E5C22D2C2F9D9845E0964
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 6402455181467DFCEE0E675B4C3FF7C5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:529e638c-1d30-4800-a061-2ffe4f2d78bc&gdpr=0&gdpr_consent=
Frame ID: 47007583D40696ED4C04DD7E20B69AB7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8519568838365145300&gdpr=0&gdpr_consent=
Frame ID: 7963DEEFAB9A1D57DA21D275C14B99E2
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=695B319A-AA29-4331-855F-58B76C1C785C
Frame ID: ED7C7FB1A08CF70EA61CCAEE5F37AC20
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 6B2593E24EDB654579929C48A035F4D8
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20
Frame ID: 7B2881DFCB902CE3C938A5EF79F3C134
Requests: 1 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 5E3CB26B095AB946403548983155B1B0
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 9B295683C8A0166414DEDD7958832F7B
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AGKFuerrqN-eQ6M7
Frame ID: 0425B8E94F8981FFAF6BFA798D5DCA9D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 66352FDE93965CD609040428869F472D
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 0EABEB971695B92FD5FE948B8A893B46
Requests: 12 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: 6E759024C7E7F7604FA0763222417FE7
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=41%2C106%2C12%2C33%2C54%2C2&c=15238
Frame ID: 66B521F4EB3399EC0B1922CB5DFCA797
Requests: 7 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_393b9b9c-dcaa-4ddf-b530-07496c98ca7f
Frame ID: 8D6584480C6C40F56A87B21F6A423DF2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=45LCqRIeKkM
Frame ID: 4E7A5D4514002738D3DC17BBD917DEAA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4wdMwAADu4fwQAe&gdpr=0&gdpr_consent=&_test=Y4wdMwAADu4fwQAe
Frame ID: BA0C6BD282B428D362E1F7FF9D4F0814
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=695B319A-AA29-4331-855F-58B76C1C785C
Frame ID: D7F713A5C2EB2AF91806F4922E152E81
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=wqhu-JrFAnCuR97_Mx2MYw
Frame ID: F9D9016C7326F60AB453777122A3C3F5
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: D12CFEAF71C684C1D0E5ECDB626F6752
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9b602443746e4c9a936d53e54decfd4f
Frame ID: A5430DDF788435891BB35055A5DA3BB4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=0d5c2ee2-dade-4bb0-8f65-3a276d29371c
Frame ID: F963D6E1C72652D68775B31C63899589
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=S52LxiRsQM9gZJM8ZuQhEdmK_Lo
Frame ID: 4AFC331A3A48A239ED453EE51E93FDCF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: E890437AB3CBE1D8FF8D37846ED3CE68
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:16418FFD98EB40779D74EE2BE3BAD6BA&gdpr=0&gdpr_consent=
Frame ID: 31E76D7F18DB1E162210DAB0EEB3C7C9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MpVQlDXCW8QpxAqSZcBFk2XEDcYplFqRZ5XZGt9c
Frame ID: 6BAE3422C20C949BF00746C93EE302F9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KBmajn6i1P1GiD5&gdpr=0&gdpr_consent=
Frame ID: B87D146DD1798EA5118E75BD35147DD1
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=695B319A-AA29-4331-855F-58B76C1C785C
Frame ID: 029A56E76FACB814BFE0C0F6632FEC6D
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=${UID}
Frame ID: E7CCF2E98B7FF859AD04193CF9637BA0
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4374557369322276802
Frame ID: 0136A844586C603A5286D88082CFD70E
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=admatic
Frame ID: 0D67D66EDBB229EAAF20B906A6D842AB
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=738101&extuid=${UID}
Frame ID: 4E85FB47C6B28CE832BF4D56411BEF1A
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=737566&extuid=4374557369322276802
Frame ID: 0B2AA9BA9F69270289055B0C5E6BB2BA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Atlanta'nın botanik bahçesi gökkuşağı ağaçları ve daha fazlasıyla aydınlanacak - Seyahat - 2022

Detected technologies

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

194
Requests

65 %
HTTPS

16 %
IPv6

72
Domains

109
Subdomains

55
IPs

13
Countries

1257 kB
Transfer

2519 kB
Size

152
Cookies

58 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=tr1.biketreks.net&utm_medium=referral&utm_campaign=widgets&utm_content=1102315

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/14445980/i/57436203/0/pp/1/1?h=Pdtl_4A_OWdn-4DVWu7LMgSjZcT2WmOb9IFXM4SxSM2xNKjYSoUMQyCHuPDZlHsTEI_m_BAttzNwymf3Sa2WRA**&rid=469fee9f-7389-11ed-9cee-2cea7f934475&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&ct=1&gdprApplies=0&muid=mb3fDYNxwg8k&st=540&mp4=1

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/14777672/i/57436203/0/pp/2/1?h=Pdtl_4A_OWdn-4DVWu7LMlm9sAYCgXgOEaeUTMBeKcB8x6fTYKQZs3TgEU7IB3qevwbAbEkScQhudBwCjdBtWw**&rid=469fee9f-7389-11ed-9cee-2cea7f934475&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&ct=1&gdprApplies=0&muid=mb3fDYNxwg8k&st=540&mp4=1

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/14228390/i/57436203/0/pp/3/1?h=Pdtl_4A_OWdn-4DVWu7LMh9EFKhGHsJdK5IuLXcc9-37tTdFAsJJyYwSrK_O_3gAO-97zs2b2Juz41N7qXVPjA**&rid=469fee9f-7389-11ed-9cee-2cea7f934475&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&ct=1&gdprApplies=0&muid=mb3fDYNxwg8k&st=540&mp4=1

Search URL Search Domain Scan URL

URL: https://biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://ar.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://az.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://be1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://bg.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://bn.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://ca1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://cs.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://da.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://de1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://el1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://es.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://et.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://ga.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://fa.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://fi1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://fr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://hi1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://hr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://hu1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://id1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://is.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://it1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://iw.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://ja.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://ka.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://ko.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://kk.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://ky.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://lb.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://lt1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://lv.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://ms1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://mr.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://nl1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://pl1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://pt1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://ro1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://ru1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://sk1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://sl1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://sq.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://sr.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://ta1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://te1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://tg.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://th1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://tl1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://uk1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://ur1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://uz.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

URL: https://vi1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://mc.yandex.ru/watch/85692282?wmode=7&page-url=https%3A%2F%2Ftr1.biketreks.net%2Frainbow-trees-botanical-garden-atlanta-2a2a8e4b0d&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A2080%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1435328482183%3Ahid%3A174910839%3Az%3A0%3Ai%3A20221204040814%3Aet%3A1670126894%3Ac%3A1%3Arn%3A807688602%3Arqn%3A1%3Au%3A1670126894269774293%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C8%2C594%2C273%2C%2C0%2C%2C3%2C0%2C2309%2C2309%2C7%2C2019%3Aco%3A0%3Acpf%3A1%3Ans%3A1670126890247%3Arqnl%3A1%3Ast%3A1670126894%3At%3AAtlanta%27n%C4%B1n%20botanik%20bah%C3%A7esi%20g%C3%B6kku%C5%9Fa%C4%9F%C4%B1%20a%C4%9Fa%C3%A7lar%C4%B1%20ve%20daha%20fazlas%C4%B1yla%20ayd%C4%B1nlanacak%20-%20Seyahat%20-%202022&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/85692282/1?wmode=7&page-url=https%3A%2F%2Ftr1.biketreks.net%2Frainbow-trees-botanical-garden-atlanta-2a2a8e4b0d&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A2080%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1435328482183%3Ahid%3A174910839%3Az%3A0%3Ai%3A20221204040814%3Aet%3A1670126894%3Ac%3A1%3Arn%3A807688602%3Arqn%3A1%3Au%3A1670126894269774293%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C8%2C594%2C273%2C%2C0%2C%2C3%2C0%2C2309%2C2309%2C7%2C2019%3Aco%3A0%3Acpf%3A1%3Ans%3A1670126890247%3Arqnl%3A1%3Ast%3A1670126894%3At%3AAtlanta%27n%C4%B1n%20botanik%20bah%C3%A7esi%20g%C3%B6kku%C5%9Fa%C4%9F%C4%B1%20a%C4%9Fa%C3%A7lar%C4%B1%20ve%20daha%20fazlas%C4%B1yla%20ayd%C4%B1nlanacak%20-%20Seyahat%20-%202022&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 66

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=mb3flAjObx8k HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=1644534851954047200&gdpr=0&gdpr_consent= HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 67

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=12134d82-6555-40d5-91a3-8fc4580855ee&ttl=1672718895

Request Chain 68

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=2pUqImSw9ExqiggV5dYn&pi=mgid&tc=1

Request Chain 70

https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D HTTP 302
https://cm.mgid.com/m?cdsp=675043&c=a631ae7d-c2b4-466c-9713-961c8e2fcc7f

Request Chain 72

https://idsync.rlcdn.com/712107.gif?partner_uid=mb3flAjObx8k& HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKu7KxIYChQIARDDoQoaDG1iM2ZsQWpPYng4axAAGg0Ir7qwnAYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=ba46e89d7711ab40c3655e95939c28b69769865a21329ac10cf02b9dd3b43128791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiYTQ2ZTg5ZDc3MTFhYjQwYzM2NTVlOTU5MzljMjhiNjk3Njk4NjVhMjEzMjlhYzEwY2YwMmI5ZGQzYjQzMTI4NzkxNDI2YjU0MTdkY2UyMRAAGgwIr7qwnAYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiYTQ2ZTg5ZDc3MTFhYjQwYzM2NTVlOTU5MzljMjhiNjk3Njk4NjVhMjEzMjlhYzEwY2YwMmI5ZGQzYjQzMTI4NzkxNDI2YjU0MTdkY2UyMRAAGgwIr7qwnAYSBAgCEABCAEoA&google_gid=CAESEJPJJwpA9KnyiV5S_YQEwwM&google_cver=1 HTTP 307
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
https://idsync.rlcdn.com/458249.gif?partner_uid=6259fafa-ab2d-47de-993c-4d8aeb106541

Request Chain 73

https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://cm.mgid.com/m?cdsp=718337&c=ID5-f4a90qcUg4VCsmRqfNLd1iPzeyVeREuRHavo6eW6Mw

Request Chain 74

https://pixel.rubiconproject.com/exchange/sync.php?p=mgid HTTP 302
https://cm.mgid.com/m?cdsp=43070&c=LB8UFKAB-14-4MJD

Request Chain 75

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19&ssp=mgid&gdpr=&gdpr_consent=

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bWIzZmxBak9ieDhr&muidn=mb3flAjObx8k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bWIzZmxBak9ieDhr&muidn=mb3flAjObx8k&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=mb3flAjObx8k&google_ula={guid},5&google_gid=CAESEM3meNU15ofc-CjTE6thfw8&google_cver=1

Request Chain 77

https://x.bidswitch.net/sync?dsp_id=303&user_id=mb3flAjObx8k HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 78

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
https://cm.mgid.com/m?cdsp=665953&c=bcdec334-daf7-4918-bd59-ee251eada587

Request Chain 79

https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Njk1QjMxOUEtQUEyOS00MzMxLTg1NUYtNThCNzZDMUM3ODVD&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Njk1QjMxOUEtQUEyOS00MzMxLTg1NUYtNThCNzZDMUM3ODVD&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D695B319A-AA29-4331-855F-58B76C1C785C HTTP 302
https://cm.mgid.com/m?cdsp=712807&c=695B319A-AA29-4331-855F-58B76C1C785C

Request Chain 85

https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X HTTP 307
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X

Request Chain 87

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Request Chain 89

https://csync.loopme.me/?pubid=11378&gdpr=$0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=8cb2a072-c1a7-44d2-a1db-d41273d5726c&gdpr_consent=${GDPR_CONSENT_109}&gdpr=$0

Request Chain 90

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=0a043a36-bac7-42a8-918e-bd44aa853c93

Request Chain 91

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5417959740647820928

Request Chain 92

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=bcdec334-daf7-4918-bd59-ee251eada587

Request Chain 93

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1f52cb55-049b-43f5-8383-38eeb2a4a4d9

Request Chain 95

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4883393362692549034

Request Chain 96

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=Fwf4JLZHIpLuupxIS2CSoVHB

Request Chain 97

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
https://cm.mgid.com/m?cdsp=617666&c=d82a417673739a7f

Request Chain 99

https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://cr-p10.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=ARnMK6N4VfGuks8ADx3mbENYT88AAAGE21IFnA

Request Chain 101

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:529e638c-1d30-4800-a061-2ffe4f2d78bc&gdpr=0&gdpr_consent=

Request Chain 102

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8519568838365145300&gdpr=0&gdpr_consent=

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aVsxmqopQzGFX1i3bBx4XA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 105

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=695B319A-AA29-4331-855F-58B76C1C785C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=695B319A-AA29-4331-855F-58B76C1C785C&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 106

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=695B319A-AA29-4331-855F-58B76C1C785C&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=695B319A-AA29-4331-855F-58B76C1C785C&gdpr=0&gdpr_consent=&ct=y

Request Chain 107

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=695B319A-AA29-4331-855F-58B76C1C785C HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=695B319A-AA29-4331-855F-58B76C1C785C HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4a7b6418-b666-4280-b239-391d355b83e3%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=12134d82-6555-40d5-91a3-8fc4580855ee&ttd_puid=4a7b6418-b666-4280-b239-391d355b83e3%2C

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJMhDQym3C0KpZrhIH5Bv0g&google_cver=1

Request Chain 110

https://tg.socdm.com/rtb/sync?proto=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=Y4wdMMCo8YQAALi.h9sAAAAA

Request Chain 111

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6723c727-d8bf-462e-854b-108bd60ebebf&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 112

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=12134d82-6555-40d5-91a3-8fc4580855ee&gdpr=0&gdpr_consent=

Request Chain 113

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4374557369322276802

Request Chain 116

https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy= HTTP 302
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}

Request Chain 130

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Request Chain 131

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670126898359.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D

Request Chain 132

https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=93&user_id=12134d82-6555-40d5-91a3-8fc4580855ee&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19 HTTP 302
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19&ts=1670126898&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 133

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670126898359.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=529e638c-1d30-4800-a061-2ffe4f2d78bc

Request Chain 134

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670126898359.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=4883393362692549034

Request Chain 135

https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=37lBe09v4l5TqiY1ijLr2iWhA&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=37lBe09v4l5TqiY1ijLr2iWhA&gdpr=0&gdpr_consent=

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=37lBe09v4l5TqiY1ijLr2iWhA&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=37lBe09v4l5TqiY1ijLr2iWhA&gdpr=0&gdpr_consent=&google_gid=CAESEGYK0KHH7J3dq_3FdAVNkyE&google_cver=1 HTTP 302
https://a.audrte.com/p

Request Chain 137

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=4374557369322276802 HTTP 302
https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D{PUB_USER_ID}%26p%3D560038091 HTTP 302
https://a.audrte.com/match?uid=bcdec334-daf7-4918-bd59-ee251eada587&p=560038091 HTTP 302
https://a.audrte.com/p

Request Chain 139

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LB8UFKAB-14-4MJD HTTP 302
https://ssc-cms.33across.com/ps/?xi=1&xu=LB8UFKAB-14-4MJD HTTP 302
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LB8UFKAB-14-4MJD&ts=1670126899&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 142

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=12134d82-6555-40d5-91a3-8fc4580855ee&gdpr=0&gdpr_consent=&expires=30

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELQml3r1GFU92jZtEexF5Wc&google_cver=1

Request Chain 144

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB8UFKAB-14-4MJD

Request Chain 145

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vEwH5F_vQjibHTyLo3t_2A&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=vEwH5F_vQjibHTyLo3t_2A

Request Chain 146

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/JhRss-b19HymYdaVqq4r78n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-mI4K7o9E2oIG_.GIcU7XXt7mE6AzhXWeMhwaNA--~A

Request Chain 147

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI4VUZLQUItMTQtNE1KRA==

Request Chain 148

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-nptNDUHTm2xgMRFQrYf4Q&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-nptNDUHTm2xgMRFQrYf4Q

Request Chain 149

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGRiOWRjYzQ3NzI5ODUzYTkxZjgwZmRmYzc3MWYyNDk4MzkyYWI2NA

Request Chain 150

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-kyGHvWVE2pw4_tsQbhmVU16uAdlk2b.jxtk-~A&gdpr=0

Request Chain 151

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=76e9f415853e41bbc5c6c20ce9b2b523&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D4a7b6418-b666-4280-b239-391d355b83e3%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D4a7b6418-b666-4280-b239-391d355b83e3 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4883393362692549034&pt=4a7b6418-b666-4280-b239-391d355b83e3%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D4a7b6418-b666-4280-b239-391d355b83e3 HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=4a7b6418-b666-4280-b239-391d355b83e3

Request Chain 154

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-4b9d8bc6-246c-40cf-6064-933c66e42111$ip$217.138.252.186&gdpr=0&gdpr_consent=

Request Chain 155

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=115545554 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4883393362692549034/gdpr=0/rand=115545554

Request Chain 158

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=-drOphSCyTIOe7RM4OZc7g==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 159

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1 HTTP 302
https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dopenx%26uid%2Dset%3D1%26auid%3D HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1&auid=e2e43f84-d66d-4822-8740-fe4ac8a56548 HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072588&val=VgNU-4FwfIU-l

Request Chain 160

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=529e638c-1d30-4800-a061-2ffe4f2d78bc

Request Chain 161

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3664386443204904844&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 162

https://match.adsrvr.org/track/cmf/openx?oxid=268c449a-bd04-701c-e80f-f8fb33ff6654&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=12134d82-6555-40d5-91a3-8fc4580855ee&ttd_puid=268c449a-bd04-701c-e80f-f8fb33ff6654&gdpr=0&gdpr_consent=

Request Chain 163

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y4wdM8Co8YQAALi.iZ0AAAAA

Request Chain 164

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AayqG0_KJLgqks8ADx3mbENYT88AAAGE21IPdQ

Request Chain 166

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMIWeShKu7k7Ilunf8bwh8I&google_cver=1

Request Chain 168

https://ds.uncn.jp/pm/0/sync HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_393b9b9c-dcaa-4ddf-b530-07496c98ca7f

Request Chain 169

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=45LCqRIeKkM

Request Chain 170

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y4wdMwAADu4fwQAe HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4wdMwAADu4fwQAe&gdpr=0&gdpr_consent=&_test=Y4wdMwAADu4fwQAe

Request Chain 172

https://gocm.c.appier.net/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=wqhu-JrFAnCuR97_Mx2MYw

Request Chain 174

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9b602443746e4c9a936d53e54decfd4f

Request Chain 175

https://adsd-sync.amanad.adtdp.com/pubmaticsync?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=0d5c2ee2-dade-4bb0-8f65-3a276d29371c

Request Chain 176

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=S52LxiRsQM9gZJM8ZuQhEdmK_Lo

Request Chain 177

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0

Request Chain 178

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:16418FFD98EB40779D74EE2BE3BAD6BA&gdpr=0&gdpr_consent=

Request Chain 179

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MpVQlDXCW8QpxAqSZcBFk2XEDcYplFqRZ5XZGt9c

Request Chain 180

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KBmajn6i1P1GiD5&gdpr=0&gdpr_consent=

Request Chain 183

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=695B319A-AA29-4331-855F-58B76C1C785C&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-gY8dDZdE2uUJWx.qCOPRFVSlJNowzHs-~A&gdpr=0&gdpr_consent=

Request Chain 184

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3664386443204904844&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 185

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=695B319A-AA29-4331-855F-58B76C1C785C&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3a674789c6c92281&is_secure=true&networkId=17100&version=1&nuid=695B319A-AA29-4331-855F-58B76C1C785C&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMQiLdcr0BpANQWOESAAAAAAA&expiration=1670213299&nuid=695B319A-AA29-4331-855F-58B76C1C785C&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 187

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4374557369322276802

Request Chain 190

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D737566%26extuid%3D%24UID HTTP 303
https://sync.console.adtarget.com.tr/csync?t=a&ep=737566&extuid=4374557369322276802

Request Chain 191

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=b288e07dd329f4a0

194 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d Show response
tr1.biketreks.net/ 35 KB
7 KB 661ms
594ms Document
text/html 2606:4700:3037::6815:4159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: 32560aceed52e08d95ecd1be2cabc9e7276e615edfe5980909ae6663019f3d6f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 7741ade87a17af64-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 04:08:10 GMT
expires: Mon, 05 Dec 2022 04:08:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnGtVEyguMykYcuO6OxkonPUx8y2mnxOZ9RutODu%2BiB2xe8NmP%2BQo%2FUvgypK3nNMr7hRCCXdQG2ihETw8Xy0DYEhhFhBJ%2BviERLHM7Gnfr4GIUJn8QvuqwLmVp6JOrsJAV%2F%2FsApO55A%2FwAu2qa8pWg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15

GET
H2 200 style.css
biketreks.net/template/barcelona/css/ 154 KB
52 KB 1330ms
1320ms Stylesheet
text/css 2606:4700:3037::6815:4159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biketreks.net/template/barcelona/css/style.css
Requested by: Host: tr1.biketreks.net
URL: https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84e0086cbdee4cd4d92bc8d01957cd7365ed7bc3287a7959d0dadcb087226683

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 23 Sep 2022 14:31:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"26608-5e95908ac43ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TVD0FVpwuN2ANB3RBt8IIJMdLz0PJthwm4NwpR34OoyyBnhnKVLK8bCwix0lx8wZTavYdvTdnKVhPakaas%2BZVE7nQ7PnBPHoVJ7emUQ%2BUp1wghd5sP6Q%2FyEPRZx2bD4BbhrIRxKTZAwrGj%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 7741adec4f17af64-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 04:08:11 GMT

GET
H2 200 yt.css
biketreks.net/template/barcelona/css/ 77 KB
45 KB 1072ms
1063ms Stylesheet
text/css 2606:4700:3037::6815:4159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biketreks.net/template/barcelona/css/yt.css
Requested by: Host: tr1.biketreks.net
URL: https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 862279ce0bbffd34d82ffcc4d6fc83223c76f9f8ee4de9f1b3b498b1ee62556f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 23 Sep 2022 14:31:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"132ab-5e95908b90992"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SL7WVsEu7OvizmoDZl4r9HJpDHh50E4VE6RKychaxf1nJ4MUeEK%2FHpR06F%2FX6v50SFtu3wzGzUlV6CskaKKOoPnlGr4kiv4dmlQYlQfFClq4MPMQjU1x%2F2d1R%2FfLBD7GB6R9s16maTYhLdXH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 7741adec4f18af64-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 04:08:11 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 15ms
9ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: tr1.biketreks.net
URL: https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 31051
x-jsd-version: 3.1.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19142-FRA, cache-tyo11956-TYO
x-jsd-version-type: version
server: cloudflare
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpP9TPheKtoHV7xj%2BUCNHwtO8H3HI0zcjXfU%2FQbfVW71YAPtKsUb7S7WA7VM2RAQdbCie%2BnCXeHlrqbt%2FkBCpyOd5Aj762Ox7bF8yOmUApToTs13%2B6G7D5%2FAFPTc95hHr5k8VQ9M9TR1ycWmEus%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7741adec3afcafe1-NRT

GET
H2 200 atlantas-botanical-garden-will-brighten-up-with-rainbow-trees-and-more.webp
a.biketreks.net/travel/ 130 KB
131 KB 1101ms
1091ms Image
image/webp 2606:4700:3037::6815:4159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.biketreks.net/travel/atlantas-botanical-garden-will-brighten-up-with-rainbow-trees-and-more.webp
Requested by: Host: tr1.biketreks.net
URL: https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00fd4a095944f948ec6e93f6cdbb471f65942a0fff7f16e394c52429aefd9ea5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:12 GMT
cf-cache-status: MISS
last-modified: Tue, 26 Jan 2021 17:24:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "209aa-5b9d0eec86580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dc2t8XUQ0X2Fpm8RaT691ptYuAMNbCFdp1FwbvnqlPdLlMtqaYyW0LUIo%2F8nSOSItZeqwQZG1amAJIesQrIIlfnCKm3AfQ6zpKu5vhhJTvmrd2OC0xnq9zCg1zyPY3bKAgFviCaScMNoIq9azkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7741adedf971af64-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 133546

GET
H2 200 atlantas-botanical-garden-will-brighten-up-with-rainbow-trees-and-more-1.webp
a.biketreks.net/travel/ 53 KB
53 KB 1161ms
1151ms Image
image/webp 2606:4700:3037::6815:4159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.biketreks.net/travel/atlantas-botanical-garden-will-brighten-up-with-rainbow-trees-and-more-1.webp
Requested by: Host: tr1.biketreks.net
URL: https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2111afbadba1893a60d5599326a129b61890e0bcf2f4f13cb136bfcded530271

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:12 GMT
cf-cache-status: MISS
last-modified: Tue, 26 Jan 2021 17:24:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "d35c-5b9d0eec86580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4ba%2Bql%2BGvwo3bblskyVetlCdeZJbk%2FRmRfIJadnMK22ndmxOiyqg9Fnt%2FOdcJbWowlu9QkrdtV8oyUtesIUDcl%2BzNhQgo6wAHrN4H1kNiklARPuTZ31TOH6nsL5AHzMq1n82oe648kY2j%2Bm8Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7741adedf973af64-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54108

GET
H2 200 atlantas-botanical-garden-will-brighten-up-with-rainbow-trees-and-more-2.webp
a.biketreks.net/travel/ 93 KB
94 KB 1105ms
1095ms Image
image/webp 2606:4700:3037::6815:4159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.biketreks.net/travel/atlantas-botanical-garden-will-brighten-up-with-rainbow-trees-and-more-2.webp
Requested by: Host: tr1.biketreks.net
URL: https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e823b1a313dbdfefe6f1b6a72f5e8e2855c38d2007e06b7b8b0aa0e14037221

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:12 GMT
cf-cache-status: MISS
last-modified: Tue, 26 Jan 2021 17:24:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "174ec-5b9d0eec86580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cYPcDepqGk%2BpoJMOa9X%2FX2P72H3MMvIFGAVlD8f0RTlfSfrKRQiUYtRj8rBOxQ0ApYB%2BotXN0%2FuYPCDiZBqIzmp9AqbLYpBG9crtbM2B%2BXgSnCL4mmTGd9TGDjCEGWlYqIvFA5NI3f3qxcK3V8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7741adedf974af64-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95468

GET
H2 200 rocket-loader.min.js Show response
tr1.biketreks.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 5ms
4ms Script
application/javascript 2606:4700:3037::6815:4159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tr1.biketreks.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: tr1.biketreks.net
URL: https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:4159 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6387a18d-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smr1GaKaICzBhMcDNZ3hUwVonM2SXhJ8Rtph7T2%2BH5F17Qzf0jCn69aeBSvwjtqUw%2BQo%2B3S%2Bt9am%2FY16pMESGmBsuUXSki9fzVg5EkzCB6lhy1h4cVg8E1mGeMaIm4We5BJnhvaVGAUA%2BqXUDiM4Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7741adede962af64-NRT
expires: Tue, 06 Dec 2022 04:08:11 GMT

GET
H3 200 scripts.js Show response
biketreks.net/template/barcelona/js/ 177 KB
61 KB 1402ms
1401ms Script
application/javascript 2606:4700:3037::6815:4159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biketreks.net/template/barcelona/js/scripts.js
Requested by: Host: tr1.biketreks.net
URL: https://tr1.biketreks.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22d8234cf8cbc4a9b91789100bf5a0bf8c8fec8be585043e8305915c653fbc15

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 23 Sep 2022 14:31:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2c372-5e95908dc83b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26dY%2B6nDdKw1NYHQjiwV9DZhqRA6JPtDV7aOtqNfNJg5tzv%2Bdno%2BN%2FUzPnQXuLiPTs9lEk6x8OJNFAP8cCFCBbtU2g4oXU%2FvkRxB8lnu6Y8CsDB9L6oVb7aa%2BC9CHopqU1lZlLAqB6Eq7zfV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 7741adf4adb0af67-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 04:08:12 GMT

GET
H2 200 smrcp_19121001.js Show response
cdn.zx-adnet.com/adx/ 145 KB
20 KB 552ms
89ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Requested by

Host: tr1.biketreks.net
URL: https://tr1.biketreks.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0b2dc063ba0e3f0e238d1b63007bcad869cbe77032364ac931768592f99374f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
date: Sun, 04 Dec 2022 04:08:12 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19677
x-served-by: cache-tyo11926-TYO
last-modified: Wed, 09 Nov 2022 12:55:44 GMT
x-timer: S1670126893.729454,VS0,VE86
etag: "0379eb726d6206c827a3aba72b039087492e1a26387e0e0824927a4c08e54306-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
x-cache-hits: 0

GET
H2 200 / Show response
dr5.biz/ 20 KB
20 KB 772ms
247ms Script
application/javascript 185.177.94.108
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dr5.biz/?te=mi4geylcmi5ha3ddf42tsmrq

Requested by

Host: tr1.biketreks.net
URL: https://tr1.biketreks.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.94.108 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-94-108.ah-server.com

Software

nginx /

Resource Hash

f7f98f4a37002af2f9f3c94ce44a063f6dcf1199e983e48f2b1ca65ae35ae9ff

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 04:08:12 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
server: nginx
content-type: application/javascript; charset=UTF-8

GET
DATA 200
OK truncated
/ 41 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 atlantas-botanical-garden-will-brighten-up-with-rainbow-trees-and-more-3.webp
a.biketreks.net/travel/ 126 KB
126 KB 1105ms
1105ms Image
image/webp 2606:4700:3037::6815:4159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.biketreks.net/travel/atlantas-botanical-garden-will-brighten-up-with-rainbow-trees-and-more-3.webp
Requested by: Host: tr1.biketreks.net
URL: https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e4136d1f23f9e1d6c54ce619e9e50bb5a09923284c43f01bc78d49f810e70e5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:13 GMT
cf-cache-status: MISS
last-modified: Tue, 26 Jan 2021 17:24:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1f644-5b9d0eec86580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yf13ZwnIUDboV6kSBsz%2FR0zIyjEcRdYqS30UcaJZqQ8a7siN6Ku8UyYQ%2FdUBlMaEBTEWSLt%2FTGh%2FYRzL5Lpfa8%2F3aB%2BVOp49xLtiJ1EV8i42N5ixaPCgNo4T%2Fv07xUYCc2iMuVzj2oOKXVChy10%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7741adf4edeaaf67-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 128580

GET
H3 200 this-tiny-home-packs-a-killer-view-you-may-never-get-out-of-bed-4.webp
a.biketreks.net/travel/ 31 KB
32 KB 770ms
769ms Image
image/webp 2606:4700:3037::6815:4159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.biketreks.net/travel/this-tiny-home-packs-a-killer-view-you-may-never-get-out-of-bed-4.webp
Requested by: Host: tr1.biketreks.net
URL: https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7848f2af9b612cacba7195a1be5277fc4d053acc0448824f0058199d12c70cf4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:13 GMT
cf-cache-status: MISS
last-modified: Tue, 26 Jan 2021 16:41:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7d16-5b9d052db6780"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eEVvFiJXfNkHXrI3iQBjGtyeS8FhHfMMnMn6Sc7CkiFgCtSP1WdnxbfGsS%2Bw1lEKwVupb2y%2FobBMEF7%2BXZcZTFdmYEehoGsqzvhnnY%2FbbJjUCaVhltB%2FUSD22DrlJDlZDlJ6MiUFaxPO8BXEVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7741adf4edebaf67-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32022

GET
H3 200 how-to-travel-japan-in-a-wheelchair-6.webp
a.biketreks.net/travel/ 122 KB
123 KB 961ms
960ms Image
image/webp 2606:4700:3037::6815:4159
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.biketreks.net/travel/how-to-travel-japan-in-a-wheelchair-6.webp
Requested by: Host: tr1.biketreks.net
URL: https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a295ee7242d6561c2e50d19ecbab9b577baef36b18197ffe26888e8637a4bc4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:13 GMT
cf-cache-status: MISS
last-modified: Tue, 26 Jan 2021 17:05:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1e874-5b9d0aa5b4e80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JC623VCKXzyQMF6AF3%2BWEApffm7bjadKkY0J79HfLriI2vXxpxk4%2FO8Ww6gm19KTKbtFdwXSH6vS0UseyvUG42b5%2FGlJtJUo%2FD4KFM4x9WBhDXFj9XNxkTQuHLqygEOb6YZNnXoFmoGoVM2tfEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7741adf4edecaf67-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 125044

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 26 KB
7 KB 332ms
163ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.9196790748260735

Requested by

Host: tr1.biketreks.net
URL: https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4fbb34391124417f1861fef126cdcfadc1154022333f18a6758ec39cd0b9f649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-served-by: cache-tyo11926-TYO
strict-transport-security: max-age=31556926
content-encoding: br
date: Sun, 04 Dec 2022 04:08:12 GMT
last-modified: Wed, 09 Nov 2022 12:55:44 GMT
x-timer: S1670126893.729454,VS0,VE160
etag: "5192776ee81d109741ecd353d9f00d8e72a8be2eb4295ad0769ef002fbf30768-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache-hits: 0

GET
H2 200 1duwt.min.js Show response
www.bigmp3db.com/ 67 KB
19 KB 1428ms
537ms Script
text/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.min.js?2b8d14b

Requested by

Host: tr1.biketreks.net
URL: https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

699e13c6244135002a4dfcfa941ea01528733b026f5049622933d780f74bf474

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:13 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
duration: 3204349
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Sun, 04-Dec-2022 06:13:13 EET

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 209 KB
72 KB 1243ms
621ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: tr1.biketreks.net
URL: https://tr1.biketreks.net/rainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b93d3ad05d5001b63a353f35b5a76fe1f34032b67f6a9ef426611c285fe7ffc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
etag: "6388ac0c-11e32"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73266
expires: Sun, 04 Dec 2022 05:08:13 GMT

GET
H2 200 mr.js Show response
storage.googleapis.com/s2t-images/ 23 KB
5 KB 209ms
117ms Script
application/javascript 2404:6800:4004:81d::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/s2t-images/mr.js?0.9874576541233975
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81d::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:12 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsPryJzbTaodCLxESG8pq2AitsxhtndIu2xM2DsnWrnoLIBE7QSDYJhB9GneCVShHcFl42StI2LAAcYQ6eStSfkVWnjAsmQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4449
last-modified: Tue, 24 May 2022 13:22:38 GMT
server: UploadServer
etag: "115f5664d494ea5e45aad8061e45949d"
vary: Accept-Encoding
x-goog-generation: 1653398558715037
content-type: application/javascript
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4449
accept-ranges: bytes
expires: Mon, 04 Dec 2023 04:08:12 GMT

GET
H3 200 abs.js Show response
cdn.zx-adnet.com/adx/ 220 B
496 B 78ms
69ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?0.7097747658545768

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
date: Sun, 04 Dec 2022 04:08:12 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 107
x-served-by: cache-tyo11963-TYO
last-modified: Wed, 09 Nov 2022 12:55:44 GMT
x-timer: S1670126893.835233,VS0,VE65
etag: "5fef2687ef3b38d2357073d43abb64a2f46b34fce9295b7d515ee95b7d79cfdb-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
x-cache-hits: 0

GET
H2 200 mr.js Show response
storage.googleapis.com/s2t-images/ 23 KB
4 KB 209ms
118ms Script
application/javascript 2404:6800:4004:81d::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/s2t-images/mr.js?0.1326673273464396
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81d::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:12 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdv1Y1UX4oQAEd23MJIp5lHAY3aZ5E2PEvWQLVv8ik4dZ3GdKBUDWC4pAN0uKWmFs_W3G_fgwo0W9zkHTAWTH8awXQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4449
last-modified: Tue, 24 May 2022 13:22:38 GMT
server: UploadServer
etag: "115f5664d494ea5e45aad8061e45949d"
vary: Accept-Encoding
x-goog-generation: 1653398558715037
content-type: application/javascript
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4449
accept-ranges: bytes
expires: Mon, 04 Dec 2023 04:08:12 GMT

GET
H2 200 mr.js Show response
storage.googleapis.com/s2t-images/ 23 KB
4 KB 210ms
119ms Script
application/javascript 2404:6800:4004:81d::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/s2t-images/mr.js?0.9477883493400399
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81d::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:12 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsJSFNE4HyAf_yTvphqHp3KakdyqqrYogQHMx6GGXc-E3ONt7B549Qza1XlmKKU8sXj2Dakx1o_Pqs_u50cyPlyzw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4449
last-modified: Tue, 24 May 2022 13:22:38 GMT
server: UploadServer
etag: "115f5664d494ea5e45aad8061e45949d"
vary: Accept-Encoding
x-goog-generation: 1653398558715037
content-type: application/javascript
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4449
accept-ranges: bytes
expires: Mon, 04 Dec 2023 04:08:12 GMT

GET
H2 200 mr.js Show response
storage.googleapis.com/s2t-images/ 23 KB
4 KB 209ms
119ms Script
application/javascript 2404:6800:4004:81d::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/s2t-images/mr.js?0.740649862409172
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81d::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:12 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduFjlsj87P3zOgGiPG6-6dkpHwpdZUmYw1RTG5rYOcqoXo9CXvwCLgh-GsMJ521Ew6GcUgoOS8TsbMUtmTzUdOS
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4449
last-modified: Tue, 24 May 2022 13:22:38 GMT
server: UploadServer
etag: "115f5664d494ea5e45aad8061e45949d"
vary: Accept-Encoding
x-goog-generation: 1653398558715037
content-type: application/javascript
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4449
accept-ranges: bytes
expires: Mon, 04 Dec 2023 04:08:12 GMT

GET
H2 200 mr.js Show response
storage.googleapis.com/s2t-images/ 23 KB
4 KB 207ms
117ms Script
application/javascript 2404:6800:4004:81d::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/s2t-images/mr.js?0.8039386834974884
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81d::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:12 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtS7EHITyrN7nEj79j_r_Xo_jTaIezeprRulumIO3Uwo-rA1HbiE61Mm2glqIvmp0XJXsZL7cDYrnPqiByXDiV9EQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4449
last-modified: Tue, 24 May 2022 13:22:38 GMT
server: UploadServer
etag: "115f5664d494ea5e45aad8061e45949d"
vary: Accept-Encoding
x-goog-generation: 1653398558715037
content-type: application/javascript
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4449
accept-ranges: bytes
expires: Mon, 04 Dec 2023 04:08:12 GMT

GET
H2 200 mr.js Show response
storage.googleapis.com/s2t-images/ 23 KB
4 KB 209ms
120ms Script
application/javascript 2404:6800:4004:81d::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/s2t-images/mr.js?0.0022518095133441385
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:81d::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:12 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtcX7jt66vvvLWCXMkgTBvlDynzWDlYwjkWaPGOpR7NuY-XlhET_VAKi8I5CUOd_60baVm1JFGrzcUNRjg9X1o4rA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4449
last-modified: Tue, 24 May 2022 13:22:38 GMT
server: UploadServer
etag: "115f5664d494ea5e45aad8061e45949d"
vary: Accept-Encoding
x-goog-generation: 1653398558715037
content-type: application/javascript
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4449
accept-ranges: bytes
expires: Mon, 04 Dec 2023 04:08:12 GMT

GET
H3 200 mr.js Show response
storage.googleapis.com/s2t-images/ 23 KB
4 KB 154ms
117ms Script
application/javascript 2404:6800:4004:81d::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/s2t-images/mr.js?0.6972691594220399
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/smrcp_19121001.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81d::2010 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:13 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvm0pOPXiXhWknQAlOuUZRlR8mgJOlKcSagbN5lPnZ9Ad45O8HD2ZSmy3_-GzLyZGTuXROKb99chaoophQZkCzU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4449
last-modified: Tue, 24 May 2022 13:22:38 GMT
server: UploadServer
etag: "115f5664d494ea5e45aad8061e45949d"
vary: Accept-Encoding
x-goog-generation: 1653398558715037
content-type: application/javascript
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4449
accept-ranges: bytes
expires: Mon, 04 Dec 2023 04:08:13 GMT

GET
H3 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
475 B 248ms
248ms Script
text/html 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/checkabuse?surl=https%3A%2F%2Ftr1.biketreks.net%2Frainbow-trees-botanical-garden-atlanta-2a2a8e4b0d

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.7097747658545768

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
date: Sun, 04 Dec 2022 04:08:13 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65
x-served-by: cache-tyo11963-TYO
server: Google Frontend
x-timer: S1670126893.931723,VS0,VE245
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: 168baf51652ee1fd105d2e28a64bf60a
cache-control: max-age=3600,public
function-execution-id: jhh9lm9ivj29
accept-ranges: bytes
x-orig-accept-language: jp-JP,jp;q=0.9
x-country-code: JP
x-cache-hits: 0

GET
H2 200 gw_251221.js Show response
site2text-2021.web.app/ 0
422 B 350ms
333ms Script
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://site2text-2021.web.app/gw_251221.js?0.6835200825989218

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/s2t-images/mr.js?0.8039386834974884

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Sun, 04 Dec 2022 04:08:13 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-nrt-rjtf7700063-NRT
server: Google Frontend
x-timer: S1670126893.057093,VS0,VE332
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html
x-cloud-trace-context: 5810539e3ec46ac5f8bc6c87c52fdd35
cache-control: private
function-execution-id: x37286y5ygzx
accept-ranges: bytes
x-orig-accept-language: jp-JP,jp;q=0.9
x-country-code: JP
x-cache-hits: 0

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
269 B 773ms
257ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?2b8d14b

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

23f413691b06ef0ff9abe5da8926dc3ab60d8db081a750489543c4f333511181

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://tr1.biketreks.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 04 Dec 2022 04:08:14 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 966 B
576 B 769ms
259ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?2b8d14b

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

cc42fbad87557d793718e9b6d46cff99798ce807bc4ae2a62d659c8d54979b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://tr1.biketreks.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 04 Dec 2022 04:08:14 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2

200

1 Show response
mc.yandex.ru/watch/85692282/
Redirect Chain

https://mc.yandex.ru/watch/85692282?wmode=7&page-url=https%3A%2F%2Ftr1.biketreks.net%2Frainbow-trees-botanical-garden-atlanta-2a2a8e4b0d&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188ti...
https://mc.yandex.ru/watch/85692282/1?wmode=7&page-url=https%3A%2F%2Ftr1.biketreks.net%2Frainbow-trees-botanical-garden-atlanta-2a2a8e4b0d&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188...

435 B
517 B

314ms
313ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/85692282/1?wmode=7&page-url=https%3A%2F%2Ftr1.biketreks.net%2Frainbow-trees-botanical-garden-atlanta-2a2a8e4b0d&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A2080%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1435328482183%3Ahid%3A174910839%3Az%3A0%3Ai%3A20221204040814%3Aet%3A1670126894%3Ac%3A1%3Arn%3A807688602%3Arqn%3A1%3Au%3A1670126894269774293%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C8%2C594%2C273%2C%2C0%2C%2C3%2C0%2C2309%2C2309%2C7%2C2019%3Aco%3A0%3Acpf%3A1%3Ans%3A1670126890247%3Arqnl%3A1%3Ast%3A1670126894%3At%3AAtlanta%27n%C4%B1n%20botanik%20bah%C3%A7esi%20g%C3%B6kku%C5%9Fa%C4%9F%C4%B1%20a%C4%9Fa%C3%A7lar%C4%B1%20ve%20daha%20fazlas%C4%B1yla%20ayd%C4%B1nlanacak%20-%20Seyahat%20-%202022&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

aba5f58024a60f953904e968805e7aca49662dcf26b32d52abc3db213f7042cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 04-Dec-2022 04:08:14 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tr1.biketreks.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Sun, 04-Dec-2022 04:08:14 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:14 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 04-Dec-2022 04:08:14 GMT
location: /watch/85692282/1?wmode=7&page-url=https%3A%2F%2Ftr1.biketreks.net%2Frainbow-trees-botanical-garden-atlanta-2a2a8e4b0d&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A2080%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1435328482183%3Ahid%3A174910839%3Az%3A0%3Ai%3A20221204040814%3Aet%3A1670126894%3Ac%3A1%3Arn%3A807688602%3Arqn%3A1%3Au%3A1670126894269774293%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A59%2C8%2C594%2C273%2C%2C0%2C%2C3%2C0%2C2309%2C2309%2C7%2C2019%3Aco%3A0%3Acpf%3A1%3Ans%3A1670126890247%3Arqnl%3A1%3Ast%3A1670126894%3At%3AAtlanta%27n%C4%B1n%20botanik%20bah%C3%A7esi%20g%C3%B6kku%C5%9Fa%C4%9F%C4%B1%20a%C4%9Fa%C3%A7lar%C4%B1%20ve%20daha%20fazlas%C4%B1yla%20ayd%C4%B1nlanacak%20-%20Seyahat%20-%202022&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://tr1.biketreks.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 04-Dec-2022 04:08:14 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 310ms
310ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:14 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
etag: "6388ac0c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 04 Dec 2022 05:08:14 GMT

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 257ms
256ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?2b8d14b

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

11772f06041b43e63472fdb8bcb428b2fa194eb1d72649195f899bc14dd0ed8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://tr1.biketreks.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 04 Dec 2022 04:08:14 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 warbletoncouncil.org.1102315.js Show response
jsc.mgid.com/w/a/ 2 KB
1 KB 25ms
11ms Script
text/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
Requested by: Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?2b8d14b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04a2c26f1b5845edddcb26138ad333399884afdf8dcc6bd423dd9d3b46a6b742

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:14 GMT
x-amz-version-id: UfwPJXQE_GpdWT9fa1E7fICn3.qtGioC
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: TN6CPEY797PBKN0P
age: 2700
cf-polished: origSize=2358
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: DC4nVx0SM1gWEyNDP2FJmvLJGvKxOTaTBipSfd1mZjt8i8LVyFy3pOKmQPorT9ykCdk1Bq4hAC4=
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 11:46:43 GMT
server: cloudflare
etag: W/"5a9b0569fcaa0604e3f6efcdb06a031b"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7741ae049a1ee09c-NRT
expires: Sun, 04 Dec 2022 07:08:14 GMT

GET
H3 200 warbletoncouncil.org.1102315.es6.js Show response
jsc.mgid.com/w/a/ 269 KB
77 KB 29ms
25ms Script
text/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43d2f111fe2f889eca75acc81a8d0f74257004f252e523db813a3a059cf476fb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:14 GMT
x-amz-version-id: OkO3uDM5qZgmIrTqQB65chiOOWEzExF7
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: PKTPN21WMGF3DWX6
age: 1547
cf-polished: origSize=275189
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 4PxwM0kHesSXFaKXJwUrYsm8tgyV+VUduEKQOtSk3TmRQmnuCdsKjUoXvlZnzqFWmwCyJQlFdXg=
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 11:46:42 GMT
server: cloudflare
etag: W/"551c8fd59ed86ac80d6d839897c220c8"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7741ae04ee08af40-NRT
expires: Sun, 04 Dec 2022 07:08:14 GMT

GET
H3 200 warbletoncouncil.org.1305779.js Show response
jsc.mgid.com/w/a/ 2 KB
1 KB 13ms
10ms Script
text/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1305779.js
Requested by: Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?2b8d14b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6b37cd8558ed7d315b153c2c53bd0b659b7de19a4b9ee38ab925180d3dec940

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:14 GMT
x-amz-version-id: rphkKlzF.3Xs7jvLX9V3z8rMVFcQobsh
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 127160MTCV11N9HY
age: 6137
cf-polished: origSize=2358
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: a6JvLuFf2nUi69fdm/XY95gCzH+ILWfijv0juzEUKrNR1ncCpU1WmQbejCAwq0IVeAgWlkKnov8=
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 11:53:47 GMT
server: cloudflare
etag: W/"72c981e95beb5b905958502eedce1ec2"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7741ae04ee0aaf40-NRT
expires: Sun, 04 Dec 2022 07:08:14 GMT

GET
H3 200 warbletoncouncil.org.1305779.es6.js Show response
jsc.mgid.com/w/a/ 256 KB
76 KB 18ms
18ms Script
text/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1305779.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1305779.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76d817a261cb69b6ce3782b4328102ac438f56b3959c2e075cf98a9b20fcd514

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:14 GMT
x-amz-version-id: moTD1sgthGCPabo7thdD8CdavazqdnY4
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: Z1FYGH3FGYW93GN5
age: 6137
cf-polished: origSize=262010
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: QuesXnf3yIHsESxtLPKK/Pt/SNgUJoEsuuOf3ScBYTiTwzIRb8vmlESZGA/SilhZPnrDZjjLwwQ=
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 11:53:47 GMT
server: cloudflare
etag: W/"15c427870a12c3bab3f439d074d56cf2"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7741ae050e21af40-NRT
expires: Sun, 04 Dec 2022 07:08:14 GMT

GET
BLOB 200
OK 4502605d-428b-4512-9e89-524c5bd0da1b
https://tr1.biketreks.net/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tr1.biketreks.net/4502605d-428b-4512-9e89-524c5bd0da1b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 4c968d24-57b8-47aa-a1ac-1c1688ba9a90
https://tr1.biketreks.net/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tr1.biketreks.net/4c968d24-57b8-47aa-a1ac-1c1688ba9a90
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK 68708da0-eb1f-4810-aa2a-9a9211ed0be7
https://tr1.biketreks.net/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tr1.biketreks.net/68708da0-eb1f-4810-aa2a-9a9211ed0be7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 26f9a8cd-a42f-4f42-99de-0ac41ef6fd71
https://tr1.biketreks.net/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tr1.biketreks.net/26f9a8cd-a42f-4f42-99de-0ac41ef6fd71
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 / Show response
c.mgid.com/pv/ 0
35 B 194ms
189ms Script
text/plain 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1670126894971952230344&uniqId=071ef&lct=1669161600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Ftr1.biketreks.net%2Frainbow-trees-botanical-garden-atlanta-2a2a8e4b0d&lu=https%3A%2F%2Ftr1.biketreks.net%2Frainbow-trees-botanical-garden-atlanta-2a2a8e4b0d&sessionId=638c1d2f-18586&pageView=1&pvid=184db51ff7b9bcf5baa&site=692293&implVersion=11&dpr=1&tfre=3789
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7741ae059af1e09c-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content d2c06b5b-93a1-4e9a-a65b-50dccd2ce1a3
https://tr1.biketreks.net/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tr1.biketreks.net/d2c06b5b-93a1-4e9a-a65b-50dccd2ce1a3
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content b0373c2a-c925-4e25-a5e1-90cc775cef25
https://tr1.biketreks.net/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tr1.biketreks.net/b0373c2a-c925-4e25-a5e1-90cc775cef25
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 15ms
11ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:14 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1SAKNE8T99VM7FFV
age: 6830
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7741ae05bb13e09c-NRT
expires: Mon, 05 Dec 2022 04:08:14 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
887 B 14ms
10ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:14 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YX26RVNEGW9X6AWK
age: 3205
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7741ae05bb12e09c-NRT
expires: Mon, 05 Dec 2022 04:08:14 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1102315/ 3 KB
2 KB 100ms
93ms Script
application/x-javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1102315/1?pv=5&cbuster=1670126895039773969361&uniqId=071ef&lct=1669161600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=750&h=304&maxw_3=242&maxh_3=258&cols=3&ref=&cxurl=https%3A%2F%2Ftr1.biketreks.net%2Frainbow-trees-botanical-garden-atlanta-2a2a8e4b0d&lu=https%3A%2F%2Ftr1.biketreks.net%2Frainbow-trees-botanical-garden-atlanta-2a2a8e4b0d&sessionId=638c1d2f-18586&pageView=1&pvid=184db51ff7b9bcf5baa&implVersion=11&dpr=1&tfre=3858
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acf568c795b66a2c70374723a2d362e6c6fef6552d85bb9fcdf22cbda90feb48

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7741ae060b55e09c-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/1305779/ 2 KB
1 KB 105ms
102ms Script
application/x-javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1305779/1?mp4=1&ap=1&w=750&h=0&wrongImageSize=1&cols=1&pv=5&cbuster=167012689504298437573&uniqId=06c0c&lct=1669161600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Ftr1.biketreks.net%2Frainbow-trees-botanical-garden-atlanta-2a2a8e4b0d&lu=https%3A%2F%2Ftr1.biketreks.net%2Frainbow-trees-botanical-garden-atlanta-2a2a8e4b0d&sessionId=638c1d2f-18586&pageView=0&pvid=184db51ff7b9bcf5baa&implVersion=11&dpr=1&tfre=3860
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1305779.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac3a78ba0adc63a01cbbbd79fe38baa169867874bd4a9bc9adf2b221a5e4b96f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7741ae060b57e09c-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 256ms
256ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?2b8d14b

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

a9edc112e6eeb10f0f1ef445467bc2df1f549737ff15da29e0c978c9e068c0c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://tr1.biketreks.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 11ms
10ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1SAKNE8T99VM7FFV
age: 6831
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7741ae06afd3af40-NRT
expires: Mon, 05 Dec 2022 04:08:15 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1010 B 11ms
11ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YX26RVNEGW9X6AWK
age: 3206
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7741ae06afd6af40-NRT
expires: Mon, 05 Dec 2022 04:08:15 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC83NDg1OTEvNmFiY...
s-img.mgid.com/g/14445980/492x277/-/ 19 KB
19 KB 24ms
12ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14445980/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC83NDg1OTEvNmFiY2JjNDc3NzkyMGYxMGE3ZWJiODcxN2QwOGRlM2EuanBn.webp?v=1670126895-JeIdfyV-jLscifUvnDxoixFoAPjiu-kRsWP0qS8DRIY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a00dd2997b1b792792b28425424e08c3102aeba4f12a2ae600bfc7937ffc0a47

Request headers

Referer: https://tr1.biketreks.net/
Origin: https://tr1.biketreks.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
cf-cache-status: HIT
last-modified: Sun, 20 Nov 2022 11:55:30 GMT
x-mg-request-uuid: adda172f-8de5-4f0e-9b1d-b8b868c0de96
server: cloudflare
age: 1181565
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7741ae06be6925e6-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19012

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS83MzI1NTcvOWNkM...
s-img.mgid.com/g/14777672/492x277/-/ 9 KB
9 KB 27ms
15ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14777672/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS83MzI1NTcvOWNkMDk1ZmE2NzExMDIzYjRmOTM0MjU4NjNjMTc1ZDkuanBlZw.webp?v=1670126895-RGnEI1X1BPoFsJx_SJzy9tEumc_p14NI-SKas9ciiZw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 094f5f18fb7d89b7fddec4c6b80bf9bd47ff5311c98b41747e3ffb62b88e709c

Request headers

Referer: https://tr1.biketreks.net/
Origin: https://tr1.biketreks.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
cf-cache-status: HIT
last-modified: Fri, 02 Dec 2022 22:34:12 GMT
x-mg-request-uuid: 5695a247-56f0-48ce-b732-4b96b96adca6
server: cloudflare
age: 105611
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7741ae06be6a25e6-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8812

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8yNDczMTkvZDE3Y...
s-img.mgid.com/g/14228390/492x277/-/ 15 KB
15 KB 24ms
12ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14228390/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8yNDczMTkvZDE3YjFiMGUyMDRkYWJhZGI1YjczZjI4M2Y5YTY5MWIucG5n.webp?v=1670126895-CAL88JY7X7ttsoI63G3uNDimNHc2obrEa7RsIF1fOiY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 134b3fb36dfebc5f1e5969377b900c78a52aa31f86e7d5642281822966c027c0

Request headers

Referer: https://tr1.biketreks.net/
Origin: https://tr1.biketreks.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
cf-cache-status: HIT
last-modified: Tue, 04 Oct 2022 06:21:10 GMT
x-mg-request-uuid: cc395d03-a111-40f6-baa8-2e1ef005ddd3
server: cloudflare
age: 348307
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7741ae06be6b25e6-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15180

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
1 KB 164ms
158ms Script
application/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1670126895159568020791
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a933537ad57b717ada330ffec1564f0fcc8e881e7303925252e6b79f7ef9adfa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7741ae06cc41e09c-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 10ms
10ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1305779.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1SAKNE8T99VM7FFV
age: 6831
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7741ae06d800af40-NRT
expires: Mon, 05 Dec 2022 04:08:15 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1010 B 9ms
9ms Image
image/svg+xml 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1305779.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YX26RVNEGW9X6AWK
age: 3206
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7741ae06d801af40-NRT
expires: Mon, 05 Dec 2022 04:08:15 GMT

GET
H2 204 i-noref.js Show response
cm.mgid.com/ Frame 5E03 0
35 B 155ms
154ms Script
text/plain 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1670126895176238057533
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:15 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7741ae06dc53e09c-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 57 KB
17 KB 22ms
10ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/w/a/warbletoncouncil.org.1102315.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: C33Q4G5XM6X5RJ6E
age: 3222
etag: W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7741ae06fe8de0ec-NRT
x-amz-id-2: LyYM3CXP9CAyBEZhch3ou/98JdiLXiDC+ql/3IpljILuZVAnEjo/nb9uzgK/VmqnRcET+z9v5Po=

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvMjQ3MzE5LzE1NTQzM...
s-img.mgid.com/g/14228378/200x200/-/ 9 KB
9 KB 16ms
11ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14228378/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvMjQ3MzE5LzE1NTQzMjQ1ZjI5OWM5Mzc3MTAzMDgyYTRhNTY4ODgzLnBuZw.webp?v=1670126895-afg9WrRY3DxhhwnJ3Vrjw4nGgpfj9kIpngmVCT873tk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23076d9331642ba72ee05b761bfc9eb9765dce75f8e4b2dd5902fe50b7d0d396

Request headers

Referer: https://tr1.biketreks.net/
Origin: https://tr1.biketreks.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
cf-cache-status: HIT
last-modified: Tue, 04 Oct 2022 06:24:38 GMT
x-mg-request-uuid: 4c6d3d13-34fe-4906-8dbc-71656e8bb28e
server: cloudflare
age: 2294418
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7741ae06eb78268d-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9020

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvMjQ3MzE5L2Y4ZTkxM...
s-img.mgid.com/g/14379227/200x200/-/ 5 KB
5 KB 14ms
9ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14379227/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTAvMjQ3MzE5L2Y4ZTkxMmI1MmZhM2Q0ZTU2NGQwMGNkN2IyYjU4NDZkLnBuZw.webp?v=1670126895-Tzc3DVKFMXzlARtknqWRoeAeBGgxcqCmF5XDX2-Voe0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dcf684cff677890e71ecff954c567942982da8480f6f969495595b884c1dfe

Request headers

Referer: https://tr1.biketreks.net/
Origin: https://tr1.biketreks.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
cf-cache-status: HIT
last-modified: Wed, 19 Oct 2022 13:23:36 GMT
x-mg-request-uuid: 4af5a7ff-a1eb-4a6e-a1be-1e99b4e480d7
server: cloudflare
age: 1996487
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7741ae06eb79268d-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5134

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 744ms
246ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

6eaa2cf517eb6701f65d475bb770034b7d5529784a3728a73d9c09b6ec74dc05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tr1.biketreks.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tr1.biketreks.net
date: Sun, 04 Dec 2022 04:08:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
231 B 786ms
260ms XHR
application/json 2001:41d0:701:1000::31d2
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::31d2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7ad9308d30e2a9a87c3eb37ce8707216f92e817d78d5bdd349423f2502cd4024

Request headers

Referer: https://tr1.biketreks.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tr1.biketreks.net
date: Sun, 4 Dec 2022 04:08:15 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 783ms
261ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

6eaa2cf517eb6701f65d475bb770034b7d5529784a3728a73d9c09b6ec74dc05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tr1.biketreks.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tr1.biketreks.net
date: Sun, 04 Dec 2022 04:08:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
231 B 1027ms
261ms XHR
application/json 2001:41d0:701:1000::31d2
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::31d2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 1b3fc7994db431ccd3283912363695f293f2fb3469e7ef425a15aa0d1a8636fb

Request headers

Referer: https://tr1.biketreks.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tr1.biketreks.net
date: Sun, 4 Dec 2022 04:08:16 GMT
content-length: 54
vary: Origin
content-type: application/json

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 263ms
262ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?2b8d14b

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

5df1163d3788d988f41ad5d4407d745c9b61eb28ff23df372e628a63a437c887

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://tr1.biketreks.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: cloudflare-nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame C8C2 3 KB
2 KB 1074ms
85ms Document
text/html 209.58.162.206
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=754484
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1670126895159568020791
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.162.206 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4e281bde4e28ce15307239b87bb3a0608dd163b52013cb0d7e2e6c159aac3ad2

Request headers

Referer: https://tr1.biketreks.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://tr1.biketreks.net
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1281
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Dec 2022 04:08:15 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H/1.1

200
OK

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=mb3flAjObx8k
https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=1644534851954047200&gdpr=0&gdpr_consent=
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

42 B
709 B

138ms
111ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0963d041a95f271fbba7f411adc03573
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 04:08:16 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=12134d82-6555-40d5-91a3-8fc4580855ee&ttl=1672718895

43 B
365 B

165ms
165ms

Image
image/gif

2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=12134d82-6555-40d5-91a3-8fc4580855ee&ttl=1672718895
Protocol: H3
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7741ae08092caf40-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=12134d82-6555-40d5-91a3-8fc4580855ee&ttl=1672718895
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 205

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=2pUqImSw9ExqiggV5dYn&pi=mgid&tc=1

43 B
412 B

170ms
170ms

Image
image/gif

2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=2pUqImSw9ExqiggV5dYn&pi=mgid&tc=1
Protocol: H3
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7741ae0dae06af40-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=2pUqImSw9ExqiggV5dYn&pi=mgid&tc=1
pragma: no-cache
date: Sun, 04 Dec 2022 04:08:16 GMT, Sun, 04 Dec 2022 04:08:16 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 712056.gif
id.rlcdn.com/ 42 B
340 B 173ms
150ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/712056.gif?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://cs.admanmedia.com/e4e1f5fe20753b6b614cda48b7e3c9f7.gif?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D675043%26c%3D%5BUID%5D
https://cm.mgid.com/m?cdsp=675043&c=a631ae7d-c2b4-466c-9713-961c8e2fcc7f

43 B
396 B

161ms
161ms

Image
image/gif

2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=675043&c=a631ae7d-c2b4-466c-9713-961c8e2fcc7f
Protocol: H3
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7741ae0b4c34af40-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 04:08:15 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: DENY
Location: https://cm.mgid.com/m?cdsp=675043&c=a631ae7d-c2b4-466c-9713-961c8e2fcc7f
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
143 B 278ms
258ms Image
image/gif 2606:4700::6810:c749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=mb3flAjObx8k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7741ae07ee32264b-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: image/gif

GET
H3

200

458249.gif
idsync.rlcdn.com/
Redirect Chain

https://idsync.rlcdn.com/712107.gif?partner_uid=mb3flAjObx8k&
https://idsync.rlcdn.com/1000.gif?memo=CKu7KxIYChQIARDDoQoaDG1iM2ZsQWpPYng4axAAGg0Ir7qwnAYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=ba46e89d7711ab40c3655e95939c28b69769865a21329ac10cf02b9dd3b43128791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiYTQ2ZTg5ZDc3MTFhYjQwYzM2NTVlOTU5MzljMjhiNjk3Njk4NjVhMjEzMjlhYzEwY2YwMmI5ZGQzYjQzMTI4NzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiYTQ2ZTg5ZDc3MTFhYjQwYzM2NTVlOTU5MzljMjhiNjk3Njk4NjVhMjEzMjlhYzEwY2YwMmI5ZGQzYjQzMTI4NzkxNDI2YjU0MTdkY2UyMRAAGgwIr7qwnAYSBAgCEABCAEoA&goog...
https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
https://idsync.rlcdn.com/458249.gif?partner_uid=6259fafa-ab2d-47de-993c-4d8aeb106541

42 B
60 B

150ms
150ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/458249.gif?partner_uid=6259fafa-ab2d-47de-993c-4d8aeb106541
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:16 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/458249.gif?partner_uid=6259fafa-ab2d-47de-993c-4d8aeb106541
date: Sun, 04 Dec 2022 04:08:16 GMT
via: 1.1 google
x-samesite: secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
content-type: text/html; charset=utf-8

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=&redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D718337%26c%3D%7BID5UID%7D%0D%0A%0D%0A
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://cm.mgid.com/m?cdsp=718337&c=ID5-f4a90qcUg4VCsmRqfNLd1iPzeyVeREuRHavo6eW6Mw

43 B
427 B

167ms
167ms

Image
image/gif

2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=718337&c=ID5-f4a90qcUg4VCsmRqfNLd1iPzeyVeREuRHavo6eW6Mw
Protocol: H3
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7741ae130b26af40-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=718337&c=ID5-f4a90qcUg4VCsmRqfNLd1iPzeyVeREuRHavo6eW6Mw
date: Sun, 04 Dec 2022 04:08:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=mgid
https://cm.mgid.com/m?cdsp=43070&c=LB8UFKAB-14-4MJD

43 B
380 B

166ms
166ms

Image
image/gif

2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=43070&c=LB8UFKAB-14-4MJD
Protocol: H3
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7741ae0aaba2af40-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.mgid.com/m?cdsp=43070&c=LB8UFKAB-14-4MJD
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0963d041a95f271fbba7f411adc03573
Expires: 0

GET
H2

200

sync
odr.mookie1.com/t/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19&ssp=mgid&gdpr=&gdpr_consent=

43 B
641 B

49ms
39ms

Image
image/gif

35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19&ssp=mgid&gdpr=&gdpr_consent=
Protocol: H2
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:15 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19&ssp=mgid&gdpr=&gdpr_consent=
Date: Sun, 04 Dec 2022 04:08:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bWIzZmxBak9ieDhr&muidn=mb3flAjObx8k
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bWIzZmxBak9ieDhr&muidn=mb3flAjObx8k&google_tc=
https://cm.mgid.com/google?muidn=mb3flAjObx8k&google_ula={guid},5&google_gid=CAESEM3meNU15ofc-CjTE6thfw8&google_cver=1

0
121 B

159ms
158ms

Image
text/plain

2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=mb3flAjObx8k&google_ula={guid},5&google_gid=CAESEM3meNU15ofc-CjTE6thfw8&google_cver=1
Protocol: H3
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7741ae09daefaf40-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.mgid.com/google?muidn=mb3flAjObx8k&google_ula={guid},5&google_gid=CAESEM3meNU15ofc-CjTE6thfw8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=mb3flAjObx8k
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19&gdpr=&gdpr_consent=&gdpr_pd=

1 B
395 B

11ms
3ms

Image
text/html

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 04 Dec 2022 04:08:14 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sun, 04 Dec 2022 04:08:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
https://cm.mgid.com/m?cdsp=665953&c=bcdec334-daf7-4918-bd59-ee251eada587

43 B
381 B

167ms
167ms

Image
image/gif

2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=665953&c=bcdec334-daf7-4918-bd59-ee251eada587
Protocol: H3
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7741ae0acbb5af40-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=665953&c=bcdec334-daf7-4918-bd59-ee251eada587
access-control-allow-origin: *
date: Sun, 04 Dec 2022 04:08:15 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mg...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Njk1QjMxOUEtQUEyOS00MzMxLTg1NUYtNThCNzZDMUM3ODVD&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Njk1QjMxOUEtQUEyOS00MzMxLTg1NUYtNThCNzZDMUM3ODVD&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D695B319A-AA29-4331-855F-58B76C1C785C
https://cm.mgid.com/m?cdsp=712807&c=695B319A-AA29-4331-855F-58B76C1C785C

43 B
380 B

158ms
158ms

Image
image/gif

2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=712807&c=695B319A-AA29-4331-855F-58B76C1C785C
Protocol: H3
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7741ae09fb09af40-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

location: https://cm.mgid.com/m?cdsp=712807&c=695B319A-AA29-4331-855F-58B76C1C785C
date: Sun, 04 Dec 2022 04:08:14 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 462 B
1 KB 521ms
249ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

e7fb281109e6a8b09ea9e5ce23720fa80fbbfb8e76dc5d5a0e17b8a551fea46a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tr1.biketreks.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Dec 2022 04:08:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://tr1.biketreks.net
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H3 200 c
c.mgid.com/ 43 B
213 B 192ms
192ms Image
image/gif 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=324|112|28|Pdtl_4A_OWdn-4DVWu7LMrafXHaRuN6ywqcgNtbOOVjZy373yMHLHoQ8Ij80w7Y9iv7UXWLB6zwxf90dzhVkZA**&fw=1&extjs=66044&v=324|112|28|Pdtl_4A_OWdn-4DVWu7LMgp2kbHAvNQFrq-ocu6xPj6snkiPNSICdRGKYaFh916a-SnqRcQn89bcABJ4wnak0w**&cid=1305779&h2=7Vfjl4tZpU0-MPvPcqp3Q7twIeMhIMUZku4qrW8VZmo*&rid=469fde03-7389-11ed-bf2d-2cea7f942996&tt=Direct&iv=11&pageImp=1&pvid=184db51ff7b9bcf5baa&muid=mb3flAjObx8k&cbuster=16701268962353200452
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:16 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: a9b6d4cc-4cc4-4fea-9be9-036bf6558041
server: cloudflare
content-type: image/gif
cf-ray: 7741ae0d7ddcaf40-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 462 B
1 KB 863ms
591ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

49588350b8bf955cb93a3bf42a64f00e709ffd4c729da359454705cc00790185

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tr1.biketreks.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Dec 2022 04:08:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://tr1.biketreks.net
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame 8B6C 2 KB
1 KB 3245ms
174ms Document
text/html 23.227.145.146
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.145.146 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 886bfe90ecfd2d7e5cf02b5f2cdd09fa556840fa513ae5465d9a4697d28b8bc1

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s.adtelligent.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 818
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Dec 2022 04:08:19 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 3A37 2 KB
815 B 407ms
236ms Document
text/html 51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2

200

/ Show response
de.tynt.com/deb/ Frame B4FF
Redirect Chain

https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X

2 KB
3 KB

1592ms
131ms

Document
text/html

67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 063d5a193dfda7e49a567b5b16688528ab3a0d0c35084ce7418ad47dd117186a

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length: 1768
content-type: text/html
date: Sun, 04 Dec 2022 04:08:18 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy: unsafe-url

Redirect headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
content-length: 171
content-type: text/html; charset=utf-8
date: Sun, 04 Dec 2022 04:08:16 GMT
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
location: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server: nginx/1.16.1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame FE34 15 KB
6 KB 47ms
4ms Document
text/html 23.39.216.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-216-189.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=161328
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 04:08:16 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 06 Dec 2022 00:57:04 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame F14F
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

707 B
1 KB

70ms
70ms

Document
text/html

64.120.110.136
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.120.110.136 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 3398c8b278a30b9dcc211e8bb0ce5b3c17c0e2bfa0c937e520a2dfb9e3c82d5f

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=0, no-cache
content-length: 707
content-type: text/html
date: Sun, 04 Dec 2022 04:08:16 GMT
expires: Sun, 04 Dec 2022 04:08:16 GMT
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: SIN-726

Redirect headers

content-type: text/html; charset=iso-8859-1
date: Sun, 04 Dec 2022 04:08:16 GMT
location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server: openresty
x-sid: SIN-726

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 12C1 2 KB
1 KB 86ms
83ms Document
text/html 209.58.162.206
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=651796
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.58.162.206 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: Adtelligent /
Resource Hash: 9d9f69b458097c709f4c00bebf9040036f09ac49fb8f6543755dbb36227a7041

Request headers

Referer: https://s.adtelligent.com/sync.html?aid=754484
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://s.adtelligent.com
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 856
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Dec 2022 04:08:16 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame FFF1
Redirect Chain

https://csync.loopme.me/?pubid=11378&gdpr=$0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=8cb2a072-c1a7-44d2-a1db-d41273d5726c&gdpr_consent=${GDPR_CONSENT_109}&gdpr=$0

0
404 B

745ms
176ms

Document
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=8cb2a072-c1a7-44d2-a1db-d41273d5726c&gdpr_consent=${GDPR_CONSENT_109}&gdpr=$0
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Content-Length: 0
Date: Sun, 04 Dec 2022 04:08:17 GMT
Etag: d82a417673739a7f
Server: Adtelligent

Redirect headers

content-length: 0
date: Sun, 04 Dec 2022 04:08:17 GMT
location: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=8cb2a072-c1a7-44d2-a1db-d41273d5726c&gdpr_consent=${GDPR_CONSENT_109}&gdpr=$0
server: _

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame C8C2
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=0a043a36-bac7-42a8-918e-bd44aa853c93

0
404 B

839ms
180ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=0a043a36-bac7-42a8-918e-bd44aa853c93
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 04:08:17 GMT
Server: Adtelligent
Etag: d82a417673739a7f
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=0a043a36-bac7-42a8-918e-bd44aa853c93
date: Sun, 04 Dec 2022 04:08:17 GMT
cache-control: no-store no-transform
server: nginx
content-length: 166
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame C8C2
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5417959740647820928

0
387 B

1350ms
179ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5417959740647820928
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 04:08:17 GMT
Server: Adtelligent
Etag: d82a417673739a7f
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 04:08:16 GMT
AN-X-Request-Uuid: d79e7dbc-e900-4b86-b018-0ac8fcfee1a4
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=5417959740647820928
Connection: keep-alive
X-Proxy-Origin: 217.138.252.186; 217.138.252.186; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame C8C2
Redirect Chain

https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=bcdec334-daf7-4918-bd59-ee251eada587

0
404 B

1434ms
176ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=bcdec334-daf7-4918-bd59-ee251eada587
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 04:08:17 GMT
Server: Adtelligent
Etag: d82a417673739a7f
Content-Length: 0

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=bcdec334-daf7-4918-bd59-ee251eada587
access-control-allow-origin: *
date: Sun, 04 Dec 2022 04:08:16 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame C8C2
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1f52cb55-049b-43f5-8383-38eeb2a4a4d9

0
404 B

1584ms
175ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1f52cb55-049b-43f5-8383-38eeb2a4a4d9
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 04:08:17 GMT
Server: Adtelligent
Etag: d82a417673739a7f
Content-Length: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:16 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=1f52cb55-049b-43f5-8383-38eeb2a4a4d9
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: sgaohk7rfeqlbr8m1iv9csv6i480oqtp

GET
H2 200 sync
vid.vidoomy.com/ Frame C8C2 0
0 18ms
2ms Image
text/html 2a02:6ea0:d300::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d300::1 , Japan, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame C8C2
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4883393362692549034

0
387 B

1338ms
182ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4883393362692549034
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 04:08:17 GMT
Server: Adtelligent
Etag: d82a417673739a7f
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 04:08:16 GMT
AN-X-Request-Uuid: 5878d3f8-e102-48eb-912d-45db511dc36a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=4883393362692549034
Connection: keep-alive
X-Proxy-Origin: 217.138.252.186; 217.138.252.186; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame C8C2
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=Fwf4JLZHIpLuupxIS2CSoVHB

0
392 B

1288ms
177ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=Fwf4JLZHIpLuupxIS2CSoVHB
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 04:08:17 GMT
Server: Adtelligent
Etag: d82a417673739a7f
Content-Length: 0

Redirect headers

Date: Sun, 04 Dec 2022 04:08:16 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=Fwf4JLZHIpLuupxIS2CSoVHB
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

m
cm.mgid.com/ Frame C8C2
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
https://cm.mgid.com/m?cdsp=617666&c=d82a417673739a7f

43 B
443 B

159ms
156ms

Image
image/gif

2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617666&c=d82a417673739a7f
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H3
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7741ae183fdfaf40-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

Location: https://cm.mgid.com/m?cdsp=617666&c=d82a417673739a7f
Date: Sun, 04 Dec 2022 04:08:17 GMT
Server: Adtelligent
Etag: d82a417673739a7f
Content-Length: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame FE34 2 KB
3 KB 8ms
2ms Script
text/html 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=50333162&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 7703db66919d22b28485f8ef21bb62e8d3159021acb2d33dd8c0bf3f08c27603

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 04:08:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame FC62
Redirect Chain

https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
https://cr-p10.ladsp.com/cookiesender/10?cr=true&https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=ARnMK6N4VfGuks8ADx3mbENYT88AAAGE21IFnA

42 B
291 B

2ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=ARnMK6N4VfGuks8ADx3mbENYT88AAAGE21IFnA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 04 Dec 2022 04:08:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
date: Sun, 04 Dec 2022 04:08:16 GMT
expires: -1
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=ARnMK6N4VfGuks8ADx3mbENYT88AAAGE21IFnA
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma: no-cache
server: Logicad
via: 1.1 ec3865515b91b6759b8436907bcd4cba.cloudfront.net (CloudFront)
x-amz-cf-id: 29t9GBA41PeIUiCv-_WZPq2yXeg5i1J01oi7x57z0-EshtVULQBXJQ==
x-amz-cf-pop: NRT12-C4
x-cache: Miss from cloudfront

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 6402 43 B
363 B 12ms
3ms Document
image/gif 182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 04:08:15 GMT
expires: Sun, 04 Dec 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 357933
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4700
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:529e638c-1d30-4800-a061-2ffe4f2d78bc&gdpr=0&gdpr_consent=

42 B
324 B

3ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:529e638c-1d30-4800-a061-2ffe4f2d78bc&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 04 Dec 2022 04:08:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sun, 04 Dec 2022 04:08:16 GMT
Expires: Sun, 04 Dec 2022 04:08:15 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 180 1fd3e2d master hkg-pixel-x20 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:529e638c-1d30-4800-a061-2ffe4f2d78bc&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7963
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8519568838365145300&gdpr=0&gdpr_consent=

42 B
218 B

5ms
4ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8519568838365145300&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 04 Dec 2022 04:08:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: ca6176ae-ff49-4152-be32-870bd9dd7443
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Dec 2022 04:08:16 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8519568838365145300&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 217.138.252.186; 217.138.252.186; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame ED7C 0
404 B 1436ms
175ms Document
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=695B319A-AA29-4331-855F-58B76C1C785C
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Content-Length: 0
Date: Sun, 04 Dec 2022 04:08:17 GMT
Etag: 47e6571474d3252e
Server: Adtelligent

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FE34
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aVsxmqopQzGFX1i3bBx4XA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

4ms
3ms

Image
text/html

23.39.216.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-216-189.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:16 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=161328
accept-ranges: bytes
content-length: 5549
expires: Tue, 06 Dec 2022 00:57:04 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame FE34
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=695B319A-AA29-4331-855F-58B76C1C785C&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=695B319A-AA29-4331-855F-58B76C1C785C&sInitiator=external&gdpr=0&gdpr_consent=

42 B
570 B

76ms
76ms

Image
image/gif

119.9.108.191
RACKSPACE-AP Rack...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=695B319A-AA29-4331-855F-58B76C1C785C&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: HTTP/1.1
Server: 119.9.108.191 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:16 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:16 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=695B319A-AA29-4331-855F-58B76C1C785C&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame FE34
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=695B319A-AA29-4331-855F-58B76C1C785C&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=695B319A-AA29-4331-855F-58B76C1C785C&gdpr=0&gdpr_consent=&ct=y

49 B
544 B

104ms
103ms

Image
image/gif

3.0.153.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=695B319A-AA29-4331-855F-58B76C1C785C&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 3.0.153.43 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-153-43.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:16 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.25.47
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:16 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=695B319A-AA29-4331-855F-58B76C1C785C&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.42.5.123
content-length: 0
expires: 0

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame FE34
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=695B319A-AA29-4331-855F-58B76C1C785C
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=695B319A-AA29-4331-855F-58B76C1C785C
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4a7b6418-b666-4280-b239-391d355b83e3%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=12134d82-6555-40d5-91a3-8fc4580855ee&ttd_puid=4a7b6418-b666-4280-b239-391d355b83e3%2C

95 B
122 B

40ms
40ms

Image
image/png

107.178.244.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=12134d82-6555-40d5-91a3-8fc4580855ee&ttd_puid=4a7b6418-b666-4280-b239-391d355b83e3%2C

Requested by

Protocol

Server

107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

193.244.178.107.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:16 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:16 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=12134d82-6555-40d5-91a3-8fc4580855ee&ttd_puid=4a7b6418-b666-4280-b239-391d355b83e3%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 353

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame FE34
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJMhDQym3C0KpZrhIH5Bv0g&google_cver=1

42 B
300 B

3ms
3ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJMhDQym3C0KpZrhIH5Bv0g&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 04 Dec 2022 04:08:15 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJMhDQym3C0KpZrhIH5Bv0g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame FE34 43 B
612 B 269ms
72ms Image
image/gif 34.142.175.23
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.142.175.23 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

23.175.142.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 03 Dec 2022 04:08:16 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FE34
Redirect Chain

https://tg.socdm.com/rtb/sync?proto=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=Y4wdMMCo8YQAALi.h9sAAAAA

42 B
200 B

3ms
2ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=Y4wdMMCo8YQAALi.h9sAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 04 Dec 2022 04:08:16 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

X-SO-Cluster-ID: 0
Date: Sun, 04 Dec 2022 04:08:16 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=pubmatic","cluster_id":0,"gdpr":false,"ipv4":"217.138.252.186","key":"Y4wdMMCo8YQAALi.h9sAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40362"}
X-SO-Key: Y4wdMMCo8YQAALi.h9sAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40362
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=Y4wdMMCo8YQAALi.h9sAAAAA
Cache-Control: private
X-SO-HostName: a-ad40362.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 156
Content-Length: 0
X-SO-LB-Hostname: m-tgng32.dc4p.scaleout.jp
X-SO-IP: 217.138.252.186

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FE34
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=6723c727-d8bf-462e-854b-108bd60ebebf&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19&gdpr=&gdpr_consent=&gdpr_pd=

1 B
165 B

3ms
2ms

Image
text/html

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 04 Dec 2022 04:08:16 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sun, 04 Dec 2022 04:08:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FE34
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=12134d82-6555-40d5-91a3-8fc4580855ee&gdpr=0&gdpr_consent=

42 B
375 B

3ms
2ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=12134d82-6555-40d5-91a3-8fc4580855ee&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 04 Dec 2022 04:08:15 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:16 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=12134d82-6555-40d5-91a3-8fc4580855ee&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FE34
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4374557369322276802

42 B
219 B

5ms
3ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4374557369322276802
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 04 Dec 2022 04:08:15 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4374557369322276802
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6B25 15 KB
6 KB 13ms
12ms Document
text/html 23.39.216.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-216-189.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=161328
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 04:08:16 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 06 Dec 2022 00:57:04 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 7B28 2 KB
814 B 308ms
237ms Document
text/html 51.79.234.101
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=75a1922f904cc20

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip101.ip-51-79-234.net

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

csync
sync.spotim.market/ Frame 12C1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy=
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}

43 B
318 B

1454ms
174ms

Image
image/gif

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 04:08:17 GMT
Server: Adtelligent
Etag: d82a417673739a7f
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0963d041a95f271fbba7f411adc03573
Expires: 0

GET
H/1.1 200
OK csync
sync.adtelligent.com/ Frame 12C1 43 B
320 B 1410ms
173ms Image
image/gif 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?redir=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 04:08:17 GMT
Server: Adtelligent
Etag: d82a417673739a7f
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200 ptag Show response
a.audrte.com/ Frame F14F 5 KB
2 KB 689ms
172ms Script
text/plain 52.73.105.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptag?p=M1353665098
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.105.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-105-161.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 58b5f8b5dc6f0080fcd9155e1b5232310f25b7c2b9bf88ca1aefc7717d210b90

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 04:08:17 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-transform, public, max-age=3600
Access-Control-Allow-Credentials: true
transfer-encoding: chunked
Connection: keep-alive

GET
H2 200 lotame20220615.js Show response
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame F14F 566 B
521 B 327ms
105ms Script
application/x-javascript 198.206.157.241
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.206.157.241 New York, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: s.e-planning.net
Software: openresty /
Resource Hash: 4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:16 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 16:21:31 GMT
server: openresty
etag: W/"62aa070b-236"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Fri, 03 Dec 2027 04:08:16 GMT

GET
H2 200 dtscout20220831.js Show response
s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/ Frame F14F 478 B
514 B 327ms
106ms Script
application/x-javascript 198.206.157.241
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/1cb3be2948515989/dtscout20220831.js
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.206.157.241 New York, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: s.e-planning.net
Software: openresty /
Resource Hash: bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:16 GMT
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 19:37:37 GMT
server: openresty
etag: W/"630fb881-1de"
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=157680000
expires: Fri, 03 Dec 2027 04:08:16 GMT

GET
H2 200 navegg_2022_01_br.html Show response
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 5E3C 1 KB
998 B 530ms
3ms Document
text/html 204.93.150.153
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.93.150.153 Arlington Heights, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
Software: CFS 0215 /
Resource Hash: fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=157680000
cf4age: 0
cf4ttl: 157680000.000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Sun, 04 Dec 2022 04:08:17 GMT
etag: W/"61ddbb71-5f5"
expires: Sun, 25 Jul 2027 22:11:35 GMT
last-modified: Tue, 11 Jan 2022 17:16:33 GMT
server: CFS 0215
x-cf-reqid: e2eb38d6914977516a4350cd1007e216
x-cf-tsc: 1658873496
x-cf1: 29080:fC.tko2:co:1585621119:cacheN.tko2-01:H
x-cf2: H
x-cf3: M
x-cff: B

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/15238/ Frame F14F 52 KB
16 KB 33ms
4ms Script
text/javascript 65.9.42.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by: Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-64.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a3d04874e62000c66bf4ca845fbde04ecb011a85bb4cb54f0cdf5598529709a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 16:03:52 GMT
content-encoding: gzip
via: 1.1 907f35c342230a570151549d009005d8.cloudfront.net (CloudFront)
last-modified: Mon, 21 Nov 2022 18:31:37 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-C5
age: 43466
x-amz-server-side-encryption: AES256
etag: W/"b3509b007a9d747642c6a762ce4aed79"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: KxonnecHVM0fJkMVOUgYovy5XzEBkwqOmmPzq7yNGzF9w9rEUcx5Mg==

GET
H2 200 sirdata_03022021.html Show response
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 9B29 636 B
577 B 107ms
106ms Document
text/html 198.206.157.241
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.206.157.241 New York, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: s.e-planning.net
Software: openresty /
Resource Hash: 14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=157680000
content-encoding: gzip
content-type: text/html
date: Sun, 04 Dec 2022 04:08:16 GMT
etag: W/"601b131c-27c"
expires: Fri, 03 Dec 2027 04:08:16 GMT
last-modified: Wed, 03 Feb 2021 21:18:20 GMT
server: openresty

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 0425 0
384 B 469ms
176ms Document
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AGKFuerrqN-eQ6M7
Requested by: Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Content-Length: 0
Date: Sun, 04 Dec 2022 04:08:17 GMT
Etag: ee5684e75d69b395
Server: Adtelligent

GET
H/1.1 200
OK GS.d Show response
js.cookieless-data.com/ Frame 9B29 0
535 B 743ms
247ms Script
text/plain 51.158.28.82
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1670126897617

Requested by

Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.158.28.82 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-158-28-82.rev.poneytelecom.eu

Software

nginx/1.20.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 04:08:18 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Server: nginx/1.20.2
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200 ptrack Show response
a.audrte.com/ Frame F14F 368 B
899 B 177ms
176ms XHR
text/plain 52.73.105.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.audrte.com/ptrack?arlocation=217.138.252.186&p=M1353665098&artime=2022-12-04T04:08:18.365Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5hZHRlbGxpZ2VudC5jb20lMkZjc3luYyUzRnQlM0RhJTI2ZXAlM0QzMDc5NzElMjZleHR1aWQlM0QlMjRVSUQ=&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5hZHRlbGxpZ2VudC5jb20v
Requested by: Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.105.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-105-161.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 9e390cac58d0a7c61749867209a8dade15dcf5c218a8fb9316a86a38aec14232

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 04:08:18 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: https://ads.us.e-planning.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 263

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/15238/ Frame F14F 155 B
632 B 15ms
4ms XHR
application/json 65.9.42.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-64.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer: https://ads.us.e-planning.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 03 Dec 2022 06:03:01 GMT
via: 1.1 cc98e564ef92b44464a2b674b080c286.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C5
age: 79518
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 155
last-modified: Mon, 21 Nov 2022 18:31:37 GMT
server: AmazonS3
etag: "1a1722e9cedbdc8af0dcd3345e46c73a"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age: 86400
accept-ranges: bytes
x-amz-cf-id: E31aR-SU1bvojrVMySvAZVkU3vjs5ULeSO9EUxan_5FamNj-uWHRSQ==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame F14F 253 B
1 KB 257ms
115ms XHR
application/json 54.179.142.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.179.142.225 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-179-142-225.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 40e809910cb8b6f47a636354b43ef8f83e6c7e4ffd28d8ae1c241968125295f3

Request headers

Referer: https://ads.us.e-planning.net/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:18 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ads.us.e-planning.net
cache-control: no-cache
x-server: 10.42.23.56
access-control-allow-credentials: true
content-length: 253
expires: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame FE34 0
128 B 4ms
2ms Script
text/plain 103.231.99.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr={gdpr]&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.81 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:17 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 6635
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

281 B
554 B

14ms
2ms

Document
text/html

23.207.98.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.98.70 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-98-70.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Dec 2022 04:08:18 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 04 Dec 2022 04:08:18 GMT
location: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server: AkamaiGHost

GET
H2

200

cm Show response
us-u.openx.net/w/1.0/ Frame 0EAB
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670126898359.4&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D...

959 B
974 B

60ms
43ms

Document
text/html

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 3e2b20294580da941cf51cb10015a86ecec2fe2321ce4570a03a74d14cefac3f

Request headers

Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 540
content-type: text/html
date: Sun, 04 Dec 2022 04:08:18 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Sun, 04 Dec 2022 04:08:18 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP020
x-33x-status: 40000000008200000C

GET
H2

200

match
events-ssc.33across.com/ Frame B4FF
Redirect Chain

https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=93&user_id=12134d82-6555-40d5-91a3-8fc4580855ee&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19&ts=1670126898&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
225 B

114ms
94ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19&ts=1670126898&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:19 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:18 GMT
referrer-policy: unsafe-url
server: 33XP005
x-33x-status: 8000000008200000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=10&external_user_id=171cbcf1-4d6f-43be-9df1-ba12c0f4ce19&ts=1670126898&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame B4FF
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670126898359.3&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=529e638c-1d30-4800-a061-2ffe4f2d78bc

68 B
126 B

95ms
94ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=529e638c-1d30-4800-a061-2ffe4f2d78bc
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:19 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

Date: Sun, 04 Dec 2022 04:08:18 GMT
Server: MT3 180 1fd3e2d master hkg-pixel-x19 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=1&external_user_id=529e638c-1d30-4800-a061-2ffe4f2d78bc
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 04 Dec 2022 04:08:17 GMT

GET
H2

200

match
events-ssc.33across.com/ Frame B4FF
Redirect Chain

https://ssc-cms.33across.com/ps/?us_privacy=&ts=1670126898359.5&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253...
https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=4883393362692549034

68 B
126 B

96ms
91ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=4883393362692549034
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol: H2
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:19 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 04:08:18 GMT
AN-X-Request-Uuid: aebb14df-20d2-432a-a524-60b808d1ba07
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=4883393362692549034
Connection: keep-alive
X-Proxy-Origin: 217.138.252.186; 217.138.252.186; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/
ps.eyeota.net/pixel/bounce/ Frame F14F
Redirect Chain

https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=37lBe09v4l5TqiY1ijLr2iWhA&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=37lBe09v4l5TqiY1ijLr2iWhA&gdpr=0&gdpr_consent=

1 KB
1 KB

4ms
4ms

Image
application/javascript

18.176.247.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel/bounce/?pid=kh51m51&t=ajs&uid=37lBe09v4l5TqiY1ijLr2iWhA&gdpr=0&gdpr_consent=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 18.176.247.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-247-126.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: application/javascript
Date: Sun, 04 Dec 2022 04:08:18 GMT
Content-Length: 1314
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /pixel/bounce/?pid=kh51m51&t=ajs&uid=37lBe09v4l5TqiY1ijLr2iWhA&gdpr=0&gdpr_consent=
Date: Sun, 04 Dec 2022 04:08:18 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200

p
a.audrte.com/ Frame F14F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=37lBe09v4l5TqiY1ijLr2iWhA&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=37lBe09v4l5TqiY1ijLr2iWhA&gdpr=0&gdpr_consent=&google_gid=CAESEGYK0KHH7J3dq_3FdAVNkyE&google_cver=1
https://a.audrte.com/p

68 B
424 B

338ms
167ms

Image
image/png

52.73.105.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 52.73.105.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-105-161.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 04:08:19 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sun, 04 Dec 2022 04:08:18 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200

p
a.audrte.com/ Frame F14F
Redirect Chain

https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=4374557369322276802
https://ad.360yield.com/ux?publisher_id=all&publisher_dmp_id=16&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3D{PUB_USER_ID}%26p%3D560038091
https://a.audrte.com/match?uid=bcdec334-daf7-4918-bd59-ee251eada587&p=560038091
https://a.audrte.com/p

68 B
424 B

171ms
171ms

Image
image/png

52.73.105.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: HTTP/1.1
Server: 52.73.105.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-105-161.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.us.e-planning.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 04:08:19 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sun, 04 Dec 2022 04:08:19 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6635 34 KB
10 KB 3ms
2ms Script
text/html 23.207.98.70
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.98.70 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-98-70.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 28f2ff7154b7ed319428d97aa8eda2c964ea8d41676f1c4fc528df20dbf895aa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 04:08:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 04 Dec 2022 01:08:18 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=75528
Connection: keep-alive
Content-Length: 10067
Expires: Mon, 05 Dec 2022 01:07:06 GMT

GET
H3

200

match
events-ssc.33across.com/ Frame 6635
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LB8UFKAB-14-4MJD
https://ssc-cms.33across.com/ps/?xi=1&xu=LB8UFKAB-14-4MJD
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LB8UFKAB-14-4MJD&ts=1670126899&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=

68 B
82 B

103ms
92ms

Image
image/png

34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LB8UFKAB-14-4MJD&ts=1670126899&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H3
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:19 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:18 GMT
referrer-policy: unsafe-url
server: 33XP004
x-33x-status: 8000000008200000A
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LB8UFKAB-14-4MJD&ts=1670126899&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 6E75 2 KB
1 KB 3ms
3ms Document
text/html 65.9.42.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-64.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Referer: https://ads.us.e-planning.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 54786
cache-control: max-age: 86400
content-encoding: gzip
content-type: text/html
date: Sat, 03 Dec 2022 12:55:13 GMT
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 907f35c342230a570151549d009005d8.cloudfront.net (CloudFront)
x-amz-cf-id: L8x6E-v4kRoMFnhqo9FReNBFaFsITmTbdr2q9Y0ks0kCEdUQ2HG-5A==
x-amz-cf-pop: NRT12-C5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 66B5 950 B
1 KB 68ms
68ms Document
text/html 54.179.142.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=41%2C106%2C12%2C33%2C54%2C2&c=15238
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.179.142.225 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-179-142-225.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f298ca2ac8929e7579c0af864f44510ea180274b6674815e0a24dd378a7ea184

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-cache
content-length: 950
content-type: text/html
date: Sun, 04 Dec 2022 04:08:18 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.42.1.71

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 6635
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=12134d82-6555-40d5-91a3-8fc4580855ee&gdpr=0&gdpr_consent=&expires=30

42 B
709 B

112ms
112ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=12134d82-6555-40d5-91a3-8fc4580855ee&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0963d041a95f271fbba7f411adc03573
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=12134d82-6555-40d5-91a3-8fc4580855ee&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 6635
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELQml3r1GFU92jZtEexF5Wc&google_cver=1

42 B
709 B

110ms
110ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELQml3r1GFU92jZtEexF5Wc&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 5daa34953a867809056448757b76591b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELQml3r1GFU92jZtEexF5Wc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 6635
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB8UFKAB-14-4MJD

0
570 B

161ms
149ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB8UFKAB-14-4MJD
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:18 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 17ED66A29DB44C4680098943DE49E6AB Ref B: TYAEDGE0816 Ref C: 2022-12-04T04:08:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXu+LiOczO9XtSPu73E1g==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LB8UFKAB-14-4MJD
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6635
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vEwH5F_vQjibHTyLo3t_2A&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=vEwH5F_vQjibHTyLo3t_2A

43 B
479 B

270ms
269ms

Image
image/gif

54.239.33.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=vEwH5F_vQjibHTyLo3t_2A

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Protocol

HTTP/1.1

Server

54.239.33.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 04:08:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BH4YH6KWAJ16CSPEB25D
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=vEwH5F_vQjibHTyLo3t_2A
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5daa34953a867809056448757b76591b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 6635
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/JhRss-b19HymYdaVqq4r78n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-mI4K7o9E2oIG_.GIcU7XXt7mE6AzhXWeMhwaNA--~A

42 B
709 B

110ms
109ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-mI4K7o9E2oIG_.GIcU7XXt7mE6AzhXWeMhwaNA--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 5daa34953a867809056448757b76591b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 04 Dec 2022 04:08:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-mI4K7o9E2oIG_.GIcU7XXt7mE6AzhXWeMhwaNA--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6635
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI4VUZLQUItMTQtNE1KRA==

170 B
188 B

40ms
40ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI4VUZLQUItMTQtNE1KRA==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI4VUZLQUItMTQtNE1KRA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 6635
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-nptNDUHTm2xgMRFQrYf4Q&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-nptNDUHTm2xgMRFQrYf4Q

43 B
479 B

173ms
173ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-nptNDUHTm2xgMRFQrYf4Q

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 04:08:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4353T5P1G7FVJJ75KQ5Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-nptNDUHTm2xgMRFQrYf4Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5daa34953a867809056448757b76591b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6635
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGRiOWRjYzQ3NzI5ODUzYTkxZjgwZmRmYzc3MWYyNDk4MzkyYWI2NA

170 B
188 B

42ms
41ms

Image
image/png

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGRiOWRjYzQ3NzI5ODUzYTkxZjgwZmRmYzc3MWYyNDk4MzkyYWI2NA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=

Protocol

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGRiOWRjYzQ3NzI5ODUzYTkxZjgwZmRmYzc3MWYyNDk4MzkyYWI2NA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 66B5
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-kyGHvWVE2pw4_tsQbhmVU16uAdlk2b.jxtk-~A&gdpr=0

49 B
264 B

72ms
71ms

Image
image/gif

3.0.153.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-kyGHvWVE2pw4_tsQbhmVU16uAdlk2b.jxtk-~A&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C106%2C12%2C33%2C54%2C2&c=15238
Protocol: H2
Server: 3.0.153.43 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-153-43.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.4.83
content-length: 49
expires: 0

Redirect headers

date: Sun, 04 Dec 2022 04:08:18 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0102.pbp.sg3.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-kyGHvWVE2pw4_tsQbhmVU16uAdlk2b.jxtk-~A&gdpr=0
content-length: 0

GET
H2

200

tpid=4a7b6418-b666-4280-b239-391d355b83e3
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 66B5
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=76e9f415853e41bbc5c6c20ce9b2b523&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D4a7b6418-b666-4280-b239-391d355b83e3%252Chttps%253A...
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4883393362692549034&pt=4a7b6418-b666-4280-b239-391d355b83e3%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=4a7b6418-b666-4280-b239-391d355b83e3

49 B
263 B

73ms
72ms

Image
image/gif

3.0.153.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=4a7b6418-b666-4280-b239-391d355b83e3
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C106%2C12%2C33%2C54%2C2&c=15238
Protocol: H2
Server: 3.0.153.43 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-153-43.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.2.95
content-length: 49
expires: 0

Redirect headers

date: Sun, 04 Dec 2022 04:08:19 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=4a7b6418-b666-4280-b239-391d355b83e3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 5907
tags.bluekai.com/site/ Frame 66B5 62 B
465 B 139ms
116ms Image
image/gif 23.44.52.187
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=96aab4b71e546750610ff1cedb192e25
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C106%2C12%2C33%2C54%2C2&c=15238
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.52.187 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-52-187.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 04 Dec 2022 04:08:18 GMT
content-length: 62
content-type: image/gif

GET
H2 204 usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame 66B5 0
191 B 746ms
247ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C106%2C12%2C33%2C54%2C2&c=15238
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Sun, 04 Dec 2022 04:08:18 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 66B5
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-4b9d8bc6-246c-40cf-6064-933c66e42111$ip$217.138.252.186&gdpr=0&gdpr_consent=

49 B
264 B

73ms
71ms

Image
image/gif

3.0.153.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-4b9d8bc6-246c-40cf-6064-933c66e42111$ip$217.138.252.186&gdpr=0&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C106%2C12%2C33%2C54%2C2&c=15238
Protocol: H2
Server: 3.0.153.43 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-153-43.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.7.234
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-4b9d8bc6-246c-40cf-6064-933c66e42111$ip$217.138.252.186&gdpr=0&gdpr_consent=
Date: Sun, 04 Dec 2022 04:08:19 GMT
Connection: keep-alive
Content-Length: 169
Content-Type: text/html; charset=utf-8

GET
H2

200

rand=115545554
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4883393362692549034/gdpr=0/ Frame 66B5
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=115545554
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4883393362692549034/gdpr=0/rand=115545554

49 B
265 B

74ms
73ms

Image
image/gif

3.0.153.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4883393362692549034/gdpr=0/rand=115545554
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C106%2C12%2C33%2C54%2C2&c=15238
Protocol: H2
Server: 3.0.153.43 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-153-43.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.26.163
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 04:08:18 GMT
AN-X-Request-Uuid: d4bb5477-d06d-4bef-807c-3396608c1395
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4883393362692549034/gdpr=0/rand=115545554
Connection: keep-alive
X-Proxy-Origin: 217.138.252.186; 217.138.252.186; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 match
events-ssc.33across.com/ Frame 0EAB 68 B
126 B 98ms
96ms Image
image/png 34.117.239.71
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=70&external_user_id=50e748f4-638f-40f3-8438-f72b39abf40b
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 71.239.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:19 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
content-type: image/png

GET openx
cs.nex8.net/cs/ Frame 0EAB 0
0

GET
H3

200

dds
rtb.openx.net/sync/ Frame 0EAB
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=-drOphSCyTIOe7RM4OZc7g==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
64 B

43ms
42ms

Image
image/gif

35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:18 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: jbnugq514i6m38141a6aj81p76nk6lq1

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame 0EAB
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1
https://sync-tapi.admatrix.jp/data/sync.jsp?rd=https%3A%2F%2Fsync%2Ddsp%2Ead%2Dm%2Easia%2Fdsp%2Fapi%2Fsync%2Fsend%3Fs%3Dopenx%26uid%2Dset%3D1%26auid%3D
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1&auid=e2e43f84-d66d-4822-8740-fe4ac8a56548
https://jp-u.openx.net/w/1.0/sd?id=537072588&val=VgNU-4FwfIU-l

43 B
61 B

45ms
44ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072588&val=VgNU-4FwfIU-l
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 04:08:19 GMT
Server: nginx
Location: https://jp-u.openx.net/w/1.0/sd?id=537072588&val=VgNU-4FwfIU-l
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
expires: -1

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 0EAB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fjp-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://jp-u.openx.net/w/1.0/sd?id=536872786&val=529e638c-1d30-4800-a061-2ffe4f2d78bc

43 B
106 B

40ms
40ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=536872786&val=529e638c-1d30-4800-a061-2ffe4f2d78bc
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sun, 04 Dec 2022 04:08:19 GMT
Server: MT3 180 1fd3e2d master hkg-pixel-x10 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://jp-u.openx.net/w/1.0/sd?id=536872786&val=529e638c-1d30-4800-a061-2ffe4f2d78bc
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 04 Dec 2022 04:08:18 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 0EAB
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3664386443204904844&gdpr=0&gdpr_consent=&us_privacy=

43 B
61 B

43ms
42ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=3664386443204904844&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=3664386443204904844&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 04 Dec 2022 04:08:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 0EAB
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=268c449a-bd04-701c-e80f-f8fb33ff6654&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=12134d82-6555-40d5-91a3-8fc4580855ee&ttd_puid=268c449a-bd04-701c-e80f-f8fb33ff6654&gdpr=0&gdpr_consent=

43 B
62 B

48ms
43ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=12134d82-6555-40d5-91a3-8fc4580855ee&ttd_puid=268c449a-bd04-701c-e80f-f8fb33ff6654&gdpr=0&gdpr_consent=
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=12134d82-6555-40d5-91a3-8fc4580855ee&ttd_puid=268c449a-bd04-701c-e80f-f8fb33ff6654&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame 0EAB
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y4wdM8Co8YQAALi.iZ0AAAAA

43 B
61 B

43ms
42ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y4wdM8Co8YQAALi.iZ0AAAAA
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Sun, 04 Dec 2022 04:08:19 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"217.138.252.186","key":"Y4wdM8Co8YQAALi.iZ0AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40387"}
X-SO-Key: Y4wdM8Co8YQAALi.iZ0AAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40387
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y4wdM8Co8YQAALi.iZ0AAAAA
Cache-Control: private
X-SO-HostName: a-ad40387.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 104
Content-Length: 0
X-SO-LB-Hostname: m-tgng32.dc4p.scaleout.jp
X-SO-IP: 217.138.252.186

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 0EAB
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AayqG0_KJLgqks8ADx3mbENYT88AAAGE21IPdQ

43 B
180 B

39ms
38ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AayqG0_KJLgqks8ADx3mbENYT88AAAGE21IPdQ
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
via: 1.1 ec3865515b91b6759b8436907bcd4cba.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT12-C4
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AayqG0_KJLgqks8ADx3mbENYT88AAAGE21IPdQ
cache-control: no-cache
content-length: 0
x-amz-cf-id: cM5YHvRj1KNiwkmEn5on1jahPbA1HCJWTCJxMO54ZxN2CE_VuhFRvg==
expires: -1

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 0EAB 170 B
188 B 45ms
42ms Image
image/png 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGFlMzk3NTAtNzQ3My0yZWI4LWZkZWYtYTI0MmY5MWRhODM0

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 0EAB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMIWeShKu7k7Ilunf8bwh8I&google_cver=1

43 B
61 B

47ms
46ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMIWeShKu7k7Ilunf8bwh8I&google_cver=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMIWeShKu7k7Ilunf8bwh8I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6B25 3 KB
3 KB 2ms
2ms Script
text/html 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1658803&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0bb90c30e9c1712f18e3059d847e57673f5f5da527f6dfcc2c9168bedb82ff9f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 04:08:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8D65
Redirect Chain

https://ds.uncn.jp/pm/0/sync
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_393b9b9c-dcaa-4ddf-b530-07496c98ca7f

42 B
332 B

2ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_393b9b9c-dcaa-4ddf-b530-07496c98ca7f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 04 Dec 2022 04:08:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 170
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Dec 2022 04:08:19 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_393b9b9c-dcaa-4ddf-b530-07496c98ca7f
Server: Apache

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4E7A
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=45LCqRIeKkM

42 B
191 B

3ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=45LCqRIeKkM
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 04 Dec 2022 04:08:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
Date: Sun, 04 Dec 2022 04:08:19 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw&piggybackCookie=45LCqRIeKkM
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma: no-cache
Server: nginx
expires: -1

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame BA0C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4wdMwAADu4fwQAe&gdpr=0&gdpr_consent=&_test=Y4wdMwAADu4fwQAe

1 B
220 B

3ms
2ms

Document
text/html

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4wdMwAADu4fwQAe&gdpr=0&gdpr_consent=&_test=Y4wdMwAADu4fwQAe
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sun, 04 Dec 2022 04:08:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Sun, 04 Dec 2022 04:08:19 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4wdMwAADu4fwQAe&gdpr=0&gdpr_consent=&_test=Y4wdMwAADu4fwQAe
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-tyo11950-TYO
x-timer: S1670126900.771257,VS0,VE0

GET
H/1.1 200
OK pxd Show response
dps.jp.cinarra.com/ Frame D7F7 95 B
220 B 33ms
7ms Document
image/png 18.176.115.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=695B319A-AA29-4331-855F-58B76C1C785C
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.115.166 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-115-166.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: keep-alive
Content-Length: 95
Content-Type: image/png
Date: Sun, 04 Dec 2022 04:08:19 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame F9D9
Redirect Chain

https://gocm.c.appier.net/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=wqhu-JrFAnCuR97_Mx2MYw

42 B
200 B

4ms
4ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=wqhu-JrFAnCuR97_Mx2MYw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 04 Dec 2022 04:08:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-store
content-length: 153
content-type: text/html; charset=utf-8
date: Sun, 04 Dec 2022 04:08:19 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=wqhu-JrFAnCuR97_Mx2MYw
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: nginx

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame D12C 43 B
369 B 47ms
36ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Sun, 04 Dec 2022 04:08:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A543
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9b602443746e4c9a936d53e54decfd4f

42 B
305 B

19ms
19ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9b602443746e4c9a936d53e54decfd4f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 04 Dec 2022 04:08:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html;charset=UTF-8
date: Sun, 04 Dec 2022 04:08:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=9b602443746e4c9a936d53e54decfd4f
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
status: 302
via: 1.1 google
x-xss-protection: 1; mode=block

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F963
Redirect Chain

https://adsd-sync.amanad.adtdp.com/pubmaticsync?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=0d5c2ee2-dade-4bb0-8f65-3a276d29371c

42 B
286 B

3ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=0d5c2ee2-dade-4bb0-8f65-3a276d29371c
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 04 Dec 2022 04:08:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 168
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Dec 2022 04:08:19 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDYmdGw9NDMyMDA=&piggybackCookie=0d5c2ee2-dade-4bb0-8f65-3a276d29371c

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4AFC
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=S52LxiRsQM9gZJM8ZuQhEdmK_Lo

42 B
317 B

4ms
3ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=S52LxiRsQM9gZJM8ZuQhEdmK_Lo
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 04 Dec 2022 04:08:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Dec 2022 04:08:19 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=S52LxiRsQM9gZJM8ZuQhEdmK_Lo

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E890
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0

0
74 B

3ms
2ms

Document
text/html

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 04 Dec 2022 04:08:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Sun, 04 Dec 2022 04:08:20 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 31E7
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:16418FFD98EB40779D74EE2BE3BAD6BA&gdpr=0&gdpr_consent=

1 B
53 B

42ms
42ms

Document
text/html

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:16418FFD98EB40779D74EE2BE3BAD6BA&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Sun, 04 Dec 2022 04:08:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 142
content-type: text/html
date: Sun, 04 Dec 2022 04:08:19 GMT
expires: Sat, 03 Dec 2022 04:08:19 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:16418FFD98EB40779D74EE2BE3BAD6BA&gdpr=0&gdpr_consent=
server: openresty
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 6BAE
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MpVQlDXCW8QpxAqSZcBFk2XEDcYplFqRZ5XZGt9c

42 B
345 B

3ms
2ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MpVQlDXCW8QpxAqSZcBFk2XEDcYplFqRZ5XZGt9c
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 04 Dec 2022 04:08:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Sun, 04 Dec 2022 04:08:19 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MpVQlDXCW8QpxAqSZcBFk2XEDcYplFqRZ5XZGt9c
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B87D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KBmajn6i1P1GiD5&gdpr=0&gdpr_consent=

42 B
219 B

4ms
3ms

Document
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KBmajn6i1P1GiD5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 04 Dec 2022 04:08:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sun, 04 Dec 2022 04:08:19 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:KBmajn6i1P1GiD5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-052f9362e060162a9@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H/1.1 200
OK csync Show response
sync.adtelligent.com/ Frame 029A 0
404 B 177ms
175ms Document
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=695B319A-AA29-4331-855F-58B76C1C785C
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Content-Length: 0
Date: Sun, 04 Dec 2022 04:08:18 GMT
Etag: d82a417673739a7f
Server: Adtelligent

GET
H2 200 695B319A-AA29-4331-855F-58B76C1C785C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6B25 43 B
602 B 77ms
73ms Image
image/gif 2406:da18:929:5a00:e0a2:7187:a56d:f5af
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/695B319A-AA29-4331-855F-58B76C1C785C?gdpr=0&gdpr_consent=

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2406:da18:929:5a00:e0a2:7187:a56d:f5af Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 6B25
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=695B319A-AA29-4331-855F-58B76C1C785C&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-gY8dDZdE2uUJWx.qCOPRFVSlJNowzHs-~A&gdpr=0&gdpr_consent=

0
128 B

3ms
3ms

Image
text/plain

103.231.99.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-gY8dDZdE2uUJWx.qCOPRFVSlJNowzHs-~A&gdpr=0&gdpr_consent=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Server: 103.231.99.81 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:19 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-gY8dDZdE2uUJWx.qCOPRFVSlJNowzHs-~A&gdpr=0&gdpr_consent=
date: Sun, 04 Dec 2022 04:08:19 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6B25
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3664386443204904844&gdpr=0&gdpr_consent=&us_privacy=

1 B
319 B

11ms
10ms

Image
text/html

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3664386443204904844&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 04 Dec 2022 04:08:19 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3664386443204904844&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6B25
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=695B319A-AA29-4331-855F-58B76C1C785C&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3a674789c6c92281&is_secure=true&networkId=17100&version=1&nuid=695B319A-AA29-4331-855F-58B76C1C785C&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMQiLdcr0BpANQWOESAAAAAAA&expiration=1670213299&nuid=695B319A-AA29-4331-855F-58B76C1C785C&...

42 B
264 B

3ms
3ms

Image
image/gif

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMQiLdcr0BpANQWOESAAAAAAA&expiration=1670213299&nuid=695B319A-AA29-4331-855F-58B76C1C785C&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=754484
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 04 Dec 2022 04:08:19 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:19 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMQiLdcr0BpANQWOESAAAAAAA&expiration=1670213299&nuid=695B319A-AA29-4331-855F-58B76C1C785C&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK csync Show response
sync.console.adtarget.com.tr/ Frame E7CC 0
390 B 1269ms
175ms Document
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=${UID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Content-Length: 0
Date: Sun, 04 Dec 2022 04:08:20 GMT
Etag: b288e07dd329f4a0
Server: Adtelligent

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame 0136
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4374557369322276802

0
403 B

483ms
175ms

Document
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4374557369322276802
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Content-Length: 0
Date: Sun, 04 Dec 2022 04:08:20 GMT
Etag: b288e07dd329f4a0
Server: Adtelligent

Redirect headers

content-length: 0
content-type: text/plain
date: Sun, 04 Dec 2022 04:08:20 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4374557369322276802
server: nginx

GET
H2 200 cm-notify Show response
creativecdn.com/ Frame 0D67 42 B
243 B 233ms
232ms Document
image/gif 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/cm-notify?pi=admatic
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
content-type: image/gif
date: Sun, 04 Dec 2022 04:08:19 GMT Sun, 04 Dec 2022 04:08:19 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache

GET
H/1.1 200
OK csync Show response
sync.console.adtarget.com.tr/ Frame 4E85 0
390 B 1266ms
174ms Document
text/plain 23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=738101&extuid=${UID}
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Content-Length: 0
Date: Sun, 04 Dec 2022 04:08:20 GMT
Etag: b288e07dd329f4a0
Server: Adtelligent

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame 0B2A
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D737566%26extuid%3D%24UID
https://sync.console.adtarget.com.tr/csync?t=a&ep=737566&extuid=4374557369322276802

0
403 B

657ms
174ms

Document
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=737566&extuid=4374557369322276802
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Content-Length: 0
Date: Sun, 04 Dec 2022 04:08:20 GMT
Etag: b288e07dd329f4a0
Server: Adtelligent

Redirect headers

content-length: 0
content-type: text/plain
date: Sun, 04 Dec 2022 04:08:20 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=737566&extuid=4374557369322276802
server: nginx

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 8B6C
Redirect Chain

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=b288e07dd329f4a0

0
384 B

174ms
174ms

Image
text/plain

23.227.139.243
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=b288e07dd329f4a0
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Server: 23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 04:08:20 GMT
Server: Adtelligent
Etag: d82a417673739a7f
Content-Length: 0

Redirect headers

Location: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=b288e07dd329f4a0
Date: Sun, 04 Dec 2022 04:08:20 GMT
Server: Adtelligent
Etag: b288e07dd329f4a0
Content-Length: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 6B25 0
128 B 4ms
3ms Script
text/plain 103.231.99.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.81 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 04:08:21 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 85692282
mc.yandex.ru/watch/ 43 B
259 B 314ms
313ms Ping
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/85692282?page-url=https%3A%2F%2Ftr1.biketreks.net%2Frainbow-trees-botanical-garden-atlanta-2a2a8e4b0d&charset=utf-8&hittoken=1670126894_22645325bea7071bd440af66976a2c2fca3753fc8c5625dba0631491080bcbe8&browser-info=nb%3A1%3Acl%3A681%3Aar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A1%3Als%3A1435328482183%3Ahid%3A174910839%3Az%3A0%3Ai%3A20221204040829%3Aet%3A1670126909%3Ac%3A1%3Arn%3A64533717%3Arqn%3A2%3Au%3A1670126894269774293%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A0%3Ans%3A1670126890247%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1670126909&t=gdpr(14)clc(0-0-0)rqnt(2)aw(1)ecs(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tr1.biketreks.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 04:08:29 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 04-Dec-2022 04:08:29 GMT
content-type: image/gif
access-control-allow-origin: https://tr1.biketreks.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 04-Dec-2022 04:08:29 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.nex8.net
URL: https://cs.nex8.net/cs/openx

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

152 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dr5.biz/	1970-01-20 08:38:38	Name: uuid Value: 52149e57-a89f-463c-bfc5-8d4065330507
.biketreks.net/	1970-01-20 16:41:02	Name: _ym_uid Value: 1670126894269774293
.biketreks.net/	1970-01-20 16:41:02	Name: _ym_d Value: 1670126894
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2658527931670126894
.yandex.ru/	1970-01-20 17:31:26	Name: i Value: 8ZntToXH8BEww+Fs9qmovYPoRXkmppAbRvial1XucPmKsLr6Cz+DCbfrYhBRGrTesUwQyq2W7TtSQICfwlirAxRomQI=
.yandex.ru/	1970-01-20 17:31:26	Name: yandexuid Value: 6132203841670126894
.yandex.ru/	1970-01-20 17:31:26	Name: yuidss Value: 6132203841670126894
.yandex.ru/	1970-01-20 16:41:02	Name: ymex Value: 1985486894.yc.1670126894#1985486894.yrts.1670126894#1985486894.yrtsi.1670126894
.biketreks.net/	1970-01-20 07:56:38	Name: _ym_isad Value: 2
.mgid.com/	1970-01-20 07:55:28	Name: __cf_bm Value: smbvdOARs0lgFJohVsvuN0jYRTxf4c2UZYeXdTlZqDU-1670126894-0-AdcarxRzFnBpZ2AyV/RlvwtTEBYJjDp9hfOPGGwHdMtHHE6pCKyqurSnex0OQWHGxsbbovmBnsofmOZw1Rp0j8g=
.mgid.com/	1970-01-20 16:41:02	Name: muidn Value: mb3flAjObx8k
tr1.biketreks.net/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C1102315%22%3A%7B%22page%22%3A1%2C%22time%22%3A1670126895143%7D%2C%22C1305779%22%3A%7B%22page%22%3A1%2C%22time%22%3A1670126895180%7D%7D
.adsrvr.org/	1970-01-20 16:41:02	Name: TDID Value: 12134d82-6555-40d5-91a3-8fc4580855ee
.bidswitch.net/	1970-01-20 16:41:02	Name: tuuid Value: 171cbcf1-4d6f-43be-9df1-ba12c0f4ce19
.bidswitch.net/	1970-01-20 16:41:02	Name: c Value: 1670126895
.bidswitch.net/	1970-01-20 16:41:02	Name: tuuid_lu Value: 1670126895
.mookie1.com/	1970-01-20 17:24:14	Name: id Value: 10524490119385408702
.mookie1.com/	1970-01-20 17:24:14	Name: mdata Value: 1\|10524490119385408702\|1670126895439
.mookie1.com/	1970-01-20 17:24:14	Name: ov Value: 826dfd0fc4fdcc31407ead3af2f50908
.pubmatic.com/	1970-01-20 08:38:38	Name: KRTBCOOKIE_466 Value: 16530-171cbcf1-4d6f-43be-9df1-ba12c0f4ce19
.pubmatic.com/	1970-01-20 10:05:02	Name: KADUSERCOOKIE Value: 695B319A-AA29-4331-855F-58B76C1C785C
.doubleclick.net/	1970-01-20 17:31:26	Name: IDE Value: AHWqTUndLbDf8c46GQUYbqZJq7iYnYklsFdEDrYYEPrzQ16z_37OfcUCPaD9IMV_NcM
.rlcdn.com/	1970-01-20 09:21:50	Name: pxrc Value: CK+6sJwGEgUI6AcQABIFCOhHEAA=
.360yield.com/	1970-01-20 10:05:02	Name: tuuid Value: bcdec334-daf7-4918-bd59-ee251eada587
.360yield.com/	1970-01-20 10:05:02	Name: tuuid_lu Value: 1670126895
.rubiconproject.com/	1970-01-20 16:41:02	Name: khaos Value: LB8UFKAB-14-4MJD
.pippio.com/	1970-01-20 16:41:02	Name: did Value: gnGxLRGRu6rhj7ao
.pippio.com/	1970-01-20 16:41:02	Name: didts Value: 1670126895
.pippio.com/	1970-01-20 09:21:50	Name: nnls Value:
.admanmedia.com/	1970-01-20 08:15:36	Name: admtr Value: a631ae7d-c2b4-466c-9713-961c8e2fcc7f
.admanmedia.com/	1970-01-20 08:15:36	Name: ac_r Value: CS77
.creativecdn.com/	1970-01-20 16:41:02	Name: u Value: 2pUqImSw9ExqiggV5dYn
.creativecdn.com/	1970-01-20 16:41:02	Name: ts Value: 1670126895
.pippio.com/	1970-01-20 09:21:50	Name: pxrc Value: CK+6sJwGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/	1970-01-20 16:41:02	Name: rmuid Value: 6259fafa-ab2d-47de-993c-4d8aeb106541
.linksynergy.com/	1970-01-20 16:41:02	Name: icts Value: 2022-12-04T04:08:16Z
.e-volution.ai/	1970-01-20 08:15:36	Name: v_usr Value: 251ea529-0fb9-4582-838f-aeba7659e775
.rlcdn.com/	1970-01-20 16:41:02	Name: rlas3 Value: jl1XjxpM0AoaKBoVjf11PK6XdtUXbwu2J0VNlq8i7+g=
.smartadserver.com/	1970-01-20 17:25:41	Name: pid Value: 1644534851954047200
.openx.net/	1970-01-20 16:41:02	Name: i Value: f5207bc3-1483-4feb-b2d9-301357d855a9\|1670126896
.pubmatic.com/	1970-01-20 10:05:02	Name: DPSync3 Value: 1671321600%3A201_226_245%7C1670716800%3A248
.pubmatic.com/	1970-01-20 08:38:38	Name: KRTBCOOKIE_377 Value: 6810-12134d82-6555-40d5-91a3-8fc4580855ee&KRTB&22918-12134d82-6555-40d5-91a3-8fc4580855ee&KRTB&23031-12134d82-6555-40d5-91a3-8fc4580855ee
.ladsp.com/	1970-01-20 07:55:30	Name: cr Value: 1
.ladsp.com/	1970-01-20 17:31:26	Name: smn_uid Value: J627xBBfajZBEKke12K60g8d5mxDWE8
.pubmatic.com/	1970-01-20 08:38:38	Name: KRTBCOOKIE_629 Value: 11487-ARnMK6N4VfGuks8ADx3mbENYT88AAAGE21IFnA
.pubmatic.com/	1970-01-20 08:38:38	Name: KRTBCOOKIE_80 Value: 22987-CAESEJMhDQym3C0KpZrhIH5Bv0g&KRTB&16514-CAESEJMhDQym3C0KpZrhIH5Bv0g&KRTB&23025-CAESEJMhDQym3C0KpZrhIH5Bv0g&KRTB&23386-CAESEJMhDQym3C0KpZrhIH5Bv0g
.tapad.com/	1970-01-20 09:21:50	Name: TapAd_TS Value: 1670126896544
.tapad.com/	1970-01-20 09:21:50	Name: TapAd_DID Value: 4a7b6418-b666-4280-b239-391d355b83e3
.sportradarserving.com/	1970-01-20 16:41:02	Name: zuuid Value: 6723c727-d8bf-462e-854b-108bd60ebebf
.sportradarserving.com/	1970-01-20 16:41:02	Name: c Value: 1670126896
.sportradarserving.com/	1970-01-20 16:41:02	Name: zuuid_lu Value: 1670126896
.sportradarserving.com/	1970-01-20 16:41:02	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 16:41:02	Name: zuuid_k_lu Value: 1670126896
.mathtag.com/	1970-01-20 17:21:22	Name: uuid Value: 529e638c-1d30-4800-a061-2ffe4f2d78bc
.pubmatic.com/	1970-01-20 08:38:38	Name: KRTBCOOKIE_27 Value: 16735-uid:529e638c-1d30-4800-a061-2ffe4f2d78bc&KRTB&16736-uid:529e638c-1d30-4800-a061-2ffe4f2d78bc&KRTB&23019-uid:529e638c-1d30-4800-a061-2ffe4f2d78bc&KRTB&23208-uid:529e638c-1d30-4800-a061-2ffe4f2d78bc
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.adform.net/	1970-01-20 08:40:05	Name: C Value: 1
.semasio.net/	1970-01-20 16:41:02	Name: SEUNCY Value: CD1329F8DA2D0745
.lijit.com/	1970-01-20 16:41:02	Name: ljt_reader Value: Fwf4JLZHIpLuupxIS2CSoVHB
.e-planning.net/	1970-01-20 17:31:26	Name: E Value: AGKFuerrqN-eQ6M7
.adform.net/	1970-01-20 09:21:50	Name: uid Value: 4374557369322276802
.pubmatic.com/	1970-01-20 08:38:38	Name: KRTBCOOKIE_391 Value: 22924-4374557369322276802&KRTB&23263-4374557369322276802
.pubmatic.com/	1970-01-20 08:38:38	Name: KRTBCOOKIE_57 Value: 22776-8519568838365145300&KRTB&23339-8519568838365145300
.simpli.fi/	1970-01-20 16:42:29	Name: suid Value: 16418FFD98EB40779D74EE2BE3BAD6BA
.adnxs.com/	1970-01-20 10:05:02	Name: uuid2 Value: 4883393362692549034
.crwdcntrl.net/	1970-01-20 14:24:14	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 14:24:14	Name: _cc_id Value: 76e9f415853e41bbc5c6c20ce9b2b523
.tynt.com/	1970-01-20 16:41:02	Name: uid Value: CoIKSmOMHTAsBvAnRRgAAg==
.id5-sync.com/	1970-01-20 07:55:27	Name: cf Value:
.id5-sync.com/	1970-01-20 07:55:27	Name: cip Value:
.id5-sync.com/	1970-01-20 07:55:27	Name: cnac Value:
.id5-sync.com/	1970-01-20 07:55:27	Name: car Value:
.id5-sync.com/	1970-01-20 07:55:27	Name: gdpr Value:
.pubmatic.com/	1970-01-20 08:38:38	Name: KRTBCOOKIE_656 Value: 12671-Y4wdMMCo8YQAALi.h9sAAAAA
.id5-sync.com/	1970-01-20 10:05:02	Name: 3pi Value:
.id5-sync.com/	1970-01-20 07:55:27	Name: callback Value:
.id5-sync.com/	1970-01-20 10:05:02	Name: id5 Value: b929b5a1-88c6-72a1-9501-25c74187632b#1670126897056#1
.csync.loopme.me/	1970-01-20 10:05:02	Name: viewer_token Value: 8cb2a072-c1a7-44d2-a1db-d41273d5726c
a4p.adpartner.pro/	1970-01-20 09:21:50	Name: apuid Value: 0a043a36-bac7-42a8-918e-bd44aa853c93
.adtelligent.com/	1970-01-20 09:24:43	Name: a558003 Value: 695B319A-AA29-4331-855F-58B76C1C785C
.adtelligent.com/	1970-01-20 09:24:43	Name: a319130 Value: 8cb2a072-c1a7-44d2-a1db-d41273d5726c
.adtelligent.com/	1970-01-20 09:24:43	Name: a307971 Value: AGKFuerrqN-eQ6M7
.adtelligent.com/	1970-01-20 09:24:43	Name: vmuid Value: d82a417673739a7f
.adtelligent.com/	1970-01-20 09:24:43	Name: a289656 Value: bcdec334-daf7-4918-bd59-ee251eada587
.spotim.market/	1970-01-20 09:24:43	Name: vmuid Value: d82a417673739a7f
cm.mgid.com/	1970-01-20 08:38:38	Name: mg_sync Value: {"265689":1670126895,"363887":1670126895,"371158":1670126895,"433146":1670126895,"501037":1670126896,"516418":1670126895,"617666":1670126898,"675043":1670126895,"709071":1670126895,"712807":1670126895,"718337":1670126897}
.adtelligent.com/	1970-01-20 09:24:43	Name: a309255 Value: 1f52cb55-049b-43f5-8383-38eeb2a4a4d9
.adtelligent.com/	1970-01-20 09:24:43	Name: a310570 Value: Fwf4JLZHIpLuupxIS2CSoVHB
.adtelligent.com/	1970-01-20 09:24:43	Name: a297253 Value: 5417959740647820928
.adtelligent.com/	1970-01-20 09:24:43	Name: a307558 Value: 0a043a36-bac7-42a8-918e-bd44aa853c93
.adtelligent.com/	1970-01-20 09:24:43	Name: a584890 Value: 4883393362692549034
.tynt.com/	1970-01-20 10:05:02	Name: pids Value: %5B%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1670126898359%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1670126898359%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1670126898359%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1670126898359%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1670126898359%7D%5D
.audrte.com/	1970-01-20 08:17:02	Name: arcki2 Value: 37lBe09v4l5TqiY1ijLr2iWhA!20220908!1670126898457!ip#217.138.252.186
.eyeota.net/	1970-01-20 16:41:02	Name: mako_uid Value: 184db520d90-51280000010e568c
.eyeota.net/	1970-01-20 07:55:27	Name: SERVERID Value: 22156~DM
.crwdcntrl.net/	1970-01-20 14:24:14	Name: _cc_cc Value: "ACZ4XmNQMDdLtUwzMTS1MDVONTFMSko2TTZLNjJITrVMMkoyNTJmAILkHlmjf%2F%2F%2F%2F%2BcHccCAd%2BKkF6qMbeUM%2FxkZGbqQ2FOQ2P9%2FXNNngqj5wAhW%2BWzxHBaYru8bp7Cgyu7ed1kAVeQwUD2qyMf3T7lRRd4tQVdz9aQ6qpIrXyxRBS6desTGCHUTALN9VVQ%3D"
.crwdcntrl.net/	1970-01-20 14:24:14	Name: _cc_aud Value: "ABR4XmNgYGBI7pE1AlIQwMTAwDUDxORq%2BgwkAS88A2I%3D"
.audrte.com/	1970-01-20 08:17:02	Name: arcki2_ddp Value: CAESEGYK0KHH7J3dq_3FdAVNkyE!20220908!1670126898688
.bluekai.com/	1970-01-20 12:17:31	Name: bku Value: Whz99e/5Ms1mEML9
.bluekai.com/	1970-01-20 12:17:31	Name: bkpa Value: KJy9BQeJd02pSUHknpD81ezdqsk+SUx21Yjoje68BZaCRMHiBpakBExtBpDyBMWyjZRhRtPARMW81ZD0Bx19FvRw7y==
.33across.com/	1970-01-20 16:41:02	Name: 33x_ps Value: u%3D212048051398537%3As1%3D1670126898882%3Ats%3D1670126898882
.audrte.com/	1970-01-20 08:17:02	Name: arcki2_adform Value: 4374557369322276802!20220908!1670126898868
.yahoo.com/	1970-01-20 16:41:24	Name: A3 Value: d=AQABBDIdjGMCEDbnDhSoyKjhZZiHmEfkSY0FEgEBAQFujWOWYwAAAAAA_eMAAA&S=AQAAAnfWWk_IArPMdNRtsYqDdrY
.openx.net/	1970-01-20 08:17:02	Name: pd Value: v2\|1670126898\|jElYiuvOuIlUkaialQhI
.adsrvr.org/	1970-01-20 16:41:02	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiCj7-_5u2qOxAFEhQKBXRhcGFkEgsIusSxwObtqjsQBRIYCgliaWRzd2l0Y2gSCwiG3ffS5u2qOxAFEhYKB3J1Ymljb24SCwiY8pbU5u2qOxAFGAEgAygCMgsIhtX6__ztqjsQBTgBWgliaWRzd2l0Y2hgAg..
.ladsp.com/	1970-01-20 17:31:26	Name: lum Value: CPWeyNrNMBIFCAMQ0AUSBQgKEJAN
.ad-m.asia/	1970-01-20 17:31:26	Name: uid Value: aBsydKNTXC
.tapad.com/	1970-01-20 09:21:50	Name: TapAd_3WAY_SYNCS Value: 1!8116-2!8116
.openx.net/	1970-01-20 08:17:02	Name: univ_id Value: 537072971\|12134d82-6555-40d5-91a3-8fc4580855ee\|1670126899084145
.admatrix.jp/	1970-01-20 17:31:26	Name: uid Value: e2e43f84-d66d-4822-8740-fe4ac8a56548
.socdm.com/	1970-01-20 17:31:26	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjcwMTI2ODk5LCJwdWJtYXRpYyI6MTY3MDEyNjg5Nn0
.turn.com/	1970-01-20 12:14:38	Name: uid Value: 3664386443204904844
.audrte.com/	1970-01-20 08:17:02	Name: arcki2_azerion Value: bcdec334-daf7-4918-bd59-ee251eada587!20220908!1670126899136
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:41:02	Name: bcookie Value: "v=2&c0b0d9cb-1e55-4e55-8442-dd7141eba4de"
.linkedin.com/	1970-01-20 07:56:53	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2434:u=1:x=1:i=1670126899:t=1670213299:v=2:sig=AQG2vPALztgIjY-oCLaST17UCE76omgm"
sync.srv.stackadapt.com/	1970-01-20 16:41:02	Name: sa-user-id Value: s%3A0-4b9d8bc6-246c-40cf-6064-933c66e42111.751E%2F0ogJhwvruQB1uwivVpHi2luLtWwn0z%2Bbv6AdgQ
.srv.stackadapt.com/	1970-01-20 16:41:02	Name: sa-user-id-v2 Value: s%3AS52LxiRsQM9gZJM8ZuQhEdmK_Lo.s356frhhAJYFUjeMxb4WFIcIMJTV7UHVmZijO5n15oU
.ads.pubmatic.com/	1970-01-20 07:56:53	Name: KCCH Value: YES
.amazon-adsystem.com/	1970-01-20 17:31:26	Name: ad-privacy Value: 0
.pubmatic.com/	1970-01-20 10:05:02	Name: chkChromeAb67Sec Value: 4
.pubmatic.com/	1970-01-20 07:56:53	Name: pi Value: 156813:4
.pubmatic.com/	1970-01-20 10:05:02	Name: SyncRTB3 Value: 1670716800%3A223_2_15%7C1671408000%3A35%7C1675296000%3A69%7C1671321600%3A21_214_8_220_56_54_13_71_107_234_202_7_207_76_179_3_22_217_96_209_233_5%7C1670976000%3A63
.uncn.jp/	1970-01-20 16:41:02	Name: t Value: v_393b9b9c-dcaa-4ddf-b530-07496c98ca7f
.c.appier.net/	1970-01-20 16:41:02	Name: _auid Value: wqhu-JrFAnCuR97_Mx2MYw
.pubmatic.com/	1970-01-20 08:38:38	Name: KRTBCOOKIE_1201 Value: 23170-v_393b9b9c-dcaa-4ddf-b530-07496c98ca7f&KRTB&23180-v_393b9b9c-dcaa-4ddf-b530-07496c98ca7f
.pubmatic.com/	1970-01-20 08:38:38	Name: KRTBCOOKIE_904 Value: 16787-wqhu-JrFAnCuR97_Mx2MYw
.adtdp.com/	1970-01-20 17:31:26	Name: uid Value: 0d5c2ee2-dade-4bb0-8f65-3a276d29371c
.adtdp.com/	1970-01-20 17:31:26	Name: pr Value: ame
.pubmatic.com/	1970-01-20 08:38:38	Name: KRTBCOOKIE_1123 Value: 23102-0d5c2ee2-dade-4bb0-8f65-3a276d29371c
.pubmatic.com/	1970-01-20 08:38:38	Name: KRTBCOOKIE_943 Value: 19522-45LCqRIeKkM
.analytics.yahoo.com/	1970-01-20 16:41:02	Name: IDSYNC Value: 18z8~28ng
.ctnsnet.com/	1970-01-20 16:41:02	Name: cid_d4cbec98a28a4b44addccf37014ac850 Value: 1
.ctnsnet.com/	1970-01-20 16:41:02	Name: cid_9b602443746e4c9a936d53e54decfd4f Value: 1
.pubmatic.com/	1970-01-20 08:38:38	Name: SPugT Value: 1670126899
.pubmatic.com/	1970-01-20 08:15:36	Name: KRTBCOOKIE_1159 Value: 23138-9b602443746e4c9a936d53e54decfd4f&KRTB&23139-9b602443746e4c9a936d53e54decfd4f&KRTB&23328-9b602443746e4c9a936d53e54decfd4f&KRTB&23427-9b602443746e4c9a936d53e54decfd4f
.pubmatic.com/	1970-01-20 08:38:38	Name: KRTBCOOKIE_22 Value: 14911-3664386443204904844&KRTB&23150-3664386443204904844
.pubmatic.com/	1970-01-20 10:05:02	Name: KRTBCOOKIE_860 Value: 16335-S52LxiRsQM9gZJM8ZuQhEdmK_Lo&KRTB&23334-S52LxiRsQM9gZJM8ZuQhEdmK_Lo&KRTB&23417-S52LxiRsQM9gZJM8ZuQhEdmK_Lo&KRTB&23426-S52LxiRsQM9gZJM8ZuQhEdmK_Lo
.adtelligent.com/	1970-01-20 09:24:43	Name: a281178 Value: 695B319A-AA29-4331-855F-58B76C1C785C
.everesttech.net/	1970-01-20 16:41:02	Name: everest_g_v2 Value: g_surferid~Y4wdMwAADu4fwQAe
.pubmatic.com/	1970-01-20 10:05:02	Name: KRTBCOOKIE_218 Value: 4056-Y4wdMwAADu4fwQAe&KRTB&22978-Y4wdMwAADu4fwQAe&KRTB&23194-Y4wdMwAADu4fwQAe&KRTB&23209-Y4wdMwAADu4fwQAe
.quantserve.com/	1970-01-20 10:05:02	Name: d Value: ELoBCwHdJ_ijAA
.quantserve.com/	1970-01-20 17:25:41	Name: mc Value: 638c1d33-bbeaf-dabe1-22fc3
.pubmatic.com/	1970-01-20 10:05:02	Name: KRTBCOOKIE_153 Value: 1923-MpVQlDXCW8QpxAqSZcBFk2XEDcYplFqRZ5XZGt9c&KRTB&19420-MpVQlDXCW8QpxAqSZcBFk2XEDcYplFqRZ5XZGt9c&KRTB&22979-MpVQlDXCW8QpxAqSZcBFk2XEDcYplFqRZ5XZGt9c&KRTB&23403-MpVQlDXCW8QpxAqSZcBFk2XEDcYplFqRZ5XZGt9c
.w55c.net/	1970-01-20 17:25:41	Name: wfivefivec Value: KBmajn6i1P1GiD5
.dotomi.com/	1970-01-20 07:55:26	Name: DotomiTest Value: 3a674789c6c92281
.w55c.net/	1970-01-20 08:38:38	Name: matchpubmatic Value: 5
.pubmatic.com/	1970-01-20 10:05:02	Name: KRTBCOOKIE_107 Value: 1471-uid:KBmajn6i1P1GiD5&KRTB&23421-uid:KBmajn6i1P1GiD5
.pubmatic.com/	1970-01-20 10:05:02	Name: KRTBCOOKIE_32 Value: 11175-AAAMQiLdcr0BpANQWOESAAAAAAA&KRTB&22713-AAAMQiLdcr0BpANQWOESAAAAAAA&KRTB&22715-AAAMQiLdcr0BpANQWOESAAAAAAA
.pubmatic.com/	1970-01-20 08:38:38	Name: PugT Value: 1670126899
.amazon-adsystem.com/	1970-01-20 12:56:24	Name: ad-id Value: A1dCISuGpU4YhQrU_qx4h3E
.rubiconproject.com/	1970-01-20 16:41:02	Name: audit Value: 1\|C6sFMJqG4kK2b9I6MmM5ySsi+zcYprNwuHCPmNDAdPKrLKOqscwnxpg1sI5bRBCCx9ih7MMoB5AkEa5N2k7U1SEEFoCDRlfY6OCC7Xlt7kwBXXriGKTjhcEuNPWQhMos

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cs.nex8.net/cs/openx Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.biketreks.net
a.sportradarserving.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.pubmatic.com
ads.us.e-planning.net
adsd-sync.amanad.adtdp.com
ap.lijit.com
bcp.crwdcntrl.net
biketreks.net
c.mgid.com
c1.adform.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.zx-adnet.com
cm.adform.net
cm.g.doubleclick.net
cm.idealmedia.io
cm.mgid.com
cms.analytics.yahoo.com
cms.quantserve.com
cr-p10.ladsp.com
cr-p3.ladsp.com
creativecdn.com
cs.admanmedia.com
cs.nex8.net
csync.loopme.me
de.tynt.com
dis.criteo.com
dmp.adform.net
dps.jp.cinarra.com
dr5.biz
ds.uncn.jp
eus.rubiconproject.com
events-ssc.33across.com
gocm.c.appier.net
i.e-planning.net
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js.cookieless-data.com
jsc.mgid.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
match.adsrvr.org
mc.yandex.ru
odr.mookie1.com
onetag-sys.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb.openx.net
s-img.mgid.com
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
secure-assets.rubiconproject.com
secure.adnxs.com
servicer.mgid.com
simage2.pubmatic.com
simage4.pubmatic.com
site2text-2021.web.app
ssbsync.smartadserver.com
ssc-cms.33across.com
storage.googleapis.com
sync-dsp.ad-m.asia
sync-tapi.admatrix.jp
sync-tm.everesttech.net
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.e-volution.ai
sync.inmobi.com
sync.mathtag.com
sync.spotim.market
sync.srv.stackadapt.com
tags.bluekai.com
tags.crwdcntrl.net
tags.rd.linksynergy.com
tg.socdm.com
token.rubiconproject.com
tr1.biketreks.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vid.vidoomy.com
www.bigmp3db.com
x.bidswitch.net
cs.nex8.net
103.229.206.241
103.231.99.242
103.231.99.243
103.231.99.80
103.231.99.81
103.43.90.53
103.43.90.54
106.10.236.147
107.178.244.193
107.178.254.65
109.206.161.21
119.9.108.191
124.146.215.49
13.225.165.113
13.251.221.192
141.95.33.111
141.95.98.64
142.251.42.194
151.101.1.195
151.101.2.49
172.104.105.5
18.176.115.166
18.176.247.126
18.178.22.21
182.161.74.16
185.177.94.108
185.184.8.90
185.84.60.23
198.206.157.241
20.127.253.7
2001:41d0:701:1000::31d2
2001:df2:a300:bbbb::135
202.131.200.82
202.131.200.84
204.93.150.153
209.54.182.161
209.58.162.206
23.106.127.39
23.194.224.97
23.207.98.70
23.227.139.243
23.227.145.146
23.39.216.189
23.44.52.187
2404:6800:4004:81d::2010
2406:da18:929:5a00:e0a2:7187:a56d:f5af
2606:4700:10::6816:3456
2606:4700:1::6813:884e
2606:4700:3037::6815:4159
2606:4700::6810:5614
2606:4700::6810:c749
2620:0:890::100
2620:116:800e:21:a878:7c6e:cf7b:3362
2620:1ec:21::14
2a02:6b8::1:119
2a02:6ea0:d300::1
2a02:fa8:c411:11::730
3.0.153.43
34.117.239.71
34.142.175.23
34.98.64.218
34.98.67.3
35.186.193.173
35.186.253.211
35.190.60.146
35.213.12.39
35.213.93.179
35.214.223.115
35.227.202.26
35.71.131.137
37.157.2.234
51.158.28.82
51.79.234.101
52.205.53.251
52.220.190.50
52.73.105.161
54.168.116.126
54.179.142.225
54.239.33.158
54.38.197.123
54.95.122.241
63.251.14.14
64.120.110.136
65.9.42.64
66.155.71.150
67.202.105.23
67.202.105.32
67.202.105.33
8.39.36.141
8.39.36.142
8.43.72.98
80.77.87.166
95.216.65.102
00fd4a095944f948ec6e93f6cdbb471f65942a0fff7f16e394c52429aefd9ea5
04a2c26f1b5845edddcb26138ad333399884afdf8dcc6bd423dd9d3b46a6b742
063d5a193dfda7e49a567b5b16688528ab3a0d0c35084ce7418ad47dd117186a
094f5f18fb7d89b7fddec4c6b80bf9bd47ff5311c98b41747e3ffb62b88e709c
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b2dc063ba0e3f0e238d1b63007bcad869cbe77032364ac931768592f99374f2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb90c30e9c1712f18e3059d847e57673f5f5da527f6dfcc2c9168bedb82ff9f
11772f06041b43e63472fdb8bcb428b2fa194eb1d72649195f899bc14dd0ed8c
134b3fb36dfebc5f1e5969377b900c78a52aa31f86e7d5642281822966c027c0
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b3fc7994db431ccd3283912363695f293f2fb3469e7ef425a15aa0d1a8636fb
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
2111afbadba1893a60d5599326a129b61890e0bcf2f4f13cb136bfcded530271
22d8234cf8cbc4a9b91789100bf5a0bf8c8fec8be585043e8305915c653fbc15
23076d9331642ba72ee05b761bfc9eb9765dce75f8e4b2dd5902fe50b7d0d396
23f413691b06ef0ff9abe5da8926dc3ab60d8db081a750489543c4f333511181
28f2ff7154b7ed319428d97aa8eda2c964ea8d41676f1c4fc528df20dbf895aa
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32560aceed52e08d95ecd1be2cabc9e7276e615edfe5980909ae6663019f3d6f
3398c8b278a30b9dcc211e8bb0ce5b3c17c0e2bfa0c937e520a2dfb9e3c82d5f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3e2b20294580da941cf51cb10015a86ecec2fe2321ce4570a03a74d14cefac3f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e809910cb8b6f47a636354b43ef8f83e6c7e4ffd28d8ae1c241968125295f3
43d2f111fe2f889eca75acc81a8d0f74257004f252e523db813a3a059cf476fb
46dcf684cff677890e71ecff954c567942982da8480f6f969495595b884c1dfe
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49588350b8bf955cb93a3bf42a64f00e709ffd4c729da359454705cc00790185
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e281bde4e28ce15307239b87bb3a0608dd163b52013cb0d7e2e6c159aac3ad2
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4fbb34391124417f1861fef126cdcfadc1154022333f18a6758ec39cd0b9f649
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58b5f8b5dc6f0080fcd9155e1b5232310f25b7c2b9bf88ca1aefc7717d210b90
5df1163d3788d988f41ad5d4407d745c9b61eb28ff23df372e628a63a437c887
5e4136d1f23f9e1d6c54ce619e9e50bb5a09923284c43f01bc78d49f810e70e5
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
699e13c6244135002a4dfcfa941ea01528733b026f5049622933d780f74bf474
6a295ee7242d6561c2e50d19ecbab9b577baef36b18197ffe26888e8637a4bc4
6a3d04874e62000c66bf4ca845fbde04ecb011a85bb4cb54f0cdf5598529709a
6eaa2cf517eb6701f65d475bb770034b7d5529784a3728a73d9c09b6ec74dc05
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
76d817a261cb69b6ce3782b4328102ac438f56b3959c2e075cf98a9b20fcd514
7703db66919d22b28485f8ef21bb62e8d3159021acb2d33dd8c0bf3f08c27603
7848f2af9b612cacba7195a1be5277fc4d053acc0448824f0058199d12c70cf4
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7ad9308d30e2a9a87c3eb37ce8707216f92e817d78d5bdd349423f2502cd4024
84e0086cbdee4cd4d92bc8d01957cd7365ed7bc3287a7959d0dadcb087226683
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
862279ce0bbffd34d82ffcc4d6fc83223c76f9f8ee4de9f1b3b498b1ee62556f
886bfe90ecfd2d7e5cf02b5f2cdd09fa556840fa513ae5465d9a4697d28b8bc1
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d9f69b458097c709f4c00bebf9040036f09ac49fb8f6543755dbb36227a7041
9e390cac58d0a7c61749867209a8dade15dcf5c218a8fb9316a86a38aec14232
9e823b1a313dbdfefe6f1b6a72f5e8e2855c38d2007e06b7b8b0aa0e14037221
a00dd2997b1b792792b28425424e08c3102aeba4f12a2ae600bfc7937ffc0a47
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
a6b37cd8558ed7d315b153c2c53bd0b659b7de19a4b9ee38ab925180d3dec940
a933537ad57b717ada330ffec1564f0fcc8e881e7303925252e6b79f7ef9adfa
a9edc112e6eeb10f0f1ef445467bc2df1f549737ff15da29e0c978c9e068c0c2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aba5f58024a60f953904e968805e7aca49662dcf26b32d52abc3db213f7042cd
ac3a78ba0adc63a01cbbbd79fe38baa169867874bd4a9bc9adf2b221a5e4b96f
acf568c795b66a2c70374723a2d362e6c6fef6552d85bb9fcdf22cbda90feb48
b93d3ad05d5001b63a353f35b5a76fe1f34032b67f6a9ef426611c285fe7ffc9
bc9316039e195480aa7580b1acd1619b0d1290c164abcd64ce536f15a32f0996
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
cc42fbad87557d793718e9b6d46cff99798ce807bc4ae2a62d659c8d54979b61
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7fb281109e6a8b09ea9e5ce23720fa80fbbfb8e76dc5d5a0e17b8a551fea46a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f298ca2ac8929e7579c0af864f44510ea180274b6674815e0a24dd378a7ea184
f7f98f4a37002af2f9f3c94ce44a063f6dcf1199e983e48f2b1ca65ae35ae9ff
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

tr1.biketreks.net Open in urlscan Pro 2606:4700:3037::6815:4159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

194 Requests

65 %HTTPS

16 %IPv6

72 Domains

109 Subdomains

55 IPs

13 Countries

1257 kBTransfer

2519 kBSize

152 Cookies

58 Outgoing links

Redirected requests

194 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tr1.biketreks.net Open in urlscan Pro
2606:4700:3037::6815:4159 Public Scan

Screenshot
Live screenshot

Full Image

194
Requests

65 %
HTTPS

16 %
IPv6

72
Domains

109
Subdomains

55
IPs

13
Countries

1257 kB
Transfer

2519 kB
Size

152
Cookies

194 HTTP transactions
1 data transactions