urlscan.io logo urlscan.io
SecurityTrails logo

small-bizsense.com Open in urlscan Pro
104.196.183.243  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?ar=826&template=513&utm_source=ex&utm_medium=native&utm...
Effective URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbi...
Submission: On November 24 via manual from LK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 58 IPs in 12 countries across 63 domains to perform 168 HTTP transactions. The main IP is 104.196.183.243, located in North Charleston, United States and belongs to GOOGLE, US. The main domain is small-bizsense.com.
TLS certificate: Issued by R3 on October 9th 2021. Valid for: 3 months.
This is the only time small-bizsense.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
26 104.196.183.243 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 167.71.82.6 14061 (DIGITALOC...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 143.204.98.98 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:215... 16509 (AMAZON-02)
3 142.250.186.98 15169 (GOOGLE)
2 151.101.129.194 54113 (FASTLY)
1 54.151.61.62 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 50.19.31.75 14618 (AMAZON-AES)
4 2a0c:5c81:509... 55081 (24SHELLS)
1 52.15.219.226 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 67.202.105.34 32748 (STEADFAST)
2 5.178.65.245 50673 (SERVERIUS-AS)
1 104.154.142.214 15169 (GOOGLE)
1 2 2620:116:800d... 16509 (AMAZON-02)
3 23.218.208.200 16625 (AKAMAI-AS)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
1 2600:9000:215... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 3.127.253.208 16509 (AMAZON-02)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 143.204.98.17 16509 (AMAZON-02)
3 2600:9000:215... 16509 (AMAZON-02)
1 2 37.157.4.23 198622 (ADFORM)
2 89.187.169.47 60068 (CDN77 ^_^)
3 4 37.157.3.29 198622 (ADFORM)
2 2 213.155.156.185 1299 (TWELVE99 ...)
18 185.64.190.80 62713 (AS-PUBMATIC)
1 2 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 151.101.66.49 54113 (FASTLY)
2 3 52.215.67.233 16509 (AMAZON-02)
7 7 142.250.185.98 15169 (GOOGLE)
1 1 162.55.6.213 24940 (HETZNER-AS)
1 1 87.98.242.60 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 173.231.180.197 29791 (VOXEL-DOT...)
1 1 2a04:4e42::300 54113 (FASTLY)
1 151.101.1.44 54113 (FASTLY)
3 3 213.19.147.44 3356 (LEVEL3)
5 5 3.33.220.150 16509 (AMAZON-02)
1 195.5.165.20 44968 (IPROM-AS)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 185.29.134.244 30419 (MEDIAMATH...)
2 198.47.127.20 62713 (AS-PUBMATIC)
1 2 51.210.112.236 16276 (OVH)
2 2 34.254.143.3 16509 (AMAZON-02)
1 159.122.14.34 36351 (SOFTLAYER)
2 2 185.33.220.243 29990 (ASN-APPNEX)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
9 9 3.126.38.41 16509 (AMAZON-02)
2 2 18.185.243.227 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 66.155.71.150 13768 (COGECO-PEER1)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 34.102.253.54 15169 (GOOGLE)
1 54.77.19.59 16509 (AMAZON-02)
9 143.204.98.103 16509 (AMAZON-02)
3 143.204.98.110 16509 (AMAZON-02)
1 12 35.157.138.20 16509 (AMAZON-02)
3 8 188.132.147.235 42910 (PREMIERDC...)
1 1 37.252.172.68 29990 (ASN-APPNEX)
1 1 23.218.208.246 16625 (AKAMAI-AS)
2 2 72.251.244.141 29791 (VOXEL-DOT...)
1 69.173.144.165 26667 (RUBICONPR...)
1 1 54.36.172.109 16276 (OVH)
1 185.64.190.81 62713 (AS-PUBMATIC)
2 2 96.46.183.20 ()
168 58
26    104.196.183.243 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 243.183.196.104.bc.googleusercontent.com
small-bizsense.com
4    2606:4700:20::681a:3d4 (United States)

ASN13335 (CLOUDFLARENET, US)
data.driftstreams.com
www.driftstreams.com
1    167.71.82.6 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
www.cybersecuritydegrees.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:9000:2156:9200:f:458e:2a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.thisiswaldo.com
1    143.204.98.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-98.fra50.r.cloudfront.net
platform-api.sharethis.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2600:9000:2156:5000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
3    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
2    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    54.151.61.62 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-61-62.us-west-1.compute.amazonaws.com
ipfind.co
1    2600:9000:2156:2400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
2    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
google-analytics.com
www.google.com
4    50.19.31.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-31-75.compute-1.amazonaws.com
www.zergnet.com
4    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
s.console.adtarget.com.tr
1    52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com
thisiswaldo.com
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
ic.tynt.com
2    5.178.65.245 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
1    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
2    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
3    23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2600:9000:2156:5e00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.quantcast.mgr.consensu.org
1    2600:9000:2156:4c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    3.127.253.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-253-208.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    143.204.98.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-17.fra50.r.cloudfront.net
audit-tcfv2.quantcast.mgr.consensu.org
3    2600:9000:2156:6400:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
2    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
2    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cdn.admatic.com.tr
4    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.185 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
18    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    52.215.67.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-67-233.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
7    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    162.55.6.213 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.6.55.162.clients.your-server.de
csync.loopme.me
1    87.98.242.60 (Saarbrücken, Germany)

ASN16276 (OVH, FR)
PTR: ip60.ip-87-98-242.eu
green.erne.co
1    2606:4700:3039::6815:c04e (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
3    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh
pixel.onaudience.com
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
1    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
2    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
9    3.126.38.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-38-41.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    18.185.243.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-243-227.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    54.77.19.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
9    143.204.98.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-103.fra50.r.cloudfront.net
img4.zergnet.com
img2.zergnet.com
img1.zergnet.com
3    143.204.98.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-110.fra50.r.cloudfront.net
img5.zergnet.com
12    35.157.138.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
ih.adscale.de
8    188.132.147.235 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-235-147-132-188.sadecehosting.net
ads3.admatic.com.tr
ads4.admatic.com.tr
1    37.252.172.68 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 831.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
adscale-emea.adnxs.com
1    23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
2    72.251.244.141 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
tracking.m6r.eu
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    54.36.172.109 (France)

ASN16276 (OVH, FR)
PTR: pl01.roqad.pl
ws.rqtrk.eu
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
2    96.46.183.20 (None, )

ASN- ()
ads.betweendigital.com
Apex Domain
Subdomains		 Transfer
26 small-bizsense.com
small-bizsense.com
704 KB
25 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
36 KB
16 zergnet.com
www.zergnet.com
img4.zergnet.com
img2.zergnet.com
img5.zergnet.com
img1.zergnet.com
244 KB
15 adscale.de
js.adscale.de
ih.adscale.de
16 KB
12 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
150 KB
10 admatic.com.tr
cdn.admatic.com.tr
ads3.admatic.com.tr
ads4.admatic.com.tr
22 KB
9 bidswitch.net
x.bidswitch.net
4 KB
7 consensu.org
quantcast.mgr.consensu.org
test.quantcast.mgr.consensu.org
audit-tcfv2.quantcast.mgr.consensu.org
172 KB
6 adform.net
cm.adform.net
c1.adform.net
track.adform.net
3 KB
5 adsrvr.org
match.adsrvr.org
2 KB
4 mathtag.com
sync.mathtag.com
2 KB
4 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
11 KB
4 driftstreams.com
data.driftstreams.com
www.driftstreams.com
35 KB
3 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
2 KB
3 adnxs.com
ib.adnxs.com
secure.adnxs.com
adscale-emea.adnxs.com
3 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 adtelligent.com
s.adtelligent.com
sync.adtelligent.com Failed
3 KB
3 sharethis.com
platform-api.sharethis.com
buttons-config.sharethis.com
l.sharethis.com
42 KB
2 betweendigital.com
ads.betweendigital.com
1 KB
2 m6r.eu
tracking.m6r.eu
1 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel.onaudience.com
736 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 taboola.com
trc.taboola.com
match.taboola.com
652 B
2 everesttech.net
sync-tm.everesttech.net
746 B
2 criteo.com
dis.criteo.com
862 B
2 de17a.com
d5p.de17a.com
637 B
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
10 KB
2 e-planning.net
ads.us.e-planning.net
183 B
2 google-analytics.com
google-analytics.com
www.google-analytics.com
20 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net
73 KB
2 gstatic.com
fonts.gstatic.com
64 KB
2 thisiswaldo.com
cdn.thisiswaldo.com
thisiswaldo.com
98 KB
2 googlesyndication.com
pagead2.googlesyndication.com
148 KB
2 googleapis.com
fonts.googleapis.com
2 KB
1 rqtrk.eu
ws.rqtrk.eu
515 B
1 casalemedia.com
ssum.casalemedia.com
839 B
1 gumgum.com
rtb.gumgum.com
238 B
1 playground.xyz
ads.playground.xyz
462 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 sitescout.com
pixel-sync.sitescout.com
337 B
1 turn.com
ad.turn.com
518 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 simpli.fi
um.simpli.fi
616 B
1 iprom.net
core.iprom.net
279 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 adgrx.com
cm.adgrx.com
408 B
1 ad4m.at
ad4m.at
915 B
1 erne.co
green.erne.co
325 B
1 loopme.me
csync.loopme.me
184 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 quantcount.com
rules.quantcount.com
345 B
1 lockerdome.com
lockerdome.com
249 B
1 tynt.com
ic.tynt.com
1 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr Failed
1 KB
1 google.de
www.google.de
501 B
1 google.com
www.google.com
501 B
1 ipfind.co
ipfind.co
423 B
1 jquery.com
code.jquery.com
30 KB
1 cybersecuritydegrees.com
www.cybersecuritydegrees.com
0 connatix.com Failed
cds.connatix.com Failed
168 63
Domain Requested by
26 small-bizsense.com www.driftstreams.com
small-bizsense.com
12 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
11 simage2.pubmatic.com ads.pubmatic.com
9 x.bidswitch.net 9 redirects
7 cm.g.doubleclick.net 7 redirects
7 image2.pubmatic.com ads.pubmatic.com
5 ads3.admatic.com.tr cdn.admatic.com.tr
s.console.adtarget.com.tr
5 match.adsrvr.org 5 redirects
5 quantcast.mgr.consensu.org cdn.thisiswaldo.com
quantcast.mgr.consensu.org
4 img4.zergnet.com small-bizsense.com
4 sync.mathtag.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 www.zergnet.com small-bizsense.com
www.zergnet.com
3 ads4.admatic.com.tr 3 redirects
3 img5.zergnet.com small-bizsense.com
3 img2.zergnet.com small-bizsense.com
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 ads.pubmatic.com s.adtelligent.com
s.console.adtarget.com.tr
ads.pubmatic.com
3 s.adtelligent.com cdn.thisiswaldo.com
s.adtelligent.com
3 securepubads.g.doubleclick.net cdn.thisiswaldo.com
securepubads.g.doubleclick.net
3 www.driftstreams.com small-bizsense.com
www.driftstreams.com
2 ads.betweendigital.com 2 redirects
2 tracking.m6r.eu 2 redirects
2 img1.zergnet.com small-bizsense.com
2 ads.creative-serving.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 dis.criteo.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 eus.rubiconproject.com s.adtelligent.com
eus.rubiconproject.com
2 ads.us.e-planning.net s.adtelligent.com
s.console.adtarget.com.tr
2 confiant-integrations.global.ssl.fastly.net cdn.thisiswaldo.com
confiant-integrations.global.ssl.fastly.net
2 fonts.gstatic.com fonts.googleapis.com
2 pagead2.googlesyndication.com small-bizsense.com
pagead2.googlesyndication.com
2 fonts.googleapis.com small-bizsense.com
1 simage4.pubmatic.com ads.pubmatic.com
1 ws.rqtrk.eu 1 redirects
1 token.rubiconproject.com s.adtelligent.com
1 track.adform.net 1 redirects
1 ssum.casalemedia.com 1 redirects
1 adscale-emea.adnxs.com 1 redirects
1 rtb.gumgum.com ads.pubmatic.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 ad.turn.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 ib.adnxs.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 ad4m.at ads.pubmatic.com
1 green.erne.co 1 redirects
1 csync.loopme.me 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 cm.adform.net s.console.adtarget.com.tr
1 audit-tcfv2.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 image6.pubmatic.com ads.pubmatic.com
1 l.sharethis.com platform-api.sharethis.com
1 rules.quantcount.com secure.quantserve.com
1 test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 secure-assets.rubiconproject.com 1 redirects
1 secure.quantserve.com quantcast.mgr.consensu.org
1 lockerdome.com s.adtelligent.com
1 ic.tynt.com s.adtelligent.com
1 s.console.adtarget.com.tr s.adtelligent.com
1 www.google.de small-bizsense.com
1 www.google.com small-bizsense.com
1 stats.g.doubleclick.net google-analytics.com
1 www.google-analytics.com google-analytics.com
1 thisiswaldo.com cdn.thisiswaldo.com
1 google-analytics.com small-bizsense.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 ipfind.co cdn.thisiswaldo.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 platform-api.sharethis.com small-bizsense.com
1 cdn.thisiswaldo.com small-bizsense.com
1 code.jquery.com small-bizsense.com
1 www.cybersecuritydegrees.com small-bizsense.com
1 data.driftstreams.com small-bizsense.com
0 sync.console.adtarget.com.tr Failed s.console.adtarget.com.tr
js.adscale.de
0 sync.adtelligent.com Failed s.adtelligent.com
ads.pubmatic.com
0 cds.connatix.com Failed
168 97
Subject Issuer Validity Valid
small-bizsense.com
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-24 -
2022-06-23		 a year crt.sh
cybersecuritydegrees.com
R3		 2021-10-15 -
2022-01-13		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
cdn.thisiswaldo.com
Go Daddy Secure Certificate Authority - G2		 2021-04-17 -
2022-05-19		 a year crt.sh
sharethis.com
Amazon		 2021-07-19 -
2022-08-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
ipfind.co
Amazon		 2021-02-02 -
2022-03-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.zergnet.com
Amazon		 2021-04-12 -
2022-05-11		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-04 -
2022-01-02		 3 months crt.sh
thisiswaldo.com
Go Daddy Secure Certificate Authority - G2		 2021-09-25 -
2022-10-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-09-30 -
2021-12-29		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
ads.us.e-planning.net
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-10-29		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-11-13 -
2022-02-11		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.iprom.net
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
ads4.admatic.com.tr
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh

This page contains 36 frames:

Primary Page: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Frame ID: F0E0E61DD13F677895650E0AC5D4277D
Requests: 80 HTTP requests in this frame

Frame: https://cds.connatix.com/p/139883/connatix.player.dc.js
Frame ID: 96D82554E5BFD20FB5CFC26E8128C1F7
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/139883/connatix.playspace.dc.js
Frame ID: B0A0188B10A21CCA8BC6F1AEEC840134
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 9A189CDF361D4ABBB941B70398ECE921
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=555831
Frame ID: 637747E108D171D777002B0988755698
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=563719
Frame ID: 8813B31719AA23265CA5F8C474B9958A
Requests: 8 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=4d398b08-a03e-41c0-94c5-7ff3c8424587
Frame ID: 45159CF20DCD81C604F7BFEF0D99A1D9
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=609096
Frame ID: D378B3B53A4A2EDEEAFD9A8E14699AFE
Requests: 2 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: AE9995F19DF309D2EE8546F01F5DAAE8
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 812BE73767A98C0026130056A90C33D2
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: F27E6E2744913B51FF15BAA0DED4DFCD
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 05D779DF386A7D551EC8E39E299D8917
Requests: 23 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 83B15875B5883DBDACB7DE536BB20C9B
Requests: 3 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: DB293B52B6CCE45B0F4E8115B33E044D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: DB0D0D3E11DA84130BA9E768A279BE9B
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 32E0639247F6BA71F923AA45C6C751B6
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: A25BB026FF2A744F0CEA182AC4588B0E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 22FFF9D2E16588274A20E394AD344945
Requests: 8 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 0A992CCAACD7C0D5597AC32AA6F84F41
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=R1mVmoJKnP2WOl09UXXH&pi=admatic&tc=1
Frame ID: 1BDFC215267705FF2C1D4389CA1E87FA
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4C56C24F-D53A-4FD7-A603-8F009E0D656C
Frame ID: 5B88F6BC29CB5A47F66F6BD132A5D07C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3202246598177083700
Frame ID: 81831BAF68F760B5302654C890473D2A
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 7C1A4FA2A890435E3B050DDADC463BEE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7034005151989364877
Frame ID: 0F2DCD2C399A40ABBD902168DB041740
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZ3OawAG8JqRhwBG&gdpr=0&gdpr_consent=&_test=YZ3OawAG8JqRhwBG
Frame ID: DE73D9B033E13CED7F5AC7796EE8CD33
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 37662C97A79612C398629D958EA3140D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: E99C02757544A5FC486C4A8A37339C0F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=35ETAr7lsXGGIrG2OazeX3ns
Frame ID: 11908A2FE57177DED5E688DCB44FC3EE
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 5898BC146FC6D7BD898395184F320924
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: B039D07B7792CE27ACC7C4C17960D8A2
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=62cbef90-550e-4517-a619-5ff81044b10d-tuct89753eb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: E9775B5A4893FC1EEB4EC7C5582961DE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b8bf3cd0-5780-4e56-8b0c-0176cc970a2f-003
Frame ID: E83BAE2985D402E5E95FC2D95F548397
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: E6138D636DA9EA7FAE2D934025D9A13B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 1BB808E1167DD8A3DA3A2D783978CAC9
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=4C56C24F-D53A-4FD7-A603-8F009E0D656C
Frame ID: 6E91EC59376D8EA3C6259BDAE780C3F5
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: E55CBC0444873F134AE133B2E95282D9
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

How to Stop Ransomware Before it Starts |Small Business Sense

Page URL History Show full URLs

  1. https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?ar=826&template=513&utm_source=ex&u... Page URL
  2. https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm... Page URL

Page Statistics

168
Requests

74 %
HTTPS

29 %
IPv6

63
Domains

97
Subdomains

58
IPs

12
Countries

1887 kB
Transfer

4259 kB
Size

85
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?ar=826&template=513&utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco Page URL
  2. https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/139883/connatix.player.dc.js
Request Chain 7
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/139883/connatix.playspace.dc.js
Request Chain 61
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=4d398b08-a03e-41c0-94c5-7ff3c8424587
Request Chain 66
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=a8c6f845-06be-440a-8a40-b48135ee8cc1
Request Chain 68
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=99c0cb0e-6430-4e76-9031-dbd53a256412
Request Chain 69
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=a4ed6865cc39b49d9d28f691
Request Chain 70
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=891942591941144511
Request Chain 76
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 77
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YZ3OaxLRxFNrbQsqIgDOvgAA%261112
Request Chain 95
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=R1mVmoJKnP2WOl09UXXH&pi=admatic&tc=1
Request Chain 97
  • https://c1.adform.net/serving/cookie/match?party=14&cid=4C56C24F-D53A-4FD7-A603-8F009E0D656C HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4C56C24F-D53A-4FD7-A603-8F009E0D656C
Request Chain 98
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3202246598177083700
Request Chain 100
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7034005151989364877
Request Chain 101
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YZ3OawAG8JqRhwBG HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZ3OawAG8JqRhwBG&gdpr=0&gdpr_consent=&_test=YZ3OawAG8JqRhwBG
Request Chain 102
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBcXZFN0RPNTBBQUNra0pSZVJlZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 103
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 104
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=35ETAr7lsXGGIrG2OazeX3ns
Request Chain 107
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=62cbef90-550e-4517-a619-5ff81044b10d-tuct89753eb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 108
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6764168263 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6764168263 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/ad7643a5-9d2c-459f-ae82-4e0de76618a6 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b8bf3cd0-5780-4e56-8b0c-0176cc970a2f-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-b8bf3cd0-5780-4e56-8b0c-0176cc970a2f-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b8bf3cd0-5780-4e56-8b0c-0176cc970a2f-003
Request Chain 110
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 112
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TFbCT9U6T9emA48Ang1lbA%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TFbCT9U6T9emA48Ang1lbA%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 113
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b3fb619d-ce6b-4a00-b1d8-22f415f2c564
Request Chain 114
  • https://pixel.onaudience.com/?partner=214&mapped=4C56C24F-D53A-4FD7-A603-8F009E0D656C HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=d58db65c8c4b3c1fde094dc82af701ac
Request Chain 115
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEM1NkMyNEYtRDUzQS00RkQ3LUE2MDMtOEYwMDlFMEQ2NTZD&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEM1NkMyNEYtRDUzQS00RkQ3LUE2MDMtOEYwMDlFMEQ2NTZD&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 116
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEDYrpG7XyWeBJTkPazwrW8&google_cver=1
Request Chain 118
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:484f619d-ce6b-4200-8b23-b6ae6ae7d5e2&gdpr=0&gdpr_consent=
Request Chain 119
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4652320884610693454
Request Chain 120
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ad7643a5-9d2c-459f-ae82-4e0de76618a6
Request Chain 121
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=891942591941144511&gdpr=0&gdpr_consent=
Request Chain 122
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PWqYLGg-lyomOpl8Mm2Mfjk5wnsmPZB4OT9NOqel
Request Chain 124
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4C56C24F-D53A-4FD7-A603-8F009E0D656C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4C56C24F-D53A-4FD7-A603-8F009E0D656C&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9EfoQk9E2uXK.jDLnUMz_KnJw5tQxAg-~A&gdpr=0&gdpr_consent=
Request Chain 125
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=81c7ea7b-96ff-4951-a044-944b7d64c5fd HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=81c7ea7b-96ff-4951-a044-944b7d64c5fd HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=d21031d7-8894-44e4-8b93-bf6c485e91d9&ssp=pubmatic&expires=30&user_group=5&bsw_param=81c7ea7b-96ff-4951-a044-944b7d64c5fd HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=81c7ea7b-96ff-4951-a044-944b7d64c5fd&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 127
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7831813436502869437&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 128
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 129
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:83129815-9b49-485c-aeed-7e54e0f25dd6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 130
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=891942591941144511
Request Chain 139
  • https://ih.adscale.de/uu?cbfn=receive&t=1637731947 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1637731947&nut&uu=07559eb5fa78481cb1a3d11eb4f23b4e
Request Chain 153
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=69bdf0f9e0db088ff4a9adecf00f41162dad441c04b73bd22f1991d640b97eab&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F556542ecac464f39ab98e40f26d541f9%2F1637731947792%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=484f619d-ce6b-4200-8b23-b6ae6ae7d5e2&gdpr=0&gdpr_consent=
Request Chain 154
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F556542ecac464f39ab98e40f26d541f9%2F1637731947792%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/556542ecac464f39ab98e40f26d541f9/1637731947792/0/img?tpid=75&tpuid=891942591941144511&gdpr=0
Request Chain 156
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=65beb8e3d140a3f81240a84d608894559da2b2da14f59e43ab5efabab124b096&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F556542ecac464f39ab98e40f26d541f9%2F1637731947792%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YZ3OaxLRxFNrbQsqIgDOvgAA%261112
Request Chain 158
  • https://track.adform.net/serving/cookie/match/?party=9&uid=25709655ccb28ae18ea697307d534c0880191572e2917f73f2f947f8de3cc7bb&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F556542ecac464f39ab98e40f26d541f9%2F1637731947792%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/556542ecac464f39ab98e40f26d541f9/1637731947792/0/img?tpid=42&gdpr=0&tpuid=4652320884610693454
Request Chain 159
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=d45c803b86603c5027185b097ce7a814f84b220836596758e8dcd23f61c0c71e&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F556542ecac464f39ab98e40f26d541f9%2F1637731947792%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=37f43086-fe6a-421f-8a77-1cab6341c7ea&gdpr=0
Request Chain 160
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=40337287518c6cd8188404452d70a0e450e5c6e27a66418a4b72a0b61f12bced&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F556542ecac464f39ab98e40f26d541f9%2F1637731947792%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=484f619d-ce6b-4200-8b23-b6ae6ae7d5e2&gdpr=0&gdpr_consent=
Request Chain 161
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=1b32f9676dbc54d15fead24daf58ace11dd178bf51a219649fb6e8ff9ece141b&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F556542ecac464f39ab98e40f26d541f9%2F1637731947792%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=1b32f9676dbc54d15fead24daf58ace11dd178bf51a219649fb6e8ff9ece141b&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F556542ecac464f39ab98e40f26d541f9%2F1637731947792%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/556542ecac464f39ab98e40f26d541f9/1637731947792/0/js?tpid=48&tpuid=04c2c12b2eec2a1c71b77504f9bbf84b
Request Chain 164
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=admatic&g=1&gdpr_pd=&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id=
Request Chain 166
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=2d0cffe6-4338-5348-a053-c7dec1ce09ac&ssp=admatic&expires=30&user_group=1 HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id=
Request Chain 167
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=ad7643a5-9d2c-459f-ae82-4e0de76618a6&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id=

168 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
small-bizsense.com/how-to-stop-ransomware-before-it-starts/ 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?ar=826&template=513&utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
98df2cf28fdafe93689a3d281c51b3aaf46a64fa13b86cf074450c78b6c31e9f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 24 Nov 2021 05:32:25 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link
<https://small-bizsense.com/wp-json/>; rel="https://api.w.org/" <https://small-bizsense.com/wp-json/wp/v2/posts/26508>; rel="alternate"; type="application/json" <https://small-bizsense.com/?p=26508>; rel=shortlink
x-powered-by
WP Engine
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 2
x-cache-group
normal
content-encoding
br
Small_Biz_Logo_White.png
data.driftstreams.com/wp-content/uploads/2021/09/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.driftstreams.com/wp-content/uploads/2021/09/Small_Biz_Logo_White.png
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?ar=826&template=513&utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6a687cab1b74ca5114bc7abdc747d7d8b67115ebe69e0ae037a5888f418740

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
301447
content-length
26886
last-modified
Thu, 02 Sep 2021 09:08:49 GMT
server
cloudflare
etag
"613094a1-6906"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4ZjC%2FYn6VcObaxY2BpmppaGI2d%2Bfpc6tHw3isRQN4L8wkj8r4r%2B%2B6m36FPvWj13HD9h6UdltXCdEIOPxLCLRwxRvr8j1T3yV%2B7YmobNS8uy%2F4VHhwHymyLz3WW3MdwzHP15ahwAe8AKk1gbgKNfJ%2BV74Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6b3041b80ed0d6dd-FRA
Stopping-Ransomware-Before-It-Starts.jpg
www.cybersecuritydegrees.com/wp-content/uploads/2021/10/ 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cybersecuritydegrees.com/wp-content/uploads/2021/10/Stopping-Ransomware-Before-It-Starts.jpg
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?ar=826&template=513&utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.71.82.6 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Prometheus /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
x-content-type-options
nosniff
allow
GET, POST, HEAD, PURGE
content-length
1594305
x-xss-protection
1; mode=block
pre-cognitive-push
Enabled
quantum-flux-capacity
Omega
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Oct 2021 12:30:07 GMT
server
Prometheus
x-frame-options
sameorigin
etag
"61715d4f-1853c1"
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges
bytes
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?ar=826&template=513&utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://small-bizsense.com/
Origin
https://small-bizsense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
gzip
last-modified
Tue, 02 Mar 2021 17:27:20 GMT
server
nginx
etag
W/"603e7578-15d9d"
vary
Accept-Encoding
x-hw
1637731946.dop156.fr8.t,1637731946.cds213.fr8.hn,1637731946.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
ds-logic-final.js
www.driftstreams.com/s/assets/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.driftstreams.com/s/assets/ds-logic-final.js?ver=187197436634
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?ar=826&template=513&utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081b0583f49f3f027923532340ff2068f1116b851de585140f4d90d135403c13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 12 Nov 2021 00:10:38 GMT
server
cloudflare
etag
W/"618db0fe-3afa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ffxe%2B%2Fx4Kq7IBo6JHvkuGo7N3LMPFu9gqnlTa5qq8HvG0798ck1T2eJhasx30gvj4HZExpgrDRVJTqdznvxtv7FqssdEl3xiCiG48Ni9VuJe3FyMQfBSif6fGrpLXDVB3A%2FM34%2FtLVuP9%2FP57THCgstX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b3041b7f9cd431b-FRA
js.cookie.js
www.driftstreams.com/s/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.driftstreams.com/s/assets/js.cookie.js
Requested by
Host: www.driftstreams.com
URL: https://www.driftstreams.com/s/assets/ds-logic-final.js?ver=187197436634
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Apr 2021 00:57:08 GMT
server
cloudflare
age
761579
etag
W/"606e54e4-f20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zzy7rEXeaDfNfHb7G6Hxh9F9WTy6ov4P1aEVwrZ5oWQCvbvUb0jUf0qPFnBTvIB9%2BsMUqJuUsIYjMg1L6OJBfARkVjigBMEA7sv3N4ZMNcEEnj%2F1i6gUqhvStGtaoOEnrWWtUiFkqhoedvGA20uHK9T"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b3041ba5dc1431b-FRA
expires
Fri, 15 Oct 2021 16:19:06 GMT
connatix.player.dc.js
cds.connatix.com/p/139883/ Frame 96D8
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/139883/connatix.player.dc.js
0
0
connatix.playspace.dc.js
cds.connatix.com/p/139883/ Frame B0A0
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/139883/connatix.playspace.dc.js
0
0
Primary Request /
small-bizsense.com/how-to-stop-ransomware-before-it-starts/ 		56 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Requested by
Host: www.driftstreams.com
URL: https://www.driftstreams.com/s/assets/ds-logic-final.js?ver=187197436634
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
3ee110c8a8203d22fe90433dc9455c76244da225b8b2c54639d64e5584427e9a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?ar=826&template=513&utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco

Response headers

server
nginx
date
Wed, 24 Nov 2021 05:32:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link
<https://small-bizsense.com/wp-json/>; rel="https://api.w.org/" <https://small-bizsense.com/wp-json/wp/v2/posts/26508>; rel="alternate"; type="application/json" <https://small-bizsense.com/?p=26508>; rel=shortlink
x-powered-by
WP Engine
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 1
x-cache-group
normal
content-encoding
br
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
162a3eebb385684e99a8b624b77189f9b5c38cb51d1b814c1c3a84fc17c324a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Nov 2021 04:07:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 24 Nov 2021 05:32:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Nov 2021 05:32:26 GMT
css
fonts.googleapis.com/ 		8 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2819bb4c8daa78c5faf4c09f65f855eae06bb7cd81a0ba31500e23fd987dac5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Nov 2021 05:29:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 24 Nov 2021 05:32:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Nov 2021 05:32:26 GMT
ecologo2_trans.png
small-bizsense.com/wp-content/uploads/2015/08/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://small-bizsense.com/wp-content/uploads/2015/08/ecologo2_trans.png
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
157a7c8593471af7ea9737162eacfb89461cd695b626144e44b168d9421b1f67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
last-modified
Sat, 09 Oct 2021 15:13:11 GMT
server
nginx
etag
"6161b187-1d058"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
118872
pexels-negative-space-97077-scaled.jpg
small-bizsense.com/wp-content/uploads/2021/11/ 		362 KB
362 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://small-bizsense.com/wp-content/uploads/2021/11/pexels-negative-space-97077-scaled.jpg
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f3efd9a98ee170181e03b11604b63aa0579f76a9d3043225facd722412f4fe9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
last-modified
Mon, 22 Nov 2021 19:16:02 GMT
server
nginx
etag
"619bec72-5a758"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
370520
START-A-SMALL-BUSINESS-BLOG.jpg
small-bizsense.com/wp-content/uploads/2015/09/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://small-bizsense.com/wp-content/uploads/2015/09/START-A-SMALL-BUSINESS-BLOG.jpg
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d9040dd9991eacbc8d74e94f0819de46a4c3750aa40c1dd4d3443dd6944028ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
last-modified
Sat, 09 Oct 2021 15:03:43 GMT
server
nginx
etag
"6161af4f-84cb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
33995
START-A-SMALL-BUSINESS-BLOG-5.jpg
small-bizsense.com/wp-content/uploads/2015/09/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://small-bizsense.com/wp-content/uploads/2015/09/START-A-SMALL-BUSINESS-BLOG-5.jpg
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
55e10dba5d34a90e1f3e0a8977d3d8ff3df47c3c75366285a14b6fa758960117

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
last-modified
Sat, 09 Oct 2021 15:19:27 GMT
server
nginx
etag
"6161b2ff-ac5c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
44124
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fffb994d3f7754ea05c9b66a5aeff4d01ca4587ace6f26549af76f24d746e5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51259
x-xss-protection
0
server
cafe
etag
2926065777076145286
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 05:32:26 GMT
5699.js
cdn.thisiswaldo.com/static/js/ 		333 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thisiswaldo.com/static/js/5699.js
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9200:f:458e:2a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
65680b0ba94f530142b957c452363b805adb8a5546f21d0672d5642de0ae4721
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 05:56:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Nov 2021 17:33:14 GMT
server
Apache/2.4.29 (Ubuntu)
age
84986
etag
"5348d-5d0ff6fccf068-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
SBfnGD1QFIU8TZ04HnE3gwwP0d_FH1W0zPHESIb6w9G1AMJHt1Xsmg==
jquery.min.js
small-bizsense.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
etag
W/"6048e0ac-15db1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
small-bizsense.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
main-front.js
small-bizsense.com/wp-content/plugins/wp-automatic/js/ 		1017 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-content/plugins/wp-automatic/js/main-front.js?ver=5.8.2
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Sat, 09 Oct 2021 15:15:34 GMT
server
nginx
etag
W/"6161b216-3f9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
sharethis.js
platform-api.sharethis.com/js/ 		184 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-98.fra50.r.cloudfront.net
Software
/
Resource Hash
444ee2a405e57ede9ef10e17bb58c0351c39e9d21203f242b55a77fd07d30784
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:31:23 GMT
content-encoding
gzip
vary
Accept-Encoding
age
63
etag
W/"2df1b-sQ5Sn/JpfKxrQLYebTQ3d0yXV0s"
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-amz-cf-pop
FRA50-C1
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-id
7MPCHx9oNcdfCuQHuZ8CUJsnI4Qb-bZkZvbGbqYiVIfvE4FVFFXexQ==
nds-public.js
small-bizsense.com/wp-content/plugins/nds/public/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-content/plugins/nds/public/js/nds-public.js?ver=19345
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
216ce0a58582fbd4c2239d00f01df17424fd1f25bb03a303cb358af34d81d870

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Tue, 09 Nov 2021 17:41:56 GMT
server
nginx
etag
W/"618ab2e4-20ea"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
script.min.js
small-bizsense.com/wp-content/themes/focusblog/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-content/themes/focusblog/js/script.min.js?ver=5.8.2
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5b173e378e4fbe542373d488a70433a5ffac3a0f317948ebee11e6d68a0b6846

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Sat, 09 Oct 2021 15:16:04 GMT
server
nginx
etag
W/"6161b234-5da3"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
frontend.min.js
small-bizsense.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=3.2
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
8f8a3e5931aaad7b90bd86a419a1868d459a6c3ad06a036bdb0b59713f446928

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Thu, 11 Nov 2021 14:06:21 GMT
server
nginx
etag
W/"618d235d-b88"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
new-tab.js
small-bizsense.com/wp-content/plugins/page-links-to/dist/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.5
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Sat, 09 Oct 2021 15:15:23 GMT
server
nginx
etag
W/"6161b20b-609e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
intersection-observer.js
small-bizsense.com/wp-content/plugins/jetpack-boost/vendor/automattic/jetpack-lazy-images/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-content/plugins/jetpack-boost/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?ver=1.1.3
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ba58ed4e8dd5b19dda4a55b9ea0e7561c8365d5999673ddbcbb7269fca2d3dd0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 00:39:19 GMT
server
nginx
etag
W/"61789fb7-2394"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
lazy-images.js
small-bizsense.com/wp-content/plugins/jetpack-boost/vendor/automattic/jetpack-lazy-images/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-content/plugins/jetpack-boost/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?ver=1.1.3
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Wed, 27 Oct 2021 00:39:19 GMT
server
nginx
etag
W/"61789fb7-98f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-embed.min.js
small-bizsense.com/wp-includes/js/ 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
etag
W/"5ff5d754-592"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
ads.js
small-bizsense.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 		78 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.35
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Tue, 23 Nov 2021 15:52:57 GMT
server
nginx
etag
W/"619d0e59-4e"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
small-bizsense.com/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
etag
W/"612efc26-13abe"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
blocks.style.build.css
small-bizsense.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 		184 B
341 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.35
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Tue, 23 Nov 2021 15:52:57 GMT
server
nginx
etag
W/"619d0e59-b8"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-automatic.css
small-bizsense.com/wp-content/plugins/wp-automatic/css/ 		3 KB
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Sat, 09 Oct 2021 15:04:20 GMT
server
nginx
etag
W/"6161af74-a99"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
twitter-feed.css
small-bizsense.com/wp-content/plugins/wp-to-twitter/css/ 		2 KB
722 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-content/plugins/wp-to-twitter/css/twitter-feed.css?ver=5.8.2
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
196b0d1013a5fb1985890e13453ab76df8bdcee3d57893e84afa3f3e58eacf52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Sat, 09 Oct 2021 15:13:34 GMT
server
nginx
etag
W/"6161b19e-6ce"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
small-bizsense.com/wp-content/themes/focusblog/ 		439 B
492 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-content/themes/focusblog/style.css?ver=5.8.2
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ee2eff4fe346a378dc427ff8e76edf904efe0d34dcae5cac95acecbbeb467ddd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Sat, 09 Oct 2021 14:55:39 GMT
server
nginx
etag
W/"6161ad6b-1b7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
reset.css
small-bizsense.com/wp-content/themes/focusblog/css/ 		1 KB
774 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-content/themes/focusblog/css/reset.css?ver=20120208
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5ba5f180331bf4ab4fee076fa8e9d37290619aac5200f9682578d047348e9dcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Sat, 09 Oct 2021 15:20:36 GMT
server
nginx
etag
W/"6161b344-4cb"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
main_blue.css
small-bizsense.com/wp-content/themes/focusblog/css/ 		161 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-content/themes/focusblog/css/main_blue.css?ver=5566
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
a89b3b8e4786d2f285257182e8990cb97f251aadc0bc09b77abe7d609da0aeb1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Sat, 09 Oct 2021 15:07:52 GMT
server
nginx
etag
W/"6161b048-284fc"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/gif
sprite-web.png
small-bizsense.com/wp-content/themes/focusblog/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://small-bizsense.com/wp-content/themes/focusblog/images/sprite-web.png
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
2a78b6c5bac1759be4da8740508e6a94ff9567c7f45d213b7303b2d569929f52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
last-modified
Sat, 09 Oct 2021 15:03:51 GMT
server
nginx
etag
"6161af57-48d4"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18644
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://small-bizsense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 13:18:02 GMT
x-content-type-options
nosniff
age
404064
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 19 Nov 2022 13:18:02 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://small-bizsense.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 19 Nov 2021 13:52:02 GMT
x-content-type-options
nosniff
age
402024
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 19 Nov 2022 13:52:02 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/ 		271 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111150101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9013855044087665&plah=small-bizsense.com&bust=31063760
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38c9c68a34a32219fa3309afadc3f20d7773b5c80f15e36d2eaf39245462c2b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99627
x-xss-protection
0
server
cafe
etag
13470141886667730140
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 24 Nov 2021 05:32:26 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 9A18 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 23 Nov 2021 09:43:00 GMT
expires
Tue, 07 Dec 2021 09:43:00 GMT
content-type
text/html; charset=UTF-8
etag
16478831307880631077
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4883
x-xss-protection
0
age
71366
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
choice.js
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/small-bizsense.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/small-bizsense.com/choice.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/5699.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15e4717b95a9c2f5b83e7992e275c644e028c396d1c7ac85c649b094289b990b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 24 Nov 2021 05:32:28 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:30:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"e25a6b48878630948faba6cd6b89c7da"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
spgK3wIRzBEPuq_Gj2oHbfDLfhxcSEiDpCZTgDfCLmS6sEVW99ABnA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/5699.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1053 / 262 of 1000 / last-modified: 1637708722"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26861
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 24 Nov 2021 05:32:26 GMT
config.js
confiant-integrations.global.ssl.fastly.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/ 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/5699.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b83a07f5eeee2ea57ee3c06bdaa5d5db9957b6056f9dd0bb99419bf2b8944fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 05:32:26 GMT
Content-Encoding
gzip
Age
2925
X-Cache
HIT
Connection
keep-alive
Content-Length
12686
x-amz-id-2
UXeaQhvrxFGNU80wiBSPvooGrLea7xHHl9WroFcII9QuMbTSc3CBhcGZJbluS9DmNs4AGkgRtt0=
X-Served-By
cache-fra19174-FRA
Last-Modified
Wed, 24 Nov 2021 03:16:23 GMT
Server
AmazonS3
X-Timer
S1637731947.958974,VS0,VE0
ETag
"5735d471ce06b8f264b9f89760e8fb61"
x-amz-request-id
XF501AZR9BNJA78P
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
16
me
ipfind.co/ 		306 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/5699.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.151.61.62 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-61-62.us-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
fbd2ac728b241e593a239b130321c04573655c1a850271c237024c9732776064

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-encoding
gzip
server
Apache/2.4.18 (Ubuntu)
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://small-bizsense.com
cache-control
no-cache, private
access-control-allow-credentials
true
content-length
199
wp-emoji-release.min.js
small-bizsense.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://small-bizsense.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.183.243 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.183.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:26 GMT
content-encoding
br
last-modified
Tue, 08 Jun 2021 22:15:12 GMT
server
nginx
etag
W/"60bfebf0-4705"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/ 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c125e6a12e3dd1d1d1aec93292e90fb3c28f36646a954402702b1d9c25175b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 05:32:26 GMT
Content-Encoding
gzip
Age
270
X-Cache
HIT
Connection
keep-alive
Content-Length
61293
x-amz-id-2
jzXf5usRbJR3PYvp69Big/B/XsVaN007aaf8DzTo4oE6Ozrfyzq3/rqhk6J2PTv5JM4jjOX3BWs=
X-Served-By
cache-fra19174-FRA
Last-Modified
Wed, 17 Nov 2021 21:29:49 GMT
Server
AmazonS3
X-Timer
S1637731947.978913,VS0,VE0
ETag
"cb7589d017ac65aecf6dc6f5ec17c4b7"
x-amz-request-id
KY5DB13GGJV0P5XQ
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
115
pubads_impl_2021111601.js
securepubads.g.doubleclick.net/gpt/ 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118471
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 09:34:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 24 Nov 2021 05:32:27 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		98 B
109 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=small-bizsense.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
fd2b60df852ebb6466fc3d31eaef744169ca27449147af951ac9ad0642c24ae6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Nov 2021 05:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84
x-xss-protection
0
expires
Wed, 24 Nov 2021 05:32:27 GMT
5ee212024aca040014688972.js
buttons-config.sharethis.com/js/ 		30 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5ee212024aca040014688972.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 24 Nov 2021 05:32:28 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jun 2020 11:14:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"e6e1643313740711175f51662a65b42f"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
accept-ranges
bytes
content-length
30
x-amz-cf-id
ES800PbHzco15CL1k-rHlehC3szIzviXPDPk3z08v-2FGzCoqcc1fg==
analytics.js
google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google-analytics.com/analytics.js
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
45
date
Wed, 24 Nov 2021 05:31:42 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 24 Nov 2021 07:31:42 GMT
zerg.js
www.zergnet.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/zerg.js?id=77646
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.31.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-31-75.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c4aa62eb941e54a576bedd888da2f8076eee62d79b7ed35b7ad0b895507848a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-encoding
gzip
expires
Wed, 01 Dec 2021 05:32:27 GMT
server
nginx
content-type
application/javascript; charset=UTF-8
zerg.js
www.zergnet.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/zerg.js?id=77647
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.31.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-31-75.compute-1.amazonaws.com
Software
nginx /
Resource Hash
79a2511df1eed998df236244679dd1f5e9ea457ff9c9274246c6fc4cf1feaecc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-encoding
gzip
expires
Wed, 01 Dec 2021 05:32:27 GMT
server
nginx
content-type
application/javascript; charset=UTF-8
js.cookie.js
www.driftstreams.com/s/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.driftstreams.com/s/assets/js.cookie.js
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/wp-content/plugins/nds/public/js/nds-public.js?ver=19345
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Apr 2021 00:57:08 GMT
server
cloudflare
age
761580
etag
W/"606e54e4-f20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnubrlCJZMrzZCUrhA%2FNGLiSFmtgwN7JXjs2RIlEl4JRivlGh0EQCxcwx%2BAxKzEU6bXiQkb2hiSziNHEekopoiu9wqZedp%2Boe3sztEVQANHYmgM6e%2BKsZkm%2B5rIcwoyHoTmp%2BR%2BFzQYA3PEHBJsdLs0G"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6b3041bd3b0b431b-FRA
expires
Fri, 15 Oct 2021 16:19:06 GMT
sync.html
s.adtelligent.com/ Frame 6377 		1 KB
848 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=555831
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/5699.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
c986ffee22d6e83dc55c5bc2eab1e42d3d2548fca476971727f2bd6bb9e92720

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/

Response headers

Server
VertaMedia 1.0
Date
Wed, 24 Nov 2021 05:32:26 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
562
Access-Control-Allow-Origin
https://small-bizsense.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
track-impression
thisiswaldo.com/js/ 		1 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thisiswaldo.com/js/track-impression
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/5699.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-219-226.us-east-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://small-bizsense.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Wed, 24 Nov 2021 05:32:27 GMT
X-Content-Type-Options
nosniff, nosniff
Server
Apache/2.4.29 (Ubuntu)
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1
Expires
Sun, 19 Nov 1978 05:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=197382739&t=pageview&_s=1&dl=https%3A%2F%2Fsmall-bizsense.com%2Fhow-to-stop-ransomware-before-it-starts%2F%3Futm_source%3Dex%26utm_medium%3Dnative%26utm_campaign%3Dex-smallbiz_sco&ul=en-us&de=UTF-8&dt=How%20to%20Stop%20Ransomware%20Before%20it%20Starts%20%7CSmall%20Business%20Sense&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=83906336&gjid=420712751&cid=848806784.1637731947&tid=UA-37925772-1&_gid=278841826.1637731947&_r=1&_slc=1&z=967308313
Requested by
Host: google-analytics.com
URL: https://google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://small-bizsense.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://small-bizsense.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-37925772-1&cid=848806784.1637731947&jid=83906336&gjid=420712751&_gid=278841826.1637731947&_u=IEBAAEAAAAAAAC~&z=119309878
Requested by
Host: google-analytics.com
URL: https://google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://small-bizsense.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
text/plain
access-control-allow-origin
https://small-bizsense.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-37925772-1&cid=848806784.1637731947&jid=83906336&_u=IEBAAEAAAAAAAC~&z=158585391
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-37925772-1&cid=848806784.1637731947&jid=83906336&_u=IEBAAEAAAAAAAC~&z=158585391
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.html
s.adtelligent.com/ Frame 8813 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=563719
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=555831
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
459c5ba85d3b245f0a2a6463685899abf174667da17a5f8bb533c0df91617818

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/sync.html?aid=555831

Response headers

Server
VertaMedia 1.0
Date
Wed, 24 Nov 2021 05:32:26 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1127
Access-Control-Allow-Origin
https://s.adtelligent.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
csync
sync.adtelligent.com/ Frame 4515
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=4d398b08-a03e-41c0-94c5-7ff3c8424587
0
0
sync.html
s.console.adtarget.com.tr/ Frame D378 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=609096
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
8374538d37b7f0bd9b60b4088b2e6aa893e5bc763d6e738acdaef83df8ffec91

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/

Response headers

Server
VertaMedia 1.0
Date
Wed, 24 Nov 2021 05:32:27 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
876
Access-Control-Allow-Origin
https://s.adtelligent.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
d
ic.tynt.com/r/ Frame AE99 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/

Response headers

server
nginx/1.16.1
date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
/
ads.us.e-planning.net/uspd/1/ Frame 812B 		13 B
92 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/

Response headers

server
openresty
date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
text/html
content-length
13
x-sid
AMS-603
sync.html
s.adtelligent.com/ Frame F27E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
282891b3961bb82bfa9850b4b003d09b309c4ac8250ee56592172c165047373a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/sync.html?aid=563719

Response headers

Server
VertaMedia 1.0
Date
Wed, 24 Nov 2021 05:32:27 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
792
Access-Control-Allow-Origin
https://s.adtelligent.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
csync
sync.adtelligent.com/ Frame 8813
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=a8c6f845-06be-440a-8a40-b48135ee8cc1
0
0
csync
sync.adtelligent.com/ Frame 8813 		0
0
csync
sync.adtelligent.com/ Frame 8813
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=99c0cb0e-6430-4e76-9031-dbd53a256412
0
0
csync
sync.adtelligent.com/ Frame 8813
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=a4ed6865cc39b49d9d28f691
0
0
csync
sync.adtelligent.com/ Frame 8813
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=891942591941144511
0
0
prebidserver
lockerdome.com/usync/ Frame 8813 		43 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lockerdome.com/usync/prebidserver?pid=11201047612067584&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D285400%26extuid%3D%7B%7Buid%7D%7D
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=563719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 05:32:27 GMT
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
ETag
W/"2b-J5MV1QeFXGpDUeHiwvOd2c0vzNg"
Content-Length
43
Content-Type
image/gif
csync
sync.adtelligent.com/ Frame 8813 		0
0
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/small-bizsense.com/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 01 Dec 2021 05:32:27 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		179 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=small-bizsense.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/small-bizsense.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b850fd9301b5a95c9c7ead67c57622e1a06680f69bf8d2f5ce57983011da3b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:31:31 GMT
content-encoding
br
age
56
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Thu, 04 Nov 2021 17:39:32 GMT
server
AmazonS3
etag
W/"0a70fce71435f53991adb4bbecc5d2cf"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
rBoAIOcnHFaG34hqrjROKUBhcILlYR8f0o9UNjpR15jyrnIGb_wovg==
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 05D7 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=46254
expires
Wed, 24 Nov 2021 18:23:21 GMT
date
Wed, 24 Nov 2021 05:32:27 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 83B1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 Nov 2021 05:32:27 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17184-d
Date
Wed, 24 Nov 2021 05:32:27 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
csync
sync.adtelligent.com/ Frame F27E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YZ3OaxLRxFNrbQsqIgDOvgAA%261112
0
0
csync
sync.adtelligent.com/ Frame F27E 		0
0
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=small-bizsense.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5e00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f249ae8ef5b514cb11c7e322891ff8829f7d53c23bd3ca2ce0967ffabc96c5d

Request headers

Accept
application/json, text/plain, */*
Referer
https://small-bizsense.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 03:00:36 GMT
content-encoding
br
age
9112
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Sat, 20 Nov 2021 19:52:29 GMT
server
AmazonS3
etag
W/"131b2403be8c65941e08e2858dbd7bd8"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
xbSWmscTIW2WuGu.C7zg3yRu8nZVdbaV
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
content-type
application/json
x-amz-cf-id
pXGmTK1JeIaxX3X7qC4c5uL4hNQoW-xMerwP1OqTykBH4UBYQDQ_zA==
rules-p-fTfJtcPmQDwZG.js
rules.quantcount.com/ 		2 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:15:14 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server
AmazonS3
age
1032
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
content-length
2
x-amz-cf-id
tln6dEVCwUsIULAytNFd6uATWn2D55tP-5L6uXVZIbaMfL8n5Thksg==
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/36/ 		224 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/36/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=small-bizsense.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d261bc09d55ca6390f043aa5a196a8c4d49d38bb48792e007e539a9b67a86bbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 06:40:42 GMT
content-encoding
br
age
82305
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Thu, 04 Nov 2021 17:39:16 GMT
server
AmazonS3
etag
W/"e9e236ee73ca8337502cca2d209ee395"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
3EJ9c5mL_3aWQB16tSacNpFQ6nu8JSVekcSaOhtCP3TrnWFk6PUEqw==
pview
l.sharethis.com/ 		0
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=small-bizsense.com&location=%2Fhow-to-stop-ransomware-before-it-starts%2F&product=ga&url=https%3A%2F%2Fsmall-bizsense.com%2Fhow-to-stop-ransomware-before-it-starts%2F%3Futm_source%3Dex%26utm_medium%3Dnative%26utm_campaign%3Dex-smallbiz_sco&source=sharethis.js&fcmp=false&fcmpv2=true&has_segmentio=false&title=How%20to%20Stop%20Ransomware%20Before%20it%20Starts%20%7CSmall%20Business%20Sense&refQuery=how-to-stop-ransomware-before-it-starts&refDomain=small-bizsense.com&cms=unknown&publisher=5ee212024aca040014688972&sop=true&version=st_sop.js&lang=en&description=In%202020%2C%20ransomware%20attacks%20grew%20by%20at%20least%207x.%C2%A0%20In%205%20years%2C%20at%20least%2075%25%20of%20IT%20organizations%20will%20face%20a%20ransomware%20attack%20at%20least%20once.%C2%A0%20The%20true%20cost%20of%20ransomware%20attacks%20is%20up%20to%20%2420%20billion.%C2%A0%20This%20dollar%20value%20isn%E2%80%99t%20just%20ransom%20payments%3A%20ransomware%20can%20halt%20business%20operations%2C%20costing%20up%20to%2023x%20more%20than%20%5B%E2%80%A6%5D
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.253.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-253-208.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 05:32:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin
https://small-bizsense.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Connection
keep-alive
Access-Control-Allow-Headers
*
vendor-list-trimmed-v1.json
quantcast.mgr.consensu.org/GVL-v2/ 		276 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=small-bizsense.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68d4fd4bf1d9819beaaae700ef4d02333152766530935feac3a8bc3c5c371263

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 03:00:36 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
9112
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 24 Nov 2021 03:00:33 GMT
server
AmazonS3
etag
W/"ec11d4de4e3f923c5b228c7510cd35e2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
9epRxuMeiG4LlGNkrn0n2aC4v9xP5kUmnNheoPNxRqn9b2jwJyJb6A==
google-atp-list.json
quantcast.mgr.consensu.org/tcfv2/ 		154 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=small-bizsense.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9aaa0167f4abb8eb86f2182c46287c6bddc68d7538f0bfa9e71287db2c700a60

Request headers

Accept
application/json, text/plain, */*
Referer
https://small-bizsense.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 03:01:36 GMT
content-encoding
br
age
9052
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Wed, 24 Nov 2021 03:01:33 GMT
server
AmazonS3
etag
W/"9ab4b5bb20a76f8a622d53bc30f59776"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
via
1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
gIODuwfXaBOVubulIlW8y-eEbOJUqp_lRv0aqdpdRANuCcRY7mx-5Q==
PugMaster
image6.pubmatic.com/AdServer/ Frame 05D7 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=46186626&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
9ba925a5c05e93efa519e24c229ce0f102bbfd740693831dc3c6d2fc4366df41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
output.js
www.zergnet.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/output.js?id=77646&time=1637731947487&sc=1&callback=json2169913
Requested by
Host: www.zergnet.com
URL: https://www.zergnet.com/zerg.js?id=77646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.31.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-31-75.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1072787d734273ffe2b1e4c12341d78b2d5f09e7f4127add5baa4e3e85c73844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
content-encoding
gzip
server
nginx
p3p
CP="ZergNet does not have a P3P policy. Learn why here: http://www.zergnet.com/p3p"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
application/javascript; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
audit-tcfv2.quantcast.mgr.consensu.org/ 		80 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22fTfJtcPmQDwZG%22%2C%22domain%22%3A%22small-bizsense.com%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.36%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%222mZJL1u2zWzmFbyUVNGpWg%22%2C%22clientTimestamp%22%3A1637731947527%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-havjm925shga6vmu7nr9%22%7D
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/36/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-17.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept
application/json, text/plain, */*
Referer
https://small-bizsense.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 23 Nov 2021 08:15:57 GMT
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
vary
Origin
age
76591
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
80
last-modified
Tue, 26 Nov 2019 14:21:44 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
uQX-o5oU4PXalToYNABuriQ3kFsikIrDBtxEPq1vqE-zy9Bf0odCTg==
usync.js
eus.rubiconproject.com/ Frame 83B1 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4e87b0833dbc4021d64216db82295cda42836ba949bbd077c29e6317a65faddf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 24 Nov 2021 05:32:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33107
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9513
Expires
Wed, 24 Nov 2021 14:44:14 GMT
/
ads.us.e-planning.net/uspd/1/ Frame DB29 		13 B
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
text/html
content-length
13
x-sid
AMS-603
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DB0D 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=46254
expires
Wed, 24 Nov 2021 18:23:21 GMT
date
Wed, 24 Nov 2021 05:32:27 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame 32E0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Fri, 19 Nov 2021 10:19:46 GMT
x-amz-version-id
q5keeyDUatKysi4nUZKi7zOsXMplR7kM
server
AmazonS3
content-encoding
gzip
date
Wed, 24 Nov 2021 05:24:14 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
3Squioy5knYculu9A-f36ZmJFbJOtp9rE3pgFpMNCz_cS4dt_gRbUA==
age
493
cookie
cm.adform.net/ Frame A25B 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame 22FF 		251 B
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
DE
cdn-edgestorageid
756
cdn-storageserver
DE-51
cache-control
public, max-age=3600
cdn-fileserver
141
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-08-10 09:24:38
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
46dfa3320738adcf36e550b5823a068f
cdn-status
200
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 0A99 		0
0
csync
sync.console.adtarget.com.tr/ Frame 1BDF
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=R1mVmoJKnP2WOl09UXXH&pi=admatic&tc=1
0
0
csync
sync.console.adtarget.com.tr/ Frame D378 		0
0
match
c1.adform.net/serving/cookie/ Frame 5B88
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=4C56C24F-D53A-4FD7-A603-8F009E0D656C
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4C56C24F-D53A-4FD7-A603-8F009E0D656C
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4C56C24F-D53A-4FD7-A603-8F009E0D656C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Wed, 24 Nov 2021 05:32:27 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4C56C24F-D53A-4FD7-A603-8F009E0D656C
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 8183
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3202246598177083700
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3202246598177083700
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug008:0:457
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3202246598177083700
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 7C1A 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Wed, 24 Nov 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
660705
Pug
simage2.pubmatic.com/AdServer/ Frame 0F2D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7034005151989364877
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7034005151989364877
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug014:0:417
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 24 Nov 2021 05:32:27 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7034005151989364877
Pug
simage2.pubmatic.com/AdServer/ Frame DE73
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZ3OawAG8JqRhwBG&gdpr=0&gdpr_consent=&_test=YZ3OawAG8JqRhwBG
1 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZ3OawAG8JqRhwBG&gdpr=0&gdpr_consent=&_test=YZ3OawAG8JqRhwBG
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
lhrpug006:0:572
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZ3OawAG8JqRhwBG&gdpr=0&gdpr_consent=&_test=YZ3OawAG8JqRhwBG
accept-ranges
bytes
date
Wed, 24 Nov 2021 05:32:27 GMT
via
1.1 varnish
x-served-by
cache-fra19124-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1637731948.748073,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame 3766
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBcXZFN0RPNTBBQUNra0pSZVJlZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.67.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-67-233.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Wed, 24 Nov 2021 05:32:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Wed, 24 Nov 2021 05:32:27 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Pug
simage2.pubmatic.com/AdServer/ Frame E99C
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug005:2:248
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Wed, 24 Nov 2021 05:32:27 GMT
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 1190
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=35ETAr7lsXGGIrG2OazeX3ns
42 B
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=35ETAr7lsXGGIrG2OazeX3ns
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug003:0:520
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Wed, 24 Nov 2021 05:32:27 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=35ETAr7lsXGGIrG2OazeX3ns
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame 5898 		15 B
915 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
text/plain; charset=utf-8
content-length
15
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b3041c0cd61175a-FRA
bridge
cm.adgrx.com/ Frame B039 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Wed, 24 Nov 2021 05:32:27 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame E977
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=62cbef90-550e-4517-a619-5ff81044b10d-tuct89753eb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=62cbef90-550e-4517-a619-5ff81044b10d-tuct89753eb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Wed, 24 Nov 2021 05:32:27 GMT
via
1.1 varnish
x-served-by
cache-fra19168-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1637731948.687754,VS0,VE8
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=62cbef90-550e-4517-a619-5ff81044b10d-tuct89753eb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Wed, 24 Nov 2021 05:32:27 GMT
via
1.1 varnish
x-served-by
cache-fra19178-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1637731948.645190,VS0,VE9
x-vcl-time-ms
9
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame E83B
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6764168263
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6764168263
  • https://sync.1rx.io/usersync/tradedesk/ad7643a5-9d2c-459f-ae82-4e0de76618a6
  • https://sync.targeting.unrulymedia.com/csync/RX-b8bf3cd0-5780-4e56-8b0c-0176cc970a2f-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b8bf3cd0-5780-4e56-8b0c-0176cc970a2f-003
42 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b8bf3cd0-5780-4e56-8b0c-0176cc970a2f-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
lhrpug012:0:342
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b8bf3cd0-5780-4e56-8b0c-0176cc970a2f-003
etag
RXb8bf3cd057804e568b0c0176cc970a2f003
cookiesync
core.iprom.net/ Frame E613 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Vary
Accept-Encoding
X-adserver-worker
ragnarok-5f70b7b1fc2e@version_1.355
Connection
close
X-server-arch
v2
Content-Type
image/gif
Content-Length
43
X-core-time
0ms
Date
Wed, 24 Nov 2021 05:32:27 GMT
i.match
s.tribalfusion.com/z/ Frame 1BB8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b3041c1e8b62b89-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
166
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b3041c0cf682b89-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
csync
sync.adtelligent.com/ Frame 6E91 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 05D7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TFbCT9U6T9emA48Ang1lbA%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TFbCT9U6T9emA48Ang1lbA%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-200.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=46254
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Wed, 24 Nov 2021 18:23:21 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 05D7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b3fb619d-ce6b-4a00-b1d8-22f415f2c564
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b3fb619d-ce6b-4a00-b1d8-22f415f2c564
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 24 Nov 2021 05:32:27 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x15 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b3fb619d-ce6b-4a00-b1d8-22f415f2c564
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 24 Nov 2021 05:32:26 GMT
/
pixel.onaudience.com/ Frame 05D7
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=4C56C24F-D53A-4FD7-A603-8F009E0D656C
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=d58db65c8c4b3c1fde094dc82af701ac
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=d58db65c8c4b3c1fde094dc82af701ac
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Server
51.210.112.236 , France, ASN16276 (OVH, FR),
Reverse DNS
pikafka-1.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Wed, 24 Nov 2021 05:32:27 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=d58db65c8c4b3c1fde094dc82af701ac
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 05D7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEM1NkMyNEYtRDUzQS00RkQ3LUE2MDMtOEYwMDlFMEQ2NTZD&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEM1NkMyNEYtRDUzQS00RkQ3LUE2MDMtOEYwMDlFMEQ2NTZD&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:438
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 05D7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEDYrpG7XyWeBJTkPazwrW8&google_cver=1
42 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEDYrpG7XyWeBJTkPazwrW8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:464
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEDYrpG7XyWeBJTkPazwrW8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 05D7 		43 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 23 Nov 2021 05:32:27 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 05D7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:484f619d-ce6b-4200-8b23-b6ae6ae7d5e2&gdpr=0&gdpr_consent=
42 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:484f619d-ce6b-4200-8b23-b6ae6ae7d5e2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:385
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 24 Nov 2021 05:32:27 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x30 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:484f619d-ce6b-4200-8b23-b6ae6ae7d5e2&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 24 Nov 2021 05:32:26 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 05D7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4652320884610693454
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4652320884610693454
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug021:0:447
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4652320884610693454
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 05D7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ad7643a5-9d2c-459f-ae82-4e0de76618a6
42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ad7643a5-9d2c-459f-ae82-4e0de76618a6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:453
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ad7643a5-9d2c-459f-ae82-4e0de76618a6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 05D7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=891942591941144511&gdpr=0&gdpr_consent=
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=891942591941144511&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:640
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 24 Nov 2021 05:32:27 GMT
X-Proxy-Origin
136.243.198.84; 136.243.198.84; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5fd3a52b-b891-4a4c-b3e8-1a913d8833af
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=891942591941144511&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 05D7
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PWqYLGg-lyomOpl8Mm2Mfjk5wnsmPZB4OT9NOqel
42 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PWqYLGg-lyomOpl8Mm2Mfjk5wnsmPZB4OT9NOqel
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:375
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PWqYLGg-lyomOpl8Mm2Mfjk5wnsmPZB4OT9NOqel
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
4C56C24F-D53A-4FD7-A603-8F009E0D656C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 05D7 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/4C56C24F-D53A-4FD7-A603-8F009E0D656C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 05D7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4C56C24F-D53A-4FD7-A603-8F009E0D656C&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4C56C24F-D53A-4FD7-A603-8F009E0D656C&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9EfoQk9E2uXK.jDLnUMz_KnJw5tQxAg-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9EfoQk9E2uXK.jDLnUMz_KnJw5tQxAg-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9EfoQk9E2uXK.jDLnUMz_KnJw5tQxAg-~A&gdpr=0&gdpr_consent=
date
Wed, 24 Nov 2021 05:32:27 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 05D7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=81c7ea7b-96ff-4951-a044-944b7d64c5fd
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=81c7ea7b-96ff-4951-a044-944b7d64c5fd
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=d21031d7-8894-44e4-8b93-bf6c485e91d9&ssp=pubmatic&expires=30&user_group=5&bsw_param=81c7ea7b-96ff-4951-a044-944b7d64c5fd
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=81c7ea7b-96ff-4951-a044-944b7d64c5fd&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=81c7ea7b-96ff-4951-a044-944b7d64c5fd&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:429
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=81c7ea7b-96ff-4951-a044-944b7d64c5fd&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 24 Nov 2021 05:32:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 05D7 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4C56C24F-D53A-4FD7-A603-8F009E0D656C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 05D7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7831813436502869437&gdpr=0&gdpr_consent=&us_privacy=
1 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7831813436502869437&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:806
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7831813436502869437&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 05D7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:519
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 05D7
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:83129815-9b49-485c-aeed-7e54e0f25dd6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:83129815-9b49-485c-aeed-7e54e0f25dd6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:458
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:83129815-9b49-485c-aeed-7e54e0f25dd6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 24 Nov 2021 05:32:27 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 05D7
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=891942591941144511
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=891942591941144511
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:459
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 24 Nov 2021 05:32:27 GMT
X-Proxy-Origin
136.243.198.84; 136.243.198.84; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ed84dc0e-e45f-454d-89f4-a7d946220996
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=891942591941144511
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 05D7 		35 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
6805595_300.jpg
img4.zergnet.com/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img4.zergnet.com/6805595_300.jpg
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45306ed73e5dddb183e47246a638fd0903c9b401b9761e9e145980053db45e48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 00:44:35 GMT
Via
1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
Age
4337273
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
20428
Last-Modified
Sun, 26 Sep 2021 19:17:47 GMT
Server
AmazonS3
ETag
"c0fb60d09dfbfffe3fc887424fb206c4"
x-amz-version-id
wQbg_AnzbyvQraQnLS3xqGN_ZuEt1dUq
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
ntpaqBRGPGG_-OAVwuBNT0s3Z0xdVnuAEPGA4tzVeSWCPOWXpyrBCg==
Expires
Mon, 26 Sep 2022 19:17:46 GMT
6832921_300.jpg
img2.zergnet.com/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2.zergnet.com/6832921_300.jpg
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5d82df148ac62df9fb77e326fc3681bad0392444ddbb3759c830aefef8f56236

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sun, 10 Oct 2021 21:04:55 GMT
Via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
Age
3832053
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
19505
Last-Modified
Sun, 10 Oct 2021 20:54:13 GMT
Server
AmazonS3
ETag
"477d39ff6c2d297993b847f80f6a921c"
x-amz-version-id
npTDbaUaA38fiaVF0WX1sIgfkVj1NuqU
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
U8DOLkH69TKei7mpUf5G8Od5TST5BEo_IqAdmJL1GQy2i-9xU3NZKg==
Expires
Mon, 10 Oct 2022 20:54:12 GMT
6782150_300.jpg
img5.zergnet.com/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img5.zergnet.com/6782150_300.jpg
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-110.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e79409c4f15d864fd28bf3b96d938b2bb363807b26370899a66936c21246517f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 20:10:20 GMT
Via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc5.cloudfront.net (CloudFront)
Age
3057727
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
18191
Last-Modified
Tue, 14 Sep 2021 20:40:06 GMT
Server
AmazonS3
ETag
"f18bd615fe3fbd95d76e68ddd151e27b"
x-amz-version-id
X35YWi_YGadccelcztymSbJYmBXBf_lC
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
-kA68fK4OISBwCMp9NBXAguTMOgokWIogx6I_kKit57lZN6yLr8Lzg==
Expires
Wed, 14 Sep 2022 20:40:05 GMT
6853302_300.jpg
img5.zergnet.com/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img5.zergnet.com/6853302_300.jpg
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-110.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ceb9b75639c29e8336aab790d76387ad6deb5177d37ffb8beb2ab14873f5ab1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 20 Oct 2021 21:33:30 GMT
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Age
2966338
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
16532
Last-Modified
Wed, 20 Oct 2021 21:16:35 GMT
Server
AmazonS3
ETag
"6447c5714f7894d5401835b41ab51b95"
x-amz-version-id
Uyf6nzdYIrpFQTkTvcGrXYj3R.e6cZkB
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
4SlTdpShF5-teeBhb-gfbhh1DVfirxJcQAEi9pd-lCbR8unLZ72t0A==
Expires
Thu, 20 Oct 2022 21:16:34 GMT
6880687_300.jpg
img4.zergnet.com/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img4.zergnet.com/6880687_300.jpg
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00b558b6ce26c1b30179727bc4ffbc03542b229918390786b81a51d999b99c87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 04 Nov 2021 20:17:53 GMT
Via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
Age
1674875
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
12179
Last-Modified
Thu, 04 Nov 2021 20:09:33 GMT
Server
AmazonS3
ETag
"ea2d294eec80d5de40ecc6c3e09a51a1"
x-amz-version-id
qY4pdJCGJC9Vc15wXboM9tm2NLlYwd8D
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
vq3qIUgWLZXJYlgXnl-gaA0dtqKSg4Z-PFqh6AfArjtrsJNfaWVAWA==
Expires
Fri, 04 Nov 2022 20:09:32 GMT
6832923_300.jpg
img4.zergnet.com/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img4.zergnet.com/6832923_300.jpg
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
859637b5fc8be2ec29aee5dc5f59ac7543efdaa0104322ad869d2721841304a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 11 Oct 2021 05:40:20 GMT
Via
1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
Age
3801128
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
16698
Last-Modified
Sun, 10 Oct 2021 20:54:34 GMT
Server
AmazonS3
ETag
"7029c7985e6ddf680dfb27d4fe123aa7"
x-amz-version-id
NYxiKTah6fKAQF5PKlNXQgGyTlg8pg_O
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
BqZdne6S5_suLbsb07jbv7gHvamd1ZBwIVjnU4xgGiUfQyggO_e9Vg==
Expires
Mon, 10 Oct 2022 20:54:33 GMT
bundle.js
cdn.admatic.com.tr/user/ Frame 22FF 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
141
cdn-storageserver
DE-51
cdn-cachedat
2021-08-12 13:48:34
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-756
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
7bf6a1f6fca67b1bb09284ec0cf368c7
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
uu
ih.adscale.de/ Frame 32E0
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1637731947
  • https://ih.adscale.de/uu?cbfn=receive&t=1637731947&nut&uu=07559eb5fa78481cb1a3d11eb4f23b4e
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1637731947&nut&uu=07559eb5fa78481cb1a3d11eb4f23b4e
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
50870eb30fd79758baf5c84d18abb4c62004c79a58a38f3e04b18ee6e27bbb4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1637731947&nut&uu=07559eb5fa78481cb1a3d11eb4f23b4e
date
Wed, 24 Nov 2021 05:32:27 GMT
content-length
0
output.js
www.zergnet.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/output.js?id=77647&time=1637731947688&sc=1&crc=%5B2197787203%2C1889826825%2C526554821%2C717129606%2C2157878523%2C367264966%5D&callback=json4577990
Requested by
Host: www.zergnet.com
URL: https://www.zergnet.com/zerg.js?id=77647
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.31.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-31-75.compute-1.amazonaws.com
Software
nginx /
Resource Hash
767f1bf9f0e99664a1f98378a8403d0f0b62f840f5839cebf1f061c925bec36d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
content-encoding
gzip
server
nginx
p3p
CP="ZergNet does not have a P3P policy. Learn why here: http://www.zergnet.com/p3p"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
application/javascript; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
userconnect.js
js.adscale.de/ Frame 32E0 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
xZwrT1iTYTCLwUTLxeZRovTJyPyTXFS4
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 10:19:46 GMT
server
AmazonS3
age
7035
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Wed, 24 Nov 2021 03:35:12 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
scpcFXkh3KPyoLxdmZ7y-ZzyXGy-trxpQUkgX3k_HLlZp_8OW1lK9A==
csync
sync.console.adtarget.com.tr/ Frame 32E0 		0
0
user
ads3.admatic.com.tr/ Frame 22FF 		52 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
7d20a1437c237c6c0d0daa8ce40e8730a5f2dae0a6e4e6cbea5f50ed2fa2e614

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Nov 2021 05:32:27 GMT
content-encoding
br
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
56
userconnect
ih.adscale.de/ Frame 32E0 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1637731947764&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-length
149
content-type
application/javascript
map
ih.adscale.de/ Frame E55C 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1f8f4e56d338788728f342e5f8ee14b833a8eee1c073fe312ad3b1fb9c4a9140

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2442
match.js
js.adscale.de/ Frame E55C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
31FnQXNVzZYQsn4Gl1Xpj1e8Vk5DkZzW
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 10:19:46 GMT
server
AmazonS3
age
4359
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Wed, 24 Nov 2021 04:19:48 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
z9ZCQM_EMiIPszDyXO4yqxupJeoyqW1vOo7XaPpP33YULwVKB34wOg==
6865385_300.jpg
img2.zergnet.com/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2.zergnet.com/6865385_300.jpg
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a887135e167eb95f0e9067c06447e596197986488a122922fca4fa791a92e547

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 21:39:42 GMT
Via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
Age
2361166
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
16450
Last-Modified
Wed, 27 Oct 2021 21:25:52 GMT
Server
AmazonS3
ETag
"fb9708f77ed166b767437acaf64cf539"
x-amz-version-id
ZAow9.njsHnnS4nkj4JKqyyYfECYv8I5
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
S3A5QrUkRyUhrmQPMyMInWu2Sp8BYABJ8OT-fVlYWK93BtpIIcjHwQ==
Expires
Thu, 27 Oct 2022 21:25:51 GMT
6782104_300.jpg
img1.zergnet.com/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1.zergnet.com/6782104_300.jpg
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d263ff9402e3c8d95add66f35309d65e50a4e8705507931fff2d61c20e1c672f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 16 Oct 2021 04:39:54 GMT
Via
1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
Age
3372754
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
24290
Last-Modified
Tue, 14 Sep 2021 20:36:19 GMT
Server
AmazonS3
ETag
"4706c0cba2ed51b4dce23f4964f69c67"
x-amz-version-id
QZS_uRXxZW8wHb8p.WDcY8yz.ZmWjBnE
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
TpGIclVWyInSHWL_mKWf0y38v003-uFxmJ60tK5RfHSCA6V1cSGBsw==
Expires
Wed, 14 Sep 2022 20:36:18 GMT
6863358_300.jpg
img5.zergnet.com/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img5.zergnet.com/6863358_300.jpg
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-110.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef812cb2ec462b782cf14e58cefd7e29c1f439a6bc5c588d351eced70306d683

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 27 Oct 2021 13:37:04 GMT
Via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Age
2390124
X-Cache
Hit from cloudfront
x-amz-replication-status
PENDING
Connection
keep-alive
Content-Length
20493
Last-Modified
Wed, 27 Oct 2021 13:31:20 GMT
Server
AmazonS3
ETag
"b75ed7e45e170da5624a361d469f4939"
x-amz-version-id
lxhehVW.kr59i4YQjWOSSrS5Otd4E12L
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
EfPnrNLK_ibNLmpQW2p9nXzvOc5_2Skletwu2p1-gmMA4h-n9Jhe6w==
Expires
Thu, 27 Oct 2022 13:31:19 GMT
6783405_300.jpg
img2.zergnet.com/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2.zergnet.com/6783405_300.jpg
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
340eb0ca26d10e3a882784e73428bba224b22b1de2562757fc7e7e359b6e7e20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 01:25:24 GMT
Via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
Age
3125224
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
33506
Last-Modified
Wed, 15 Sep 2021 15:19:04 GMT
Server
AmazonS3
ETag
"f1564f2848b94e6dc96fa8474cc72cc0"
x-amz-version-id
YTcfuY64IP7oR2oaavDCMGfP49QpF4Td
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
JB_wVHcnvthjLXDM6VaoqWUPczzwc4Si9CzuYi4WETScJDZkb1KFxA==
Expires
Thu, 15 Sep 2022 15:19:03 GMT
6801699_300.jpg
img4.zergnet.com/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img4.zergnet.com/6801699_300.jpg
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4764813a240c4aeb97a25d3e58a342920545e86d9ad31987063599fb4422463f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 23 Sep 2021 13:57:03 GMT
Via
1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
Age
5326525
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
16396
Last-Modified
Thu, 23 Sep 2021 13:54:17 GMT
Server
AmazonS3
ETag
"4740385f32c52ee72e78bacbacd94b24"
x-amz-version-id
JaURxUlVOzIQMYlX._UWylAb5r8Bh53h
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
E8Z3sbKJv7tsXhGMa4O-6xMmCxftYdzZsAGS9p54hu5m_DsY0QdXqw==
Expires
Fri, 23 Sep 2022 13:54:16 GMT
5257392_300.jpg
img1.zergnet.com/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img1.zergnet.com/5257392_300.jpg
Requested by
Host: small-bizsense.com
URL: https://small-bizsense.com/how-to-stop-ransomware-before-it-starts/?utm_source=ex&utm_medium=native&utm_campaign=ex-smallbiz_sco
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-103.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
351090f2611b5cc9f8958561fd1fda686e15da93323da4dda320ca9a8a19e925

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://small-bizsense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 16:52:14 GMT
Via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
Age
5920814
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
18689
Last-Modified
Thu, 28 May 2020 16:35:51 GMT
Server
AmazonS3
ETag
"58e603066fc8d408644eb31baed37047"
x-amz-version-id
null
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Amz-Cf-Id
zZJBAPUFqU-tnJ0De7LvQAE-R93UlY0Q37vm4qPBTo7oeHgMxuVVqg==
Expires
Fri, 28 May 2021 16:35:50 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E55C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=69bdf0f9e0db088ff4a9ade...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=484f619d-ce6b-4200-8b23-b6ae6ae7d5e2&gdpr=0&gdpr_consent=
49 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=484f619d-ce6b-4200-8b23-b6ae6ae7d5e2&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 24 Nov 2021 05:32:27 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=484f619d-ce6b-4200-8b23-b6ae6ae7d5e2&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 24 Nov 2021 05:32:26 GMT
img
ih.adscale.de/sium/556542ecac464f39ab98e40f26d541f9/1637731947792/0/ Frame E55C
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F556542ecac464f39ab98e40f26d541f9%2F1637731947792%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/556542ecac464f39ab98e40f26d541f9/1637731947792/0/img?tpid=75&tpuid=891942591941144511&gdpr=0
49 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/556542ecac464f39ab98e40f26d541f9/1637731947792/0/img?tpid=75&tpuid=891942591941144511&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 24 Nov 2021 05:32:27 GMT
X-Proxy-Origin
136.243.198.84; 136.243.198.84; 831.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b68f0af0-b669-40f7-a037-975fd5f2642d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/556542ecac464f39ab98e40f26d541f9/1637731947792/0/img?tpid=75&tpuid=891942591941144511&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
new
ads3.admatic.com.tr/user/ Frame 22FF 		146 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
04652b495f69107ab9e3a318ac70c096c42a99ce990bbc05552eae3f48006453

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Nov 2021 05:32:27 GMT
content-encoding
br
etag
BdCvBiJ7MkNS_QNgYgew5zD_nXC9zT7N1DS8UlmrvLFhiWpNWCoc-YewET_Uveiww2cgOrY4J4iG5qIkR_PL8w
last-modified
Wed, 24 Nov 2021 06:32:28 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
150
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E55C
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=65beb8e3d140a3f81240a84d6...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YZ3OaxLRxFNrbQsqIgDOvgAA%261112
49 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YZ3OaxLRxFNrbQsqIgDOvgAA%261112
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:27 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 24 Nov 2021 05:32:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YZ3OaxLRxFNrbQsqIgDOvgAA%261112
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Wed, 24 Nov 2021 05:32:27 GMT
csync
sync.console.adtarget.com.tr/ Frame 22FF 		0
0
img
ih.adscale.de/sium/556542ecac464f39ab98e40f26d541f9/1637731947792/0/ Frame E55C
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=25709655ccb28ae18ea697307d534c0880191572e2917f73f2f947f8de3cc7bb&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F556542ecac464f39ab98e4...
  • https://ih.adscale.de/sium/556542ecac464f39ab98e40f26d541f9/1637731947792/0/img?tpid=42&gdpr=0&tpuid=4652320884610693454
49 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/556542ecac464f39ab98e40f26d541f9/1637731947792/0/img?tpid=42&gdpr=0&tpuid=4652320884610693454
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:28 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
server
nginx
location
https://ih.adscale.de/sium/556542ecac464f39ab98e40f26d541f9/1637731947792/0/img?tpid=42&gdpr=0&tpuid=4652320884610693454
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E55C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=37f43086-fe6a-421f-8a77-1cab6341c7ea&gdpr=0
49 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=37f43086-fe6a-421f-8a77-1cab6341c7ea&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:28 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 24 Nov 2021 05:32:27 GMT
server
Kestrel
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=37f43086-fe6a-421f-8a77-1cab6341c7ea&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1718123
content-length
0
expires
Wed, 24 Nov 2021 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E55C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=40337287518c6cd818840445...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=484f619d-ce6b-4200-8b23-b6ae6ae7d5e2&gdpr=0&gdpr_consent=
49 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=484f619d-ce6b-4200-8b23-b6ae6ae7d5e2&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:28 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 24 Nov 2021 05:32:28 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=484f619d-ce6b-4200-8b23-b6ae6ae7d5e2&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 24 Nov 2021 05:32:27 GMT
js
ih.adscale.de/sium/556542ecac464f39ab98e40f26d541f9/1637731947792/0/ Frame E55C
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=1b32f9676dbc54d15fead24daf58ace11dd178bf51a219649fb6e8ff9ece141b&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F556542ecac464f...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=1b32f9676dbc54d15fead24daf58ace11dd178bf51a219649fb6e8ff9ece141b&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F556542ecac464f...
  • https://ih.adscale.de/sium/556542ecac464f39ab98e40f26d541f9/1637731947792/0/js?tpid=48&tpuid=04c2c12b2eec2a1c71b77504f9bbf84b
44 B
566 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/556542ecac464f39ab98e40f26d541f9/1637731947792/0/js?tpid=48&tpuid=04c2c12b2eec2a1c71b77504f9bbf84b
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f839fe4e8277eae9092887e030cd886c4971cfc45759f1cd0e92dd13658db49a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:28 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Wed, 24 Nov 2021 05:32:28 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/556542ecac464f39ab98e40f26d541f9/1637731947792/0/js?tpid=48&tpuid=04c2c12b2eec2a1c71b77504f9bbf84b
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
khaos.jpg
token.rubiconproject.com/ Frame 83B1 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/jpg
sium
ih.adscale.de/ Frame E55C 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.138.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-138-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Wed, 24 Nov 2021 05:32:28 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
user
ads3.admatic.com.tr/ Frame 22FF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=a...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id=
35 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:28 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Wed, 24 Nov 2021 05:32:28 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
SPug
simage4.pubmatic.com/AdServer/ Frame 05D7 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
user
ads3.admatic.com.tr/ Frame 22FF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmatic%26expires%3D30%26user_group%3D%24%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=2d0cffe6-4338-5348-a053-c7dec1ce09ac&ssp=admatic&expires=30&user_group=1
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id=
35 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:34 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Wed, 24 Nov 2021 05:32:33 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
user
ads3.admatic.com.tr/ Frame 22FF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=ad7643a5-9d2c-459f-ae82-4e0de76618a6&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 05:32:38 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Wed, 24 Nov 2021 05:32:38 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=81c7ea7b-96ff-4951-a044-944b7d64c5fd&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cds.connatix.com
URL
https://cds.connatix.com/p/139883/connatix.player.dc.js
Domain
cds.connatix.com
URL
https://cds.connatix.com/p/139883/connatix.playspace.dc.js
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=4d398b08-a03e-41c0-94c5-7ff3c8424587
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=a8c6f845-06be-440a-8a40-b48135ee8cc1
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=99c0cb0e-6430-4e76-9031-dbd53a256412
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=a4ed6865cc39b49d9d28f691
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=891942591941144511
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D312412%26extuid%3D%7Buid%7D
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YZ3OaxLRxFNrbQsqIgDOvgAA%261112
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=R1mVmoJKnP2WOl09UXXH&pi=admatic&tc=1
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=4C56C24F-D53A-4FD7-A603-8F009E0D656C
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=07559eb5fa78481cb1a3d11eb4f23b4e
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=EcC3eZCbeCLD92vKZp8YqpUFS4CFDbIKbNxjJv4WeDyC0_E7Yz-bFmf_9Q9qXXw0aQji725zVfvoprFcRFTBIw

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| adDomainCheck function| waldoIsInArray function| waldoInitScripts function| waldoSetTagsOnPage function| isElementInViewport function| isElementInViewport2 function| waldoInitScroll function| waldoSlotRenderEnded function| waldoInitGPT function| waldoInitGPTSingleSlot function| waldoAddSelectMediaCookie function| fetchHeaderBids function| waldoTriggerHB function| waldoAddCloseBtn function| waldoPassbackCheck function| waldoAdxClickFraud function| waldoAdxClickFraudRefresh function| waldoClickFraudNetworkWide function| waldoDelayAdClicks function| waldoInitTags function| hbRefreshBid function| waldoApplyBidGeoRestrictions function| hbRandomMinMaxRefreshMulti function| hbRandomMinMaxRefresh function| hbRandomMinMaxRefreshOnView function| getRandomNumber function| waldoGeoBidsCheck function| waldoGetUserData function| waldoLoadSlot function| waldoCreateCookie function| waldoReadCookie function| waldoEmailDetected function| waldoRecordImpression function| waldoAddCCPAWidget function| waldoSetPbjsUSPString number| refEn string| updateDate number| tagsInitDone object| gptAdSlots string| adDomain object| waldoBreakpoints number| domainValid number| PREBID_TIMEOUT number| interstitialDone object| waldoTimeOuts object| waldoAdRefreshes object| waldoAdXRefreshes object| allAdUnits object| blockAdsOn number| adTagsInitFlag number| siteId number| bidDivAvailable object| waldoTagsStatus object| googletag object| pbjs number| switchUserSync number| waldoImpressionDone string| blockedPageAds number| waldoGDPR object| waldoCountry object| waldoContinent object| waldoDataPointsDone number| closeBtnAdded object| unlimitedRefGeos object| waldoBlockRequestGeos object| waldoNoRefreshGeos object| waldoRefreshOnScollGeos object| waldoGPTSlots object| waldoTagsOnPage object| waldoSlotIds object| waldoDefinedSlots object| waldoAdUnitsAddedToPbjs object| waldoAdRefreshesOnView number| waldoCCPAWidgetAdded undefined| oriRenderAd undefined| waldoVideoSlot number| cmpVersion number| cmpFailureTimeout string| webInterstitialAdId object| waldoScrollSticky number| adTagsInitFinished number| adxOrderId number| enVariableHeightFix number| delayAdClicks number| allowAdClicks object| delayAdClickTimers number| delayAdClickSecs boolean| loadedOnAction boolean| loadOnAction boolean| waldoScrollRefreshEnabled boolean| waldoBlockRequests boolean| waldoNoRefresh number| waldoDisableGeoRestrictions object| countriesToExclude number| browserWidth object| adUnits object| passbackAdUnits undefined| affiliateBanners number| waldoCheckIndividualImps string| waldoOriPathName object| waldo function| __tcfapi function| __uspapi function| pbjsChunk object| _pbjsGlobals object| _wpemojiSettings function| google_sa_impl object| googleToken object| googleIMState object| confiant undefined| $ function| jQuery object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ string| ajaxurl string| GoogleAnalyticsObject function| ga number| google_lpabyc object| driftStreams object| head object| coscript function| removeURLParameter function| cohandler object| ThriveApp number| _isAdmin number| _is_blankPage number| _lastScrollTop object| _theMenu object| _nextElement undefined| _floatingOption boolean| _hasFloatingMenu string| _defaultPadding number| _menuHeight undefined| _textLogoHeight number| _hasCenterLogo object| _custom_header string| _custom_header_class boolean| _is_custom_header undefined| _center_header_height object| _overlayElement object| tve_dash_front object| TVE_Dash object| jetpackLazyImagesL10n object| wp boolean| wpquads_adblocker_check boolean| wpquads_adblocker_check_2 object| tcb_post_lists number| index function| Cookies object| regex object| results number| postTitleTop boolean| condition object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _qevents object| regeneratorRuntime function| __tcfapiui function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| twemoji object| ZERG object| json2169913 object| json4577990

85 Cookies

Domain/Path Name / Value
small-bizsense.com/how-to-stop-ransomware-before-it-starts Name: quads_browser_width
Value: 1600
.small-bizsense.com/ Name: _ga
Value: GA1.2.848806784.1637731947
.small-bizsense.com/ Name: _gid
Value: GA1.2.278841826.1637731947
.small-bizsense.com/ Name: _gat
Value: 1
.openx.net/ Name: i
Value: 73b27b98-7428-4268-a16b-d328df599562|1637731947
.adnxs.com/ Name: uuid2
Value: 891942591941144511
.casalemedia.com/ Name: CMID
Value: YZ3OaxLRxFNrbQsqIgDOvgAA
.casalemedia.com/ Name: CMPS
Value: 5236
.lijit.com/ Name: ljt_reader
Value: a4ed6865cc39b49d9d28f691
.casalemedia.com/ Name: CMPRO
Value: 1112
.casalemedia.com/ Name: CMST
Value: YZ3Oa2GdzmsA
.360yield.com/ Name: tuuid
Value: a8c6f845-06be-440a-8a40-b48135ee8cc1
.360yield.com/ Name: tuuid_lu
Value: 1637731947
small-bizsense.com/ Name: waldo_country
Value: DE
small-bizsense.com/ Name: waldo_continent
Value: EU
small-bizsense.com/ Name: waldo_region
Value: null
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4C56C24F-D53A-4FD7-A603-8F009E0D656C
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156813:2
.pubmatic.com/ Name: DPSync3
Value: 1638921600%3A201_197_219%7C1637798400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1638316800%3A223_2_15%7C1640304000%3A203%7C1638576000%3A63%7C1639008000%3A35%7C1638921600%3A56_220_7_54_3_204_176_71_99_166_234_88_13_161_22_189_21_222_238_8_55_81_230_165
.creativecdn.com/ Name: u
Value: R1mVmoJKnP2WOl09UXXH
.creativecdn.com/ Name: ts
Value: 1637731947
.adfarm1.adition.com/ Name: UserID1
Value: 7034005151989364877
.taboola.com/ Name: t_gid
Value: 62cbef90-550e-4517-a619-5ff81044b10d-tuct89753eb
.erne.co/ Name: u
Value: 35ETAr7lsXGGIrG2OazeX3ns
.mathtag.com/ Name: uuid
Value: 484f619d-ce6b-4200-8b23-b6ae6ae7d5e2
.onaudience.com/ Name: cookie
Value: fb7a26b556a0fd80
.onaudience.com/ Name: done_redirects161
Value: 1
.simpli.fi/ Name: suid
Value: BFD77E55A1A04087884140D25DDC7A42
.adform.net/ Name: C
Value: 1
.adscale.de/ Name: uu
Value: 07559eb5fa78481cb1a3d11eb4f23b4e
.doubleclick.net/ Name: IDE
Value: AHWqTUmQwzUFG0nzlZWzzFG8WGKvT0tOm2Jv7Sm36azUNXaLBcoxMOzPXCZC2KnSRT4
.quantserve.com/ Name: d
Value: EIIBCwHmJPijAA
.quantserve.com/ Name: mc
Value: 619dce6b-a8496-62bc3-f102d
.adform.net/ Name: uid
Value: 4652320884610693454
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:484f619d-ce6b-4200-8b23-b6ae6ae7d5e2&KRTB&16736-uid:484f619d-ce6b-4200-8b23-b6ae6ae7d5e2&KRTB&23019-uid:484f619d-ce6b-4200-8b23-b6ae6ae7d5e2&KRTB&23114-uid:484f619d-ce6b-4200-8b23-b6ae6ae7d5e2
.pubmatic.com/ Name: PugT
Value: 1637731947
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7034005151989364877
.de17a.com/ Name: guid2
Value: 1.3202246598177083700
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEEDYrpG7XyWeBJTkPazwrW8&KRTB&16514-CAESEEDYrpG7XyWeBJTkPazwrW8&KRTB&23025-CAESEEDYrpG7XyWeBJTkPazwrW8
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-35ETAr7lsXGGIrG2OazeX3ns
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-891942591941144511
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-PWqYLGg-lyomOpl8Mm2Mfjk5wnsmPZB4OT9NOqel&KRTB&19420-PWqYLGg-lyomOpl8Mm2Mfjk5wnsmPZB4OT9NOqel&KRTB&22979-PWqYLGg-lyomOpl8Mm2Mfjk5wnsmPZB4OT9NOqel
.adsrvr.org/ Name: TDID
Value: ad7643a5-9d2c-459f-ae82-4e0de76618a6
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4652320884610693454&KRTB&23263-4652320884610693454
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YZ3OawAG8JqRhwBG
.bidswitch.net/ Name: tuuid
Value: 81c7ea7b-96ff-4951-a044-944b7d64c5fd
.bidswitch.net/ Name: c
Value: 1637731947
.bidswitch.net/ Name: tuuid_lu
Value: 1637731947
ads.playground.xyz/ Name: connect.sid
Value: s%3ATzvhVTt6gDY-fVKvqXDVQcb11IEIPghX.diB5fygLawEJjdHEEP7rhliSNsgzA6TKW5WU9ibT214
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-3202246598177083700
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b8bf3cd0-5780-4e56-8b0c-0176cc970a2f-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YZ3OawAG8JqRhwBG&KRTB&22978-YZ3OawAG8JqRhwBG&KRTB&23194-YZ3OawAG8JqRhwBG&KRTB&23209-YZ3OawAG8JqRhwBG
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~21ph
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiqva7dusWXOhAFGAUgASgCMgsI9s_sidHFlzoQBTgB
.bidr.io/ Name: bito
Value: AAAqvE7DO50AACkkJReReg
.bidr.io/ Name: bitoIsSecure
Value: ok
.adsby.bidtheatre.com/ Name: __kuid
Value: 83129815-9b49-485c-aeed-7e54e0f25dd6.406945947
.zergnet.com/ Name: seen_crc
Value: %5B2197787203%2C1889826825%2C526554821%2C717129606%2C2157878523%2C367264966%2C641425360%2C2885398356%2C779121472%2C3659627937%2C4086524073%2C3471956442%5D
.exelator.com/ Name: EE
Value: "d58db65c8c4b3c1fde094dc82af701ac"
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-ad7643a5-9d2c-459f-ae82-4e0de76618a6&KRTB&22918-ad7643a5-9d2c-459f-ae82-4e0de76618a6&KRTB&23031-ad7643a5-9d2c-459f-ae82-4e0de76618a6
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b8bf3cd0-5780-4e56-8b0c-0176cc970a2f-003%22%7D
.yahoo.com/ Name: A3
Value: d=AQABBGvOnWECELkHNZzG23c-9brJoe4rLvYFEgEBAQEfn2GnYQAAAAAA_SMAAA&S=AQAAAst1voIbXIqZbNlac6u7-7s
.turn.com/ Name: uid
Value: 7831813436502869437
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-b8bf3cd0-5780-4e56-8b0c-0176cc970a2f-003
.creative-serving.com/ Name: tuuid
Value: d21031d7-8894-44e4-8b93-bf6c485e91d9
.creative-serving.com/ Name: c
Value: 1637731947
.creative-serving.com/ Name: tuuid_lu
Value: 1637731947
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHF1CIlycw02SLZJMk42TAtJdXA0iQl2cIoMc3cwDAxeXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoiF9fFRSlpDItKik8F71thDgC%252BFyrF"
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7831813436502869437
.ads3.admatic.com.tr/ Name: ARRAffinity
Value: 5cd954eb54859a62355d68180fae9f1a594237dad0b93ebb7a83a9787ee34388
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-81c7ea7b-96ff-4951-a044-944b7d64c5fd
.tribalfusion.com/ Name: ANON_ID
Value: apnseFRkP6j6eCno77EjEJQEnegusveZbhvSUurSQf3pN7Zd4vsJ3TPfOLmqhmgdELjs3CYI1poy41vgpnWMtU
.criteo.com/ Name: uid
Value: 37f43086-fe6a-421f-8a77-1cab6341c7ea
.adscale.de/ Name: cct
Value: 1637731948070
.m6r.eu/ Name: test
Value: true
.m6r.eu/ Name: cct
Value: 1637731948492
.m6r.eu/ Name: id
Value: 04c2c12b2eec2a1c71b77504f9bbf84b
.ih.adscale.de/ Name: tu
Value: 4#4172206207#48~04c2c12b2eec2a1c71b77504f9bbf84b~454925~0~0#101~~454925~454925~1#39~484f619d-ce6b-4200-8b23-b6ae6ae7d5e2~454925~0~0#40~37f43086-fe6a-421f-8a77-1cab6341c7ea~454925~0~0#42~4652320884610693454~454925~0~0#75~891942591941144511~454925~0~0#108~484f619d-ce6b-4200-8b23-b6ae6ae7d5e2~454925~0~0#63~YZ3OaxLRxFNrbQsqIgDOvgAA&1112~454925~0~0
.rqtrk.eu/ Name: browser_id
Value: 1:91fb52d5-ca02-4a4d-9bfc-8f7dc16b5af3
.ads4.admatic.com.tr/ Name: ARRAffinity
Value: 530d488b2ed39b7373cf6ed3ec622e07417407ae0299c9a1e73cd7e7404b5ffd
.pubmatic.com/ Name: SPugT
Value: 1637731948

1 Console Messages

Source Level URL
Text
network error URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
ads3.admatic.com.tr
ads4.admatic.com.tr
adscale-emea.adnxs.com
audit-tcfv2.quantcast.mgr.consensu.org
buttons-config.sharethis.com
c1.adform.net
cdn.admatic.com.tr
cdn.thisiswaldo.com
cds.connatix.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
confiant-integrations.global.ssl.fastly.net
core.iprom.net
csync.loopme.me
d5p.de17a.com
data.driftstreams.com
dis.criteo.com
dsp.adfarm1.adition.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-analytics.com
googleads.g.doubleclick.net
green.erne.co
ib.adnxs.com
ic.tynt.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img1.zergnet.com
img2.zergnet.com
img4.zergnet.com
img5.zergnet.com
ipfind.co
js.adscale.de
l.sharethis.com
loada.exelator.com
lockerdome.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
platform-api.sharethis.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
quantcast.mgr.consensu.org
rtb.gumgum.com
rules.quantcount.com
s.adtelligent.com
s.console.adtarget.com.tr
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
small-bizsense.com
ssum.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.mathtag.com
sync.targeting.unrulymedia.com
test.quantcast.mgr.consensu.org
thisiswaldo.com
token.rubiconproject.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
ws.rqtrk.eu
www.cybersecuritydegrees.com
www.driftstreams.com
www.google-analytics.com
www.google.com
www.google.de
www.zergnet.com
x.bidswitch.net
cds.connatix.com
sync.adtelligent.com
sync.console.adtarget.com.tr
104.109.78.125
104.154.142.214
104.196.183.243
142.250.185.98
142.250.186.98
143.204.98.103
143.204.98.110
143.204.98.17
143.204.98.98
151.101.1.44
151.101.129.194
151.101.66.49
159.122.14.34
159.65.197.210
162.55.6.213
167.71.82.6
173.231.180.197
178.250.0.163
18.185.243.227
185.29.134.244
185.33.220.243
185.64.190.78
185.64.190.80
185.64.190.81
188.132.147.235
195.5.165.20
198.47.127.20
2.19.35.65
2001:4de0:ac18::1:a:3a
2001:678:cb4:bbbb::11
213.155.156.185
213.19.147.44
23.218.208.200
23.218.208.246
2600:9000:2156:2400:c:abe:f440:93a1
2600:9000:2156:4c00:6:44e3:f8c0:93a1
2600:9000:2156:5000:9:46dc:4700:93a1
2600:9000:2156:5e00:3:a4cd:8380:93a1
2600:9000:2156:6400:f:4f64:8940:93a1
2600:9000:2156:9200:f:458e:2a80:93a1
2606:4700:20::681a:3d4
2606:4700:3039::6815:c04e
2606:4700::6812:d05
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9c
2a02:fa8:8806:16::1400
2a04:4e42::300
2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.126.38.41
3.126.56.137
3.127.253.208
3.33.220.150
34.102.253.54
34.254.143.3
35.157.138.20
37.157.3.29
37.157.4.23
37.252.172.68
5.178.65.245
50.19.31.75
51.210.112.236
52.15.219.226
52.215.67.233
54.151.61.62
54.36.172.109
54.77.19.59
66.155.71.150
67.202.105.34
69.173.144.165
72.251.244.141
85.114.159.118
87.98.242.60
89.187.169.47
96.46.183.20
00b558b6ce26c1b30179727bc4ffbc03542b229918390786b81a51d999b99c87
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04652b495f69107ab9e3a318ac70c096c42a99ce990bbc05552eae3f48006453
081b0583f49f3f027923532340ff2068f1116b851de585140f4d90d135403c13
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe
0f249ae8ef5b514cb11c7e322891ff8829f7d53c23bd3ca2ce0967ffabc96c5d
1072787d734273ffe2b1e4c12341d78b2d5f09e7f4127add5baa4e3e85c73844
157a7c8593471af7ea9737162eacfb89461cd695b626144e44b168d9421b1f67
15e4717b95a9c2f5b83e7992e275c644e028c396d1c7ac85c649b094289b990b
162a3eebb385684e99a8b624b77189f9b5c38cb51d1b814c1c3a84fc17c324a7
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
196b0d1013a5fb1985890e13453ab76df8bdcee3d57893e84afa3f3e58eacf52
1f8f4e56d338788728f342e5f8ee14b833a8eee1c073fe312ad3b1fb9c4a9140
216ce0a58582fbd4c2239d00f01df17424fd1f25bb03a303cb358af34d81d870
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
282891b3961bb82bfa9850b4b003d09b309c4ac8250ee56592172c165047373a
2a78b6c5bac1759be4da8740508e6a94ff9567c7f45d213b7303b2d569929f52
2c125e6a12e3dd1d1d1aec93292e90fb3c28f36646a954402702b1d9c25175b1
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
340eb0ca26d10e3a882784e73428bba224b22b1de2562757fc7e7e359b6e7e20
351090f2611b5cc9f8958561fd1fda686e15da93323da4dda320ca9a8a19e925
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5
38c9c68a34a32219fa3309afadc3f20d7773b5c80f15e36d2eaf39245462c2b5
3b850fd9301b5a95c9c7ead67c57622e1a06680f69bf8d2f5ce57983011da3b1
3ee110c8a8203d22fe90433dc9455c76244da225b8b2c54639d64e5584427e9a
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444ee2a405e57ede9ef10e17bb58c0351c39e9d21203f242b55a77fd07d30784
45306ed73e5dddb183e47246a638fd0903c9b401b9761e9e145980053db45e48
459c5ba85d3b245f0a2a6463685899abf174667da17a5f8bb533c0df91617818
4764813a240c4aeb97a25d3e58a342920545e86d9ad31987063599fb4422463f
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6a687cab1b74ca5114bc7abdc747d7d8b67115ebe69e0ae037a5888f418740
4e87b0833dbc4021d64216db82295cda42836ba949bbd077c29e6317a65faddf
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
50870eb30fd79758baf5c84d18abb4c62004c79a58a38f3e04b18ee6e27bbb4f
55b0a4a2ab61a84eef7acffed553b8bd6daca362fbce16f8b9a9cb3cb72b8789
55e10dba5d34a90e1f3e0a8977d3d8ff3df47c3c75366285a14b6fa758960117
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5b173e378e4fbe542373d488a70433a5ffac3a0f317948ebee11e6d68a0b6846
5ba5f180331bf4ab4fee076fa8e9d37290619aac5200f9682578d047348e9dcb
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5d82df148ac62df9fb77e326fc3681bad0392444ddbb3759c830aefef8f56236
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
65680b0ba94f530142b957c452363b805adb8a5546f21d0672d5642de0ae4721
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
68d4fd4bf1d9819beaaae700ef4d02333152766530935feac3a8bc3c5c371263
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
767f1bf9f0e99664a1f98378a8403d0f0b62f840f5839cebf1f061c925bec36d
79a2511df1eed998df236244679dd1f5e9ea457ff9c9274246c6fc4cf1feaecc
7d20a1437c237c6c0d0daa8ce40e8730a5f2dae0a6e4e6cbea5f50ed2fa2e614
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8374538d37b7f0bd9b60b4088b2e6aa893e5bc763d6e738acdaef83df8ffec91
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859637b5fc8be2ec29aee5dc5f59ac7543efdaa0104322ad869d2721841304a2
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8f8a3e5931aaad7b90bd86a419a1868d459a6c3ad06a036bdb0b59713f446928
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98df2cf28fdafe93689a3d281c51b3aaf46a64fa13b86cf074450c78b6c31e9f
9aaa0167f4abb8eb86f2182c46287c6bddc68d7538f0bfa9e71287db2c700a60
9b83a07f5eeee2ea57ee3c06bdaa5d5db9957b6056f9dd0bb99419bf2b8944fe
9ba925a5c05e93efa519e24c229ce0f102bbfd740693831dc3c6d2fc4366df41
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a887135e167eb95f0e9067c06447e596197986488a122922fca4fa791a92e547
a89b3b8e4786d2f285257182e8990cb97f251aadc0bc09b77abe7d609da0aeb1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
ba58ed4e8dd5b19dda4a55b9ea0e7561c8365d5999673ddbcbb7269fca2d3dd0
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c4aa62eb941e54a576bedd888da2f8076eee62d79b7ed35b7ad0b895507848a9
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c986ffee22d6e83dc55c5bc2eab1e42d3d2548fca476971727f2bd6bb9e92720
ceb9b75639c29e8336aab790d76387ad6deb5177d37ffb8beb2ab14873f5ab1d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d261bc09d55ca6390f043aa5a196a8c4d49d38bb48792e007e539a9b67a86bbb
d263ff9402e3c8d95add66f35309d65e50a4e8705507931fff2d61c20e1c672f
d2819bb4c8daa78c5faf4c09f65f855eae06bb7cd81a0ba31500e23fd987dac5
d455ab882af3a742e6c9680578e6a590681bda99e34847f550f1f41a7d167969
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d9040dd9991eacbc8d74e94f0819de46a4c3750aa40c1dd4d3443dd6944028ba
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79409c4f15d864fd28bf3b96d938b2bb363807b26370899a66936c21246517f
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ee2eff4fe346a378dc427ff8e76edf904efe0d34dcae5cac95acecbbeb467ddd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef812cb2ec462b782cf14e58cefd7e29c1f439a6bc5c588d351eced70306d683
f3efd9a98ee170181e03b11604b63aa0579f76a9d3043225facd722412f4fe9f
f839fe4e8277eae9092887e030cd886c4971cfc45759f1cd0e92dd13658db49a
fbd2ac728b241e593a239b130321c04573655c1a850271c237024c9732776064
fd2b60df852ebb6466fc3d31eaef744169ca27449147af951ac9ad0642c24ae6
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
fffb994d3f7754ea05c9b66a5aeff4d01ca4587ace6f26549af76f24d746e5c7