minimore.com Open in urlscan Pro
2606:4700:3034::6815:5d59 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://minimore.com/b/Gd3dq/1
Submission Tags: falconsandbox
Submission: On January 25 via api (January 25th 2022, 10:30:06 pm UTC) from US — Scanned from DE

Summary HTTP 303 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 75 IPs in 12 countries across 60 domains to perform 303 HTTP transactions. The main IP is 2606:4700:3034::6815:5d59, located in United States and belongs to CLOUDFLARENET, US. The main domain is minimore.com. The Cisco Umbrella rank of the primary domain is 485107.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 25th 2021. Valid for: a year.

This is the only time minimore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2606:4700:303... 2606:4700:3034::6815:5d59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2606:4700:303... 2606:4700:3036::ac43:d4f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2.21.141.175 2.21.141.175	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400f:802::200e	15169 (GOOGLE) (GOOGLE)
6 24	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	35.158.60.56 35.158.60.56	16509 (AMAZON-02) (AMAZON-02)
1	2.21.111.28 2.21.111.28	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.201.7.199 18.201.7.199	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
4 9	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
10	185.86.138.122 185.86.138.122	201081 (SMARTADSE...) (SMARTADSERVER)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400f:80c::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400f:80d::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400f:804::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
12	108.157.4.109 108.157.4.109	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400f:803::2002	15169 (GOOGLE) (GOOGLE)
3 34	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
3	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
3	64.202.112.63 64.202.112.63	23352 (SERVERCEN...) (SERVERCENTRAL)
3	213.227.153.220 213.227.153.220	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400f:804::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	173.194.73.154 173.194.73.154	15169 (GOOGLE) (GOOGLE)
4	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
1	185.170.60.223 185.170.60.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
1 1	2a00:1450:400... 2a00:1450:400f:80d::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:6::8	15169 (GOOGLE) (GOOGLE)
1 5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	34.102.163.6 34.102.163.6	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	2a05:d018:d29... 2a05:d018:d29:3605:f8ff:4e61:fc04:1ff8	16509 (AMAZON-02) (AMAZON-02)
2	18.197.84.79 18.197.84.79	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	64.202.112.255 64.202.112.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
4 4	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4 5	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 11	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	52.31.13.93 52.31.13.93	16509 (AMAZON-02) (AMAZON-02)
1 3	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	207.198.113.171 207.198.113.171	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	44.202.78.54 44.202.78.54	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.156.3.27 35.156.3.27	16509 (AMAZON-02) (AMAZON-02)
1 1	54.144.85.208 54.144.85.208	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.193.59.132 34.193.59.132	14618 (AMAZON-AES) (AMAZON-AES)
1	54.71.47.92 54.71.47.92	16509 (AMAZON-02) (AMAZON-02)
1 3	54.229.233.249 54.229.233.249	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	104.92.74.8 104.92.74.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.21.141.148 2.21.141.148	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	34.232.92.67 34.232.92.67	14618 (AMAZON-AES) (AMAZON-AES)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 2	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2 2	54.82.194.177 54.82.194.177	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.95.115.255 52.95.115.255	16509 (AMAZON-02) (AMAZON-02)
2	34.206.79.92 34.206.79.92	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.64.162.179 52.64.162.179	16509 (AMAZON-02) (AMAZON-02)
1 3	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
2 2	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
1	104.36.113.23 104.36.113.23	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
2	72.251.232.229 72.251.232.229	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 7	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
5	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	199.187.193.193 199.187.193.193	47043 (SMARTADSE...) (SMARTADSERVER)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	204.237.133.121 204.237.133.121	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	104.36.113.17 104.36.113.17	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.20 198.47.127.20	() ()
303	75

22 2606:4700:3034::6815:5d59 (United States)

ASN13335 (CLOUDFLARENET, US)

minimore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:3036::ac43:d4f6 (United States)

ASN13335 (CLOUDFLARENET, US)

c.min.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.21.141.175 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-175.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400f:802::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.181.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.158.60.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-60-56.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.201.7.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-201-7-199.eu-west-1.compute.amazonaws.com

prebid.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.173.27 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adasia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400f:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 108.157.4.109 (United States)

ASN16509 (AMAZON-02, US)

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400f:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 13.248.245.213 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.132 (United States)

ASN54113 (FASTLY, US)

widgets.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

stas.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.153.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce13.ams-01.nl.leaseweb.net

b1t-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400f:804::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.73.154 (United States)

ASN15169 (GOOGLE, US)
PTR: lq-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.170.60.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a2192.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:80d::200e (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:6::8 (Ireland)

ASN15169 (GOOGLE, US)

r3---sn-5hne6nsr.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.163.6 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d018:d29:3605:f8ff:4e61:fc04:1ff8 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.84.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-84-79.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.255 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.134.244 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.66.49 (United States) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.21.141.232 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.31.13.93 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-13-93.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:13::1400 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

triplelift-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.171 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.202.78.54 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-202-78-54.compute-1.amazonaws.com

sync.hgrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.3.27 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-3-27.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.85.208 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-85-208.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.59.132 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-59-132.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.71.47.92 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-47-92.us-west-2.compute.amazonaws.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.229.233.249 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-233-249.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.141.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-148.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.92.67 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-92-67.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.122.14.34 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.82.194.177 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-194-177.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.115.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.206.79.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-79-92.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.64.162.179 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-64-162-179.ap-southeast-2.compute.amazonaws.com

sasinator.realestate.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.246 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.10.30 (Poland) 2 redirects

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.232.229 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 8.39.36.141 (Los Angeles, United States) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.193 (Canada)

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.237.133.121 (Philadelphia, United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.36.113.17 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	3lift.com 3 redirects tlx.3lift.com — Cisco Umbrella Rank: 600 ib.3lift.com — Cisco Umbrella Rank: 1122 eb2.3lift.com — Cisco Umbrella Rank: 389	279 KB
36	googlesyndication.com c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	177 KB
26	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 bid.g.doubleclick.net — Cisco Umbrella Rank: 452 cm.g.doubleclick.net — Cisco Umbrella Rank: 197	240 KB
24	min.ms c.min.ms	368 KB
22	minimore.com minimore.com — Cisco Umbrella Rank: 485107	570 KB
17	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 473 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459 image6.pubmatic.com — Cisco Umbrella Rank: 595 simage2.pubmatic.com — Cisco Umbrella Rank: 552 image4.pubmatic.com — Cisco Umbrella Rank: 848 image2.pubmatic.com — Cisco Umbrella Rank: 1032 simage4.pubmatic.com	103 KB
11	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1505 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578	5 KB
11	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 241 acdn.adnxs.com — Cisco Umbrella Rank: 565 secure.adnxs.com — Cisco Umbrella Rank: 404	23 KB
10	adform.net 1 redirects track.adform.net — Cisco Umbrella Rank: 3933 s1.adform.net — Cisco Umbrella Rank: 7975 c1.adform.net — Cisco Umbrella Rank: 608	88 KB
10	rubiconproject.com 3 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 467 eus.rubiconproject.com — Cisco Umbrella Rank: 541 token.rubiconproject.com — Cisco Umbrella Rank: 689 pixel.rubiconproject.com — Cisco Umbrella Rank: 312	15 KB
10	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 461 a2192.casalemedia.com — Cisco Umbrella Rank: 637331 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 520 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590 dsum.casalemedia.com — Cisco Umbrella Rank: 1272	11 KB
9	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 369 mug.criteo.com — Cisco Umbrella Rank: 2864 bidder.criteo.com — Cisco Umbrella Rank: 722 dis.criteo.com — Cisco Umbrella Rank: 691	9 KB
9	gstatic.com fonts.gstatic.com csi.gstatic.com	150 KB
7	zemanta.com 1 redirects widgets.zemanta.com — Cisco Umbrella Rank: 7606 b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 19510 b1sync.zemanta.com — Cisco Umbrella Rank: 588	8 KB
6	amazon-adsystem.com 3 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 284 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1565	3 KB
6	google.com www.google.com — Cisco Umbrella Rank: 13 adservice.google.com — Cisco Umbrella Rank: 80	2 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 imasdk.googleapis.com — Cisco Umbrella Rank: 418	130 KB
5	bidr.io 5 redirects match.prod.bidr.io — Cisco Umbrella Rank: 524	2 KB
5	everesttech.net 4 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 560	1 KB
5	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470 ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	4 KB
5	adsrvr.org 1 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	2 KB
4	mathtag.com 4 redirects sync.mathtag.com — Cisco Umbrella Rank: 421	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	149 KB
3	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 636	2 KB
3	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 673	1 KB
3	dotomi.com 1 redirects triplelift-match.dotomi.com — Cisco Umbrella Rank: 5424 casale-match.dotomi.com — Cisco Umbrella Rank: 2733 pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3523	393 B
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 957 r3---sn-5hne6nsr.c.2mdn.net — Cisco Umbrella Rank: 430833	1 KB
3	outbrainimg.com zem.outbrainimg.com — Cisco Umbrella Rank: 2841	25 KB
3	outbrain.com stas.outbrain.com — Cisco Umbrella Rank: 2902	822 B
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 738 idsync.rlcdn.com — Cisco Umbrella Rank: 316	44 B
2	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1634	816 B
2	creativecdn.com 2 redirects us.creativecdn.com — Cisco Umbrella Rank: 3401	761 B
2	realestate.com.au 1 redirects sasinator.realestate.com.au — Cisco Umbrella Rank: 6019	1 KB
2	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1228	176 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 876	1 KB
2	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 745	1022 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 645	55 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 865	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 626	620 B
2	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 770	930 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 287	440 B
2	google.de www.google.de — Cisco Umbrella Rank: 5557 adservice.google.de — Cisco Umbrella Rank: 8028	1 KB
2	openx.net adasia-d.openx.net — Cisco Umbrella Rank: 38420 u.openx.net — Cisco Umbrella Rank: 710	467 B
2	smaato.net prebid.ad.smaato.net — Cisco Umbrella Rank: 3946	678 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2366	23 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	83 KB
2	anymind360.com anymind360.com — Cisco Umbrella Rank: 21459	162 KB
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1255	503 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 746	380 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1187	462 B
1	brand-display.com dmp.brand-display.com — Cisco Umbrella Rank: 1929	261 B
1	advangelists.com 1 redirects nep.advangelists.com — Cisco Umbrella Rank: 2192	233 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 973	627 B
1	hgrtb.com 1 redirects sync.hgrtb.com — Cisco Umbrella Rank: 2170	259 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 273	599 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 546	944 B
1	mrtnsvr.com 1 redirects ad.mrtnsvr.com — Cisco Umbrella Rank: 2371	250 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	295 B
0	adotmob.com Failed sync.adotmob.com Failed
303	60

	Domain	Requested by
34	eb2.3lift.com	3 redirects c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com ib.3lift.com eb2.3lift.com anymind360.com
24	c.min.ms	minimore.com c.min.ms
22	minimore.com	minimore.com c.min.ms
20	tpc.googlesyndication.com	c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
12	cm.g.doubleclick.net	6 redirects eb2.3lift.com ssum-sec.casalemedia.com
12	ib.3lift.com	c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com ib.3lift.com
12	securepubads.g.doubleclick.net	anymind360.com securepubads.g.doubleclick.net minimore.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com www.googletagservices.com
10	prg.smartadserver.com	anymind360.com
9	ib.adnxs.com	4 redirects anymind360.com eb2.3lift.com acdn.adnxs.com
7	fonts.gstatic.com	fonts.googleapis.com
6	c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	simage2.pubmatic.com	ads.pubmatic.com
5	match.prod.bidr.io	5 redirects
5	sync-tm.everesttech.net	4 redirects ssum-sec.casalemedia.com
5	match.adsrvr.org	1 redirects eb2.3lift.com ssum-sec.casalemedia.com ads.pubmatic.com
5	www.google.com	minimore.com c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com tpc.googlesyndication.com
4	image2.pubmatic.com	ads.pubmatic.com
4	pixel.rubiconproject.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	sync.mathtag.com	4 redirects
4	s.amazon-adsystem.com	2 redirects eb2.3lift.com ssum-sec.casalemedia.com
4	pr-bh.ybp.yahoo.com	2 redirects ssum-sec.casalemedia.com ads.pubmatic.com
4	track.adform.net	c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com s1.adform.net
4	www.googletagservices.com	c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
4	tlx.3lift.com	anymind360.com c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
4	gum.criteo.com	2 redirects static.criteo.net
4	fonts.googleapis.com	minimore.com c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
3	token.rubiconproject.com	3 redirects
3	c1.adform.net	1 redirects eb2.3lift.com ads.pubmatic.com
3	js-sec.indexww.com	ssum-sec.casalemedia.com anymind360.com
3	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com js-sec.indexww.com
3	s1.adform.net	track.adform.net s1.adform.net c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
3	zem.outbrainimg.com	c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
3	b1t-eudc1.zemanta.com	c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
3	stas.outbrain.com	c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
3	widgets.zemanta.com	ib.3lift.com
3	mug.criteo.com	minimore.com
3	ads.pubmatic.com	anymind360.com ads.pubmatic.com
2	image4.pubmatic.com	ads.pubmatic.com
2	cm.adgrx.com	ssum-sec.casalemedia.com ads.pubmatic.com
2	us.creativecdn.com	2 redirects
2	sasinator.realestate.com.au	1 redirects eb2.3lift.com
2	rtb.adentifi.com	eb2.3lift.com ssum-sec.casalemedia.com
2	aax-eu.amazon-adsystem.com	1 redirects eb2.3lift.com
2	pm.w55c.net	2 redirects
2	um.simpli.fi	1 redirects ads.pubmatic.com
2	eus.rubiconproject.com	anymind360.com eus.rubiconproject.com
2	static.criteo.net	anymind360.com static.criteo.net
2	rtb.mfadsrvr.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	ad.turn.com	2 redirects
2	x.bidswitch.net	eb2.3lift.com
2	r3---sn-5hne6nsr.c.2mdn.net
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
2	prebid.ad.smaato.net	anymind360.com
2	script.4dex.io	anymind360.com script.4dex.io
2	www.google-analytics.com	minimore.com www.google-analytics.com
2	connect.facebook.net	minimore.com connect.facebook.net
2	anymind360.com	minimore.com anymind360.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	ups.analytics.yahoo.com	1 redirects
1	idsync.rlcdn.com	ads.pubmatic.com
1	dis.criteo.com	1 redirects
1	rtb-csync.smartadserver.com	ads.pubmatic.com
1	id.rlcdn.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	cms.quantserve.com	1 redirects
1	bttrack.com	eb2.3lift.com
1	sync.ipredictive.com	1 redirects
1	acdn.adnxs.com	anymind360.com
1	u.openx.net	anymind360.com
1	dmp.brand-display.com	ssum-sec.casalemedia.com
1	nep.advangelists.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	sync.hgrtb.com	1 redirects
1	triplelift-match.dotomi.com	eb2.3lift.com
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	px.ads.linkedin.com	eb2.3lift.com
1	ad.mrtnsvr.com	1 redirects
1	gcdn.2mdn.net	1 redirects
1	a2192.casalemedia.com	c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de	minimore.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	bidder.criteo.com	anymind360.com
1	adasia-d.openx.net	anymind360.com
1	fastlane.rubiconproject.com	anymind360.com
1	hbopenbid.pubmatic.com	anymind360.com
1	htlb.casalemedia.com	anymind360.com
1	www.facebook.com	minimore.com
0	sync.adotmob.com Failed	ssum-sec.casalemedia.com
303	101

This site contains links to these domains. Also see Links.

Domain
store.minimore.com
reurl.cc
www.facebook.com
www.twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-25` - `2022-10-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
anymind360.com R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-04` - `2022-02-02`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
smaato.net Sectigo ECC Organization Validation Secure Server CA	`2020-07-28` - `2022-10-04`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.zemanta.com R3	`2022-01-23` - `2022-04-23`	3 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.outbrainimg.com R3	`2021-12-08` - `2022-03-08`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2021-01-13` - `2022-02-14`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2021-12-06` - `2022-06-06`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.knorex.com Amazon	`2021-08-26` - `2022-09-24`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-01-18` - `2022-03-29`	2 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-18` - `2022-07-13`	6 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh

This page contains 35 frames:

Primary Page: https://minimore.com/b/Gd3dq/1
Frame ID: 955C551C240C8518107B83D85F32E996
Requests: 105 HTTP requests in this frame

Frame: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6C8A0ABB6A370D0258279A536E46C06E
Requests: 1 HTTP requests in this frame

Frame: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8393CE102E7D06AFBB8EAAFD6874105B
Requests: 16 HTTP requests in this frame

Frame: data://truncated
Frame ID: 7D833D722ACCD75B0885019520D9ED3A
Requests: 1 HTTP requests in this frame

Frame: https://widgets.zemanta.com/1629452000/widget-300x250.js
Frame ID: B70294BB65A99729871D90220E680C83
Requests: 4 HTTP requests in this frame

Frame: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BA0252E1094003B9F46A0A98F6E58836
Requests: 17 HTTP requests in this frame

Frame: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 152B953A979192BCBB097E4B8EBAFDDB
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/abg_lite_fy2019.js
Frame ID: CBF5DCFD0160CEAAF3B8CF0F7149A6A9
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 11FC13ECD55BFC6A4E960E1828D28B0C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8CAB33E52EA65C48E526C22BF5B696C1
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 143F6A0F9D6A9E6D3599A9839ECB16AD
Requests: 1 HTTP requests in this frame

Frame: https://widgets.zemanta.com/1629452000/widget-728x90.js
Frame ID: B75C732EB589F77777EDC8C014B38054
Requests: 4 HTTP requests in this frame

Frame: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BC4792D5E3C4CD0E0E1DCD8C42ED3B54
Requests: 16 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6E0A451A68DCCB23DCF35FEEE110051E
Requests: 1 HTTP requests in this frame

Frame: https://widgets.zemanta.com/1629452000/widget-728x90.js
Frame ID: 2E076B1CB162BCB44D9BD207976F0531
Requests: 4 HTTP requests in this frame

Frame: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EB5C2956EC425E58BB6FE8AED8440C77
Requests: 16 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=29097&ld=1
Frame ID: CFFD099C260D1E4A717C4B5634FCC5BC
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=29999
Frame ID: 6CE1346C28CA801A7F3A2632B3113D4F
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 90B36528F75F2D2D97A424E657DBDD88
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Frame ID: 69A89F22222BD24E66EA2D0A5272CCB3
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=86276
Frame ID: B9B3417BF7E046155472DCA6AA12E8B7
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=minimore.com
Frame ID: 97D64F540471B8E75E0748E823EBE485
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 61E06B5EB1D634E7839FC4D9D71543C1
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7483D3FC343E17C55236EB1755B8DAA1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: BB9E069C1675DFD5F95B6E8808EF882D
Requests: 16 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: BD5FD1C3B39D3E58271B74DA75A745DC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A6EA3D7F46D5BA0C5BE5A098FD176A32
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E3289A91EDDEB17659576E9F08B8F7E6
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://minimore.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 93BA5863E60DCB41EC0E35BA93116D94
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=512ED59C-E11D-4EDE-B90A-E7FB4123CCD4
Frame ID: 3DC0600D62B3034BE25DC8C21876F86C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfB56QABSkS9RwBB&gdpr=0&gdpr_consent=
Frame ID: 59B711C16347B074756A43611408A750
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1ca461f0-79e9-4e00-b7d1-390af1646a45&gdpr=0&gdpr_consent=
Frame ID: E86A42DB45153370BCFDBA1C6E361BE5
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACUtU7D4PQAAEGMcOpevA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: 85281F5587206C3A028315214FD7F3C2
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 4769FE90DE25CD2352E46C4E582985B0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 06C02600DCE46E236AE86DAF18D90483
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Scream (2022) หวีดสุดขีด เต็มเรื่อง - ดูหนังออนไลน์ - หวีดสุดขีด 5 - Minimore

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Mustache (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mustache(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

303
Requests

84 %
HTTPS

34 %
IPv6

60
Domains

101
Subdomains

75
IPs

12
Countries

2701 kB
Transfer

6790 kB
Size

79
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://store.minimore.com/
Title: Store

Search URL Search Domain Scan URL

URL: https://reurl.cc/xOl9d4
Title: https://reurl.cc/xOl9d4

Search URL Search Domain Scan URL

URL: https://www.facebook.com/minimoreweb

Search URL Search Domain Scan URL

URL: https://www.twitter.com/minimoreweb

Search URL Search Domain Scan URL

URL: https://www.instagram.com/minimoreweb

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fminimore.com%2F&domain=minimore.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=KXuWY3x3dlRNQUZWR1U5TG5BOS9GV3VOci9TNUQ1bGhNVWF1UXM3a0dsQVNhSXNjSmNWR1dsdkJBb2NVS2NDTGZNRHBsMHpHS2llRStqamdCbEVpU0YrY01XZFBBMjE1Um9LaEdNS0xzZjZ6Y2VxRHBXa0lteWNtbHBnWU9idnpMeFF1aTBFTSs0NHZVZ2k0TExGdGw5MENFbitzRktRWFU2T3ZKWjZ5cVQ1d2VDemJVNkdhSlRnVlZSTFVwWElDeUhKdTZ6dHJ0K0hrVUZaNjZrUSs2ZllJcERDeThxQW1PNmFWREZuNlg1bjlPcjdBPXw&cppv=2

Request Chain 193

https://eb2.3lift.com/sync?max=10&cb=29097 HTTP 302
https://eb2.3lift.com/sync?max=10&cb=29097&ld=1

Request Chain 195

https://gcdn.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674685800/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/6295B5625AED8CC847C2DFE03480464B3BA96F1F.B2915A431A43A034DDEEFC988B2F3C25B635EEDB/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-5hne6nsr.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674685800/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/51FF93B107ED2D69A739B856D20994896914BC39.791B119EC940D3AAC90CDB1B96F7523FD37AFFF7/key/cms1/cms_redirect/yes/mh/Tu/mip/2a03:1b20:6:f011::3e/mm/42/mn/sn-5hne6nsr/ms/onc/mt/1643149191/mv/u/mvi/3/pl/48/file/file.mp4

Request Chain 198

https://ad.mrtnsvr.com/sync/triplelift HTTP 302
https://eb2.3lift.com/xuidmid=7976&xuid=G7KoFx54M&dongle=u6nf

Request Chain 200

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0MzUzNDk2Nzg2NjgxMDI3ODkyNA%3D%3D

Request Chain 202

https://pr-bh.ybp.yahoo.com/sync/triplelift/1643534967866810278924?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-xDRO2DZE2oQ25b5Mx4NCI1_SyBFfx_SjD2gwYYvQ9Q--~A&dongle=0883

Request Chain 205

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=1643534967866810278924 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1643534967866810278924&dcc=t

Request Chain 206

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 207

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=7878509948980262650&dongle=d407

Request Chain 210

https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3690&xuid=1ca461f0-79e9-4e00-b7d1-390af1646a45&dongle=3995&gdpr=1&gdpr_consent=

Request Chain 211

https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=&_test=YfB56QABSkS9RwBB HTTP 302
https://eb2.3lift.com/xuid?mid=3657&xuid=YfB56QABSkS9RwBB&dongle=3c0a&gdpr=1&gdpr_consent=&_test=YfB56QABSkS9RwBB

Request Chain 212

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=2685644907964891823&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 215

https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1

Request Chain 220

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=2685644907964891823&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 221

https://eb2.3lift.com/ebda?sync=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0MzUzNDk2Nzg2NjgxMDI3ODkyNA%3D%3D

Request Chain 222

https://match.prod.bidr.io/cookie-sync/trl HTTP 303
https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1 HTTP 303
https://eb2.3lift.com/xuid?mid=7255&xuid=AACUtU7D4PQAAEGMcOpevA&dongle=bzwx

Request Chain 225

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=

Request Chain 226

https://sync.hgrtb.com/triplelift?redir=http%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmy_external_user_id%26dongle%3D8f7 HTTP 302
https://eb2.3lift.com/xuid?mid=7666&xuid=fca8f1c1-75f2-4471-85ee-1d8358b51324&dongle=8f7

Request Chain 227

https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4945&xuid=68606eba-53ec-4249-835a-38987125a61d&dongle=31ac

Request Chain 228

https://sync.srv.stackadapt.com/sync?nid=13&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2319&xuid=0-37b29cc0-1a0d-46c6-504e-069d8ba7579f$ip$185.213.155.163&dongle=4430

Request Chain 229

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfB56cj8rJs8K-1hv-YszgAABMQAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfB56cj8rJs8K-1hv-YszgAABMQAAAIB&dcc=t

Request Chain 230

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfB56cj8rJs8K.1hv.YszgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELJrOmhylbUDy5AkxErVgSs&google_cver=1&gdpr=1&google_hm=2

Request Chain 234

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-fb850740-8e35-4297-a752-48b58a93c0d0

Request Chain 236

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YfB56cj8rJs8K.1hv.YszgAA%261220?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YfB56cj8rJs8K.1hv.YszgAA%261220?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 246

https://gum.criteo.com/sid/json?origin=publishertag&domain=minimore.com&sn=ChromeSyncframe&so=3&topUrl=minimore.com&bundle=UV_nBV9zWHUxb2ZTRnV5RzZDRiUyQjJFdWo0VVNNbUlQb3VHb2tHelRYcUhrRmxneXdFUzRDJTJGT3Y0WTUlMkJHU3UzS2o5RWg3eDhITVVlNkZaRXpqTWdyWTh0dXpxejRCN093NE1DdUZXUlBHbkZocWpIaGJRS0VTOG5LVm1KT2ZLSXlPV3ZLSg&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Nts8m3xRb24welR5Wk5NKzF4Z3ZDdVhMRXhRNGVsMVpkM3NYV1UrUStxamREZE40SW94WHplc0ZxQjBRdS8yQWFnQkhacWUyZThPL29ZMGFxc3ZDdXNpSzcwWHFIRGphU2ZaTlpDd1pTVnR6OXJYeXVSL3NNdmsvQ1YxWmJsTjdPYm5ZYXJTUGxsNEhBalYxaFhFYTcvK1haQ2w2c0o3cUVqeFN4YzB6S2tCR1JnaHRGWVJKYWJnTXN1UUtUNDYxSnFYd2hqL3o4ci9xQkM3QTk4WitITkphNEFFMlNVZXQ3T0pROXNEaE85TlRSak1EOFdoZDc2QiswTGNaVGtiOTFHNTVhOVk3K1VFdFRvM00zNHpoUmFDbkRCZz09fA&cppv=2

Request Chain 257

https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3702&xuid=56b747b4-7e2e-11ec-a519-b1962ed8ea81&dongle=d54f&gdpr=1&gdpr_consent=

Request Chain 259

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=6863561DC9284FFEB17B932B433FA6BC&dongle=yf3

Request Chain 260

https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?gdpr=1&mid=5316&dongle=fa68&xuid=WNgCAlnQAVNDiFACCIpJUw3ZV1ZD31BXXI9Pi9uT

Request Chain 261

https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=6019&xuid=zeLbE85S1Ncukb5&dongle=465e&gdpr=1&gdpr_consent=

Request Chain 262

https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=1643534967866810278924 HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1643534967866810278924&dcc=t

Request Chain 264

https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=1643534967866810278924 HTTP 302
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=1643534967866810278924

Request Chain 266

https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=1&gdpr_consent= HTTP 302
https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=1&gdpr_consent=&tc=1 HTTP 302
https://eb2.3lift.com/xuid?mid=6547&xuid=d6Xp1gi2rgC9yO3N7bpu&dongle=45fg&pi=triplelift&gdpr_consent=&gdpr=1&tc=1

Request Chain 273

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACUtU7D4PQAAEGMcOpevA&expiration=1644359402&gdpr=1

Request Chain 275

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643236202&gdpr=1

Request Chain 282

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/9xU_qewpkLT-j2DxKwHPJA?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4007180525440373652

Request Chain 283

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfB56QABSkS9RwBB

Request Chain 284

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEDx7vnpjaSa3QkQih6OZeg&google_cver=1

Request Chain 285

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lVT1lSTUMtVS1GWjJO

Request Chain 286

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1ca461f0-79e9-4e00-b7d1-390af1646a45&expires=28

Request Chain 287

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzY5YWYyNzc0Njg1NzVkYWE2NDhhMjE3YzdlNmNjZDliOWRiYTkxYQ

Request Chain 288

https://c1.adform.net/serving/cookie/match?party=14&cid=512ED59C-E11D-4EDE-B90A-E7FB4123CCD4 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=512ED59C-E11D-4EDE-B90A-E7FB4123CCD4

Request Chain 289

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfB56QABSkS9RwBB&gdpr=0&gdpr_consent=

Request Chain 290

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1ca461f0-79e9-4e00-b7d1-390af1646a45&gdpr=0&gdpr_consent=

Request Chain 291

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDVXRVN0Q0UFFBQUVHTWNPcGV2QQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACUtU7D4PQAAEGMcOpevA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID

Request Chain 293

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=US7VnOEdTt65Cuf7QSPM1A%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 296

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1ca461f0-79e9-4e00-b7d1-390af1646a45

Request Chain 297

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTEyRUQ1OUMtRTExRC00RURFLUI5MEEtRTdGQjQxMjNDQ0Q0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 298

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHqt3Vx-eIRTLiOSCtE1BkE&google_cver=1

Request Chain 300

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7878509948980262650&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 301

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d5508542-7ef5-437c-ac95-943be9b2a954

Request Chain 303

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=512ED59C-E11D-4EDE-B90A-E7FB4123CCD4&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KSqIHQlE2uVcN5ucwMqG6qYMwlmjW_Y-~A&gdpr=0&gdpr_consent=

Request Chain 304

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2685644907964891823&gdpr=0&gdpr_consent=

Request Chain 305

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

303 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1 Show response
minimore.com/b/Gd3dq/ 35 KB
10 KB 1108ms
1087ms Document
text/html 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: db086a0371e7d69c0c0a9160f9bfc20db6b00886a938f7d2400e916989d88d9e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 25 Jan 2022 22:29:58 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/5.5.38
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
mm-dbg-000: DEVTEST =
mm-dbg-001: reader view: Gd3dq
mm-dbg-002: USER TRUE DB
mm-dbg-003: restoreMinimoreSession
mm-dbg-004: restoreMinimoreSession - session userid not found
mm-dbg-005: restoreMinimoreSession - no time indicator
mm-dbg-006: restoreMinimoreSession - End
mm-dbg-007: ch_1stimg : /member/c/152/152915/pagegallery/1643134360/4134d93f.jpg
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SabU%2FQHZU46uqIUkym%2B2r8U9kM6Qc0L8AtoY7Mq%2FqY0xGcKpZdT%2FHeL8iWPbu9R3PW8ZnyCH4tEZc9wS6LgAMYL%2ByXOP7iB2cECjTPUPt%2FyIMZ8iMX5hM4vZI9fsKpr1ta9TyqkXm18rcoA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d34f17cf81f9130-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.css
c.min.ms/stylesheets-v2/canvas/ 123 KB
19 KB 52ms
29ms Stylesheet
text/css 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/stylesheets-v2/canvas/bootstrap.css
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35a9163ef6a49ede1428d044369ee6bc1aebc6a3aff55aa9eb375902cebb9d6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6423
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:50 GMT
server: cloudflare
etag: W/"57ecc546-1ec34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NI7ccIfv0kO1yly0LYzIO7qSJrhqHNwa%2Fu3v%2Bc%2FDbXCqyMfeQuTB%2BMTsfiETzO0gM0fxs1iQ0jw1XrnnF7a5yWlai5fKF6u%2BT7A4oBh7%2BcINrvN%2B%2Bd%2B%2BUUB54FV3ymMHq5KJFN0cyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840f989299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 font-icons.css
c.min.ms/stylesheets-v2/canvas/ 48 KB
8 KB 45ms
22ms Stylesheet
text/css 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/stylesheets-v2/canvas/font-icons.css
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46a7ad4b363112e365705c297e829fca8a22f678ddd288cfd4e7eeaf81fb933f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6423
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:50 GMT
server: cloudflare
etag: W/"57ecc546-bfca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUJ4MwEu%2FwBNjin%2F2i7v0BZefI%2B4U3jzfzphjT%2Bh2LU3QG87OhulaLFewsUq4dr42nKeD3sk2GQB7jw%2Fyr2SdBbKZ2%2FjvuOceiquoqp6dKzvggbB%2FtGlqlj6dwbiOtWScjw2MUdH7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840f9c9299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 animate.css
c.min.ms/stylesheets-v2/canvas/ 66 KB
5 KB 46ms
23ms Stylesheet
text/css 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/stylesheets-v2/canvas/animate.css
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ee9dc9af8a4af69f6e088892caab46aa33dacd55971f303db3d98e37344849e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6423
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:50 GMT
server: cloudflare
etag: W/"57ecc546-107bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quwsQuWoOkTH5%2BDiOGA%2BgHqO4bvW%2BmMqkxFN60b%2B61Nqd5sl4eraZHovpOkJbt%2BdYfjIInF25TVRb3aYLuzJNfD23kWGHZGqcEypFT4JBLK2FLlkE1I0VYXlz0WPcgXw95FzXYwSjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840f9d9299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 magnific-popup.css
c.min.ms/stylesheets-v2/canvas/ 8 KB
2 KB 54ms
31ms Stylesheet
text/css 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/stylesheets-v2/canvas/magnific-popup.css
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e12fe580fbbffdcb60362f180046d465ba2ac34044e76f0b8cada90d2ca65240

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:49 GMT
server: cloudflare
etag: W/"57ecc545-2008"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ho%2FtljIixvUQrR6gW80g3YVrVtbD%2FVmC37jMJ7dGvSZvt9GnopdkUPT0UwrrigqaUwIvTTxycjcl6wrNbKMLF0opSt6P50R%2Fz1Dhp71%2Bb%2Bfvb12mNANLOPws77tW5NF3Ml3WsWs4Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840f9f9299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 select2.min.css
c.min.ms/libs/select2/ 15 KB
2 KB 54ms
31ms Stylesheet
text/css 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/select2/select2.min.css
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Jan 2018 09:57:26 GMT
server: cloudflare
etag: W/"5a549206-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBKY3LBylRcb%2B52clCOO1PKyvBGJr2NO90LMgHCikeYGwXyqfbNyYjX%2FkevSUl4GISSSxojKQs7lO6w4drG3JWFGjm4VQZ0DUqEzeOFEipjVnkUoMhWmQiI90hY61QPC71X2zQwEeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fa19299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 jquery-datepicker-bootstrap.css
minimore.com/stylesheets-v2/ 2 KB
879 B 26ms
20ms Stylesheet
text/css 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minimore.com/stylesheets-v2/jquery-datepicker-bootstrap.css
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9928579af053d8d7d498386a6f57bd59a49a3eada9080617d110c95ad48f5bec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/b/Gd3dq/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55212
cf-polished: origSize=2920
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Oct 2016 11:08:19 GMT
server: cloudflare
etag: W/"b68-53e94e4dc8940-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKCoN0yXj82klDsmHAZlIdPLeA4NdprWD0Xdc%2BV4Hzfox67hb%2FrlhF%2BGrxsgx7%2Fn59dKWEH3eNrzG%2BaOakfsKUjcl%2FftI9kIrg8e77cCtgPCLW3eOZTk9cUiA6QTIiiqt2Qznv1tzAJzxVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6d34f183e9359130-FRA
expires: Tue, 01 Feb 2022 07:09:34 GMT

GET
H2 200 style_canvas_mnm.css
minimore.com/stylesheets-v2/ 308 KB
50 KB 26ms
21ms Stylesheet
text/css 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minimore.com/stylesheets-v2/style_canvas_mnm.css?4
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3b4c6f49ea4ff95304322fb999d4e259055ada349dd54089f8d7cbda7fa081f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/b/Gd3dq/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55212
cf-polished: origSize=419527
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 Jan 2018 08:18:01 GMT
server: cloudflare
etag: W/"666c7-563089a2cb2fd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzi%2FGvxNS5qEVATwBAeQW%2Fs8MZO5xBiEZ5GKQpX3iW4RgmtGea9wehm7b%2FVyQqvka8d2Y3HG7BHpNSOoiBnUAfFVeRo0q2kaDjfv9l4jtbldmvuMKuGMr%2BDPXkGMUpsxr3MH11DsX5o9DFc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6d34f183e93a9130-FRA
expires: Tue, 01 Feb 2022 07:09:34 GMT

GET
H2 200 custom_topbar-v4.css
minimore.com/stylesheets-v2/ 8 KB
2 KB 19ms
14ms Stylesheet
text/css 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minimore.com/stylesheets-v2/custom_topbar-v4.css?4
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68aa8b79daeec81c083a87413651af06bd3fc4a61873779d05e2a94b283e1f91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/b/Gd3dq/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55212
cf-polished: origSize=11228
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 24 Feb 2021 07:49:29 GMT
server: cloudflare
etag: W/"2bdc-5bc1046600610-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YTe%2BekdNc2mokV6qdjof%2FrdmFAwSei%2B7KQUlpGE1IJeHNO84vidBKbTDtd1ggBaoi8WxAI7eq95VZZSdDTJNpEWDsj2hpWKtRGupnxwSC5hQwMZOrYr3EBzWoVyEqTYDNTvxPLQy6Ne0%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6d34f183e93c9130-FRA
expires: Tue, 01 Feb 2022 07:09:34 GMT

GET
H2 200 custom_mnm-v4-ne.css
minimore.com/stylesheets-v2/ 159 KB
23 KB 22ms
17ms Stylesheet
text/css 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minimore.com/stylesheets-v2/custom_mnm-v4-ne.css?7
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea5695da154c7e5689d62dc62cdc3ae7c8ad33c4bd2aaeb06dce6c10c3a6761e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/b/Gd3dq/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55211
cf-polished: origSize=208000
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 25 Feb 2021 05:47:04 GMT
server: cloudflare
etag: W/"32c80-5bc22ae690790-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9dsf5k0tV4GazD5uwmT4wUHu%2BVh%2Fd377a27SdWrmEbh2viW%2FADuDT9lyHnDQW8%2FRLY%2BhRo5bor2pdbT%2BozJkvLSZTzFgKDTUzzkm4cY%2BJKy6UvyybHqsPSzHGRGuTHs2PMJMM4UzEEb4Q4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6d34f183e93e9130-FRA
expires: Tue, 01 Feb 2022 07:09:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 137ms
46ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,400italic,600,700|Raleway:300,400,500,600,700|Crete+Round:400italic

Requested by

Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

18ecfe31ee74c430f45c0335a5ff772e050f911b8ebc908ea4c553e7b59c284e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 21:27:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 25 Jan 2022 22:29:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jan 2022 22:29:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
604 B 145ms
54ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Kanit:400,500,300&subset=thai,latin

Requested by

Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d89bd282b43a8f4bcc1cc081893d3957d8faad98a50e0a3a8a50e80f5a8707cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 22:29:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 25 Jan 2022 22:29:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jan 2022 22:29:59 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
c.min.ms/libs/ 91 KB
33 KB 53ms
32ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/jquery-1.9.1.min.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1f5d7b734094009d0decf983a28839b357075aec4252ffd32b5d5cdc2b0e0c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:50 GMT
server: cloudflare
etag: W/"57ecc546-16ca1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBSh0RtrqKaTcsmSIEbjJr4vqin24Q7Y8F0H1wVse2%2BnViUvDxQW7bzyUIKG2ZuVQM14InTvCMANxkjGLNUF1gZscxqWSoYFpP%2Fz%2F9Z6ncM0PrGnxUjDKZmtywkIGRGgiONkmCsdrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fa99299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
c.min.ms/libs/ 7 KB
4 KB 51ms
31ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/jquery-migrate-1.2.1.min.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:49 GMT
server: cloudflare
etag: W/"57ecc545-1c20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYnfvP7j8GvIHJ2oZHQR5FOAJtFiKSfS5ea26OAFg5Iy1Zkmqt68wM9avwVS1Jdoae4Nh4Xvw2dTboCmsfF7IukoAinrYWM9rPYMxmTsR2NsyrS%2Bawp9b%2FN4kYFxfsgzcZmnWqrWVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840faa9299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 jquery-ui-1.12.1.min.js Show response
c.min.ms/libs/ 101 KB
32 KB 44ms
23ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/jquery-ui-1.12.1.min.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6bc45dd2b4cbc48175427fea5bb7123235d27e876da2535ef71f52ffe3c9959

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 10 Oct 2016 12:11:56 GMT
server: cloudflare
etag: W/"57fb858c-1959b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8d2FFNh%2FBaEYN0Sk1mBvr1oFYbLsWxxbGMM7%2B6XP5Mrvivxh4%2BXf7k7hBUp%2FKrdgEoaZPDil8n4v2gcL9je1M2TyPPynbG9nOdhrpr7gjUvRcUbXh4Hg%2FAXhR04xJRv1ofInZF6TFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fac9299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 mmapi.js Show response
c.min.ms/libs/ 3 KB
1 KB 41ms
21ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/mmapi.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ce4fdbc18bd742b5ac6295e92f7c76519804e864d78fd51b9e4251841fd9c38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:44 GMT
server: cloudflare
etag: W/"57ecc540-c67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8XxAUBv6DR2ZvGYehg9naM7tbN0mm1A56DdJyHqIivi%2BkQMBwtAUiCZTuXd4K1JwDvuv8VpPBm%2BoprVahxvMVk1Gp87hUFaxWWkfaKqRuStBL9RzVAjMz%2FphC0O9Pj%2BpOrV09OieQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fb29299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 mustache.min.js Show response
c.min.ms/libs/ 5 KB
3 KB 43ms
23ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/mustache.min.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d89ebf65c1e69c42a32862393c0a637bbcac5551f2cb866f636623349b518a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:43 GMT
server: cloudflare
etag: W/"57ecc53f-13ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpLyKgV%2Fdg4xMEMcef5J%2BAPhA9vXWuwhJuzHuwhp1v4Y7pSaaEPU57PgWtzB84yTNBGEUfKoioL8qFahkq6sIRoG%2BoDOht3HEciSLP0PX391zaMeotYpxMNgp8XdhM4E0%2Fic8uauNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fba9299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 bootstrap.min.js Show response
c.min.ms/libs/ 36 KB
11 KB 56ms
36ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/bootstrap.min.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:49 GMT
server: cloudflare
etag: W/"57ecc545-9004"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87KrnOs9SSqtHtwcakiCDv238FSEyzvt6ip3VpWYv44ct0a%2FLp6ORiIKZqU%2F5Fu25%2BnMrdOn9kjfN7Yr29ZUOIfzV08udDuau1lIFPaoDXPPdw4L0Cig6uE8q4dBDBYv%2BrfpBZNNbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fb69299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 jquery.autosize.min.js Show response
c.min.ms/libs/ 3 KB
2 KB 40ms
20ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/jquery.autosize.min.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e354092005054186c9408c4f4418888d5aebd0407e6201a61100d23c9216274

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:47 GMT
server: cloudflare
etag: W/"57ecc543-c23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfxJJx9lvDuLCTEwEDq63zYJY9ubvfl0ctHhpsj9cvZA3Cc%2FnGYjYUDr3bw2e2u2AOHT0ErOb097MuKM%2BZm0OKqWStwy2KK06nMVkgQp6KxjbQQhZ4QfZOV2Tr%2BDVfwjgqQ2YcVL7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fb59299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 jquery.form.min.js Show response
c.min.ms/libs/ 14 KB
6 KB 51ms
31ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/jquery.form.min.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fed1204eb2bb4368115879eb9ba50fb9c5e7be5229f65228f441cc420309176

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:44 GMT
server: cloudflare
etag: W/"57ecc540-3732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrUB%2B1ZTlk43DCOFsWd09UuFbr2Hi1hW9S8X6UVMMP%2BF4Mk4aytCwLiUaMTRaji3GL6y0JALgZxt5%2B6hJd2u5rTkcjMGHyAus9x7%2FDiezr%2F1mKc1eu2axawhmKFLuNhEq7NBuiU9kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fb09299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 jquery.webkitresize.edited.js Show response
c.min.ms/libs/ 33 KB
4 KB 40ms
20ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/jquery.webkitresize.edited.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d69174f817beeb1128f62e8491d5ec0041ac17e136f7aac7fdf718f172bfef2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:42 GMT
server: cloudflare
etag: W/"57ecc53e-8593"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BSYfn2ZNl1Tm0h0zvxkJGUUvmDEod4HWGoirvWZzJIG2uedD%2BtkBk4yf1jlBZ6wxo5QqRLTvJH3OX%2Fxq9dJkx3ORDQk70cxZED0ddNMK8Zds4Da7BESI0LmKA14m%2BgozoMX%2BbQPIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fae9299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 jquery.draggable.bg.js Show response
minimore.com/libs/ 3 KB
1 KB 17ms
14ms Script
application/javascript 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minimore.com/libs/jquery.draggable.bg.js?4
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91163e989d623ce14a1573e1cbcd6c6c74a7131c8cca7c4c4d7bb196978d437c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/b/Gd3dq/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55212
cf-polished: origSize=4687
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 18 Apr 2016 18:47:12 GMT
server: cloudflare
etag: W/"124f-530c6c9e598e2-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BDR8i9LWprvvvRG13G3VRgx4SyB019U3%2F9UK%2BQfCD778QEjBAJjqmMLf13DdiuuQS69RWGwaTQkyUsw7TH8%2F9gwmQq5It0kuXegGTotCyazCWWU5G2xXaaSahjpeKTn3AzdCAKA%2FXNTQh0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 6d34f183f93f9130-FRA
expires: Tue, 01 Feb 2022 07:09:34 GMT

GET
H2 200 jquery.unveil.min.js Show response
c.min.ms/libs/ 590 B
630 B 51ms
32ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/jquery.unveil.min.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9517cbcdf22959f592313637d9600f4a8496df7ca90a4eb9c5f3ceb5700016bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:44 GMT
server: cloudflare
etag: W/"57ecc540-24e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p58VhHWbr0%2B0UYNNMIhRCMBIASAwQocF5dhAzT73824hAVCFcv5u81hMCJR4ayPDJKWUhPIxToTw1yQr8nIMaq5GnrGnpaIRNm8eKqP0rk%2BKyWIlq8nESzjck431D1%2BAWL2ugH%2Fp5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fa89299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 jquery.timeago.min.js Show response
c.min.ms/libs/ 3 KB
2 KB 41ms
21ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/jquery.timeago.min.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8b2a3c2aec418a3c706a8003e3e67707e324bc2d21b0f8d5a9cf26fbec0cc56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:44 GMT
server: cloudflare
etag: W/"57ecc540-db7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjNVbg1l1SsEyz%2BLp3toREeVgtWBWPSKnBCxuJT99%2FrdQiujkqBzMGCsmHHdOIugrb51Jq7prg2zAYYVBSGoxx9Cyah%2FRvtPAbda%2Bwvq5XV%2FXm4HiHy%2FRKj4Fpi2eJQVqRyduUqv0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fa69299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 jquery.stellar.min.js Show response
c.min.ms/libs/ 12 KB
4 KB 40ms
21ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/jquery.stellar.min.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dd583c8ff8eaeeb2f5622845527acbf0e4a875e335b4b706b305590d5a7b456

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 20 Dec 2016 10:10:38 GMT
server: cloudflare
etag: W/"5859039e-3135"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9ll0t6K2ftiQMdZ483bVgEH2TOU4NIoixrm9p7PW%2Fn7eX1g4xkWFzxG2FFfQplZd94Qhm%2BzLWx4Hz63nCTmGVsQPm1711NdBgA6nfDu0GFv0dwkxNQFF1xXNx7sw5VQtRhcXO7QHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fb39299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 jRespond.min.js Show response
c.min.ms/libs/ 2 KB
1 KB 46ms
27ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/jRespond.min.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fac90e3fae6b4554d908c9518ae6ad788d3ccd470bd5eaf62e70c5db9bf90531

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 19 Feb 2016 06:46:58 GMT
server: cloudflare
etag: W/"56c6ba62-62a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abrwMGQzdK8qls%2BdOAJIJftv2N4hAIowW9p9AvHcX9CsB5q2UypBS4nuWwuGEte30dDo25Uq9f3bPfI9vMnEb4moJb9VhWgqdFSUhrF0QPW%2FRVP%2BGrhwhZ9tMerKRhAnFmtX4MPysQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fc49299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 owl.carousel.min.js Show response
c.min.ms/libs/ 39 KB
11 KB 50ms
32ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/owl.carousel.min.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:45 GMT
server: cloudflare
etag: W/"57ecc541-9dd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNQ9kXZE6LCDyTQLDNq1OsIOtcJrTJV0g1YUElMTjfgsDrl7NUd8ERn1asC79Xu6DXOCU5cty9J1ZlWEzMEBwFjSt%2FgQ4%2FyZn0V0240AFUIJnduLFTRlfUirTgNvGt3dXTp%2B2qZqxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fc29299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 moment.min.js Show response
c.min.ms/libs/ 40 KB
15 KB 47ms
28ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/moment.min.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2942f35cd9347557c5ad6a468803878b7f4e4e3a954906421e8282ec286dec42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:49 GMT
server: cloudflare
etag: W/"57ecc545-9f21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEBJ4PQG7sqeZQuoDnpT5BQIrnSKaSnY1HpCyheoZh6105pvH%2BCxXiMKSC4dxgmLvF9ecBu9uG78JMpVV%2B2ECXcokA3r%2FsIIQ3rR2dPXzE%2FHpR8K2IOQSNGjR113KtP9gjl1WZ%2Fhig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fbf9299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 chardinjs.js Show response
c.min.ms/libs/ 9 KB
2 KB 41ms
22ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/chardinjs.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77da02ea0ad34502e023def72ac44a9e73026761ff777a4ea94c8b18196f567c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 29 Sep 2016 07:39:43 GMT
server: cloudflare
etag: W/"57ecc53f-2256"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqO4EkpskpueFiTrQDHTfx%2FWuTBbPIoFDgPYolEik5tIHGc0TvYqxgR5KnZmC8lf1%2F7Nzu01dmXwoicigC2KmHfyD1yDVubZFme0BEqZ6kCtcEYMXuGOtzBQBjBZaCsLkAyIJv3sdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fbc9299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 select2.min.js Show response
c.min.ms/libs/select2/ 65 KB
19 KB 49ms
30ms Script
application/x-javascript 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/libs/select2/select2.min.js?2
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3198
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 09 Jan 2018 09:57:26 GMT
server: cloudflare
etag: W/"5a549206-1042e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6%2BCc%2B3UUCQH9jrucqi0Cir9usA2HQbTwV2Od2f6jomv%2BLj9TSVwVcxoeB0zGgxiuCvY08VVphZAbio%2F%2BR5DKbFuGy2d6rTl1%2BC0wG3CjokJdJ2PGRR05Xt%2FwoIriXP1hF7%2FkRRQPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 6d34f1840fc59299-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 script-v4.js Show response
minimore.com/javascripts/ 29 KB
8 KB 29ms
28ms Script
application/javascript 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minimore.com/javascripts/script-v4.js?8
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4d6b13f6cdf650f873f57ab5b279e37ed9f594759064f2b83a6b4af27030030

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/b/Gd3dq/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55212
cf-polished: origSize=37106
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Apr 2018 04:00:15 GMT
server: cloudflare
etag: W/"90f2-568fddc501640-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmSUcAYBJxXMTWfv%2BhbjLNTFVFt%2BCMdO%2F9mvzZHe4Wnev492a2R%2BnabCYpzQ1lJjUgNRhDWcaJ0xpK3oB5f1JOHWPSWdC2ggpvgEnLYoI4j1ftoD0nvKdaVbhAoscmHpNAiuyTtZdjYdkBk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 6d34f183f9409130-FRA
expires: Tue, 01 Feb 2022 07:09:34 GMT

GET
H2 200 adframe.js Show response
minimore.com/javascripts/ 21 B
382 B 16ms
15ms Script
application/javascript 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minimore.com/javascripts/adframe.js
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aabdc513de62dcc6b946b5fd77b3bc20ecce90254b9088351dc31bfaec99f56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/b/Gd3dq/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55212
cf-polished: origSize=23
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21
last-modified: Fri, 06 Jan 2017 11:27:51 GMT
server: cloudflare
etag: "17-5456b4ee8fd8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMltJ1GkN3QazuicpRTqJ%2BcUejqt2LUixZmWHDgM8QHxH9IPW8uUniKdeoORojhrx8AMx3NowWMN2tXErCwa06PVJfMVhESHi%2FnnNOj5GiDaV5J3KkUGbRUAbUDawkRhsBBaxFd5np%2FnvcY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Tue, 01 Feb 2022 07:09:34 GMT
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6d34f183f9429130-FRA
cf-bgj: minify

GET
H2 200 ats.js Show response
anymind360.com/js/1839/ 133 KB
29 KB 26ms
7ms Script
application/javascript 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/1839/ats.js

Requested by

Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

bdb6bc28e264db2155ebe437a649b4a41237eea35aa1ad34fdce28984216e054

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: gzip
age: 116818
x-guploader-uploadid: ADPycdshOoZfhsfkRQivCGY_VGwcuXVdSCfahrQgD4oKoegBEY1e64TQBmM4O9UUODTPq5gan2o93pED94SAgOYvoe58lVpPgg
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 29172
x-served-by: cache-tyo11941-TYO, cache-hhn4080-HHN
access-control-allow-origin: *
expires: Mon, 24 Jan 2022 14:03:00 GMT
last-modified: Tue, 11 Jan 2022 03:53:44 GMT
server: UploadServer
x-timer: S1643149799.049032,VS0,VE1
etag: "8c9ba1a8bc59a307b6fdd7e52bb83c83"
vary: Accept-Encoding
x-goog-hash: crc32c=zup/SA==, md5=jJuhqLxZowe2/dflK7g8gw==
x-goog-generation: 1641873224311724
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=43200
x-goog-stored-content-length: 29172
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-cache-hits: 1, 1

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

52cba3c2d7f1ff44855534f5ed2300b0de74dde793a8f7aa45e0f7ab63520704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3j8pUDqQYrvVPCwyY9Y8NQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 25 Jan 2022 22:37:56 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: I/zjxNRP0PdP+tEOjNqUW6ZG3oWngiTkUQ5ZUGUxJn2EbeIPLnF2GBrEXRSV77pt/ODaXygRS1mSWBqkLmkgMg==
x-fb-trip-id: 2050670934
x-fb-content-md5: 0aa63b3af050a5c8945fe658ee7b017c
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 25 Jan 2022 22:29:59 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "2722455c41e204563fb52423d94ddae5"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 4134d93f.jpg
c.min.ms/t/h150/member/c/152/152915/pagegallery/1643134360/ 4 KB
5 KB 224ms
207ms Image
image/jpeg 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.min.ms/t/h150/member/c/152/152915/pagegallery/1643134360/4134d93f.jpg
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8465ff4935fbf33df92cf419e4f3a55b007b7d00fced3c66fffcb3e4a498e663

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4324
last-modified: Tue, 25 Jan 2022 18:12:45 GMT
server: cloudflare
etag: "61f03d9d-10e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agrFs7jtGHlKdD48aMnthtnrm%2B5sSDYu7POYZJCTITlunH257zyVZUGgJPDkobAeyt34Ant3vxVDPP8U3UmXdT%2FYlNlyN50FC84qaCr%2FY8B1WdY%2BKRaDOD05weC6tI1P1SSfuzsvgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d34f1852be99253-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 like.png
minimore.com/images/feeling-icon/2016/ 10 KB
11 KB 25ms
24ms Image
image/png 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minimore.com/images/feeling-icon/2016/like.png
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 627d9cdb57a45fdf9957953b33e869467d636e4501c9242b5817ab682fe2c0f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/b/Gd3dq/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32787
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10738
last-modified: Thu, 01 Sep 2016 11:53:22 GMT
server: cloudflare
etag: "29f2-53b70dc5c4c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvrCBKjkDvVvqR79E%2BbFN%2F4l5GytG7ikYMlnMCNpRqlysX5Ssg%2BZgoq17sCK0BSaQE%2B8nzUypdSeoOooqqN8WOhz6vYKgNq%2Fcb5GkWnZpchcAhFJT5WsvhSsxF5hwV1gbxwxWOqvo7HENa4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6d34f18518205c26-FRA
expires: Tue, 01 Feb 2022 13:23:18 GMT

GET
H3 200 haha.png
minimore.com/images/feeling-icon/2016/ 20 KB
21 KB 15ms
14ms Image
image/png 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minimore.com/images/feeling-icon/2016/haha.png
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64624efdab871a51231a587adce134bd13b4f06d45dc5b4a32c39e12c5352abf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/b/Gd3dq/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 143742
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20421
last-modified: Thu, 01 Sep 2016 11:16:53 GMT
server: cloudflare
etag: "4fc5-53b7059e30d41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZukMJtsIBKQ8R60ugu0fyzAVZCyvEIORX8d%2BemYkZqTJN4Keb2d%2Frrr07G1uX1Q%2BaBpvzLVX4g%2FCtf7LUy3lXd20W%2BMdXgXBZxl4lGLDsquKXdN630GWzgSkr5e6Sp3nwmeszFB%2BugewcpA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6d34f18518215c26-FRA
expires: Mon, 31 Jan 2022 06:34:04 GMT

GET
H3 200 love.png
minimore.com/images/feeling-icon/2016/ 19 KB
20 KB 27ms
26ms Image
image/png 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minimore.com/images/feeling-icon/2016/love.png
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d61b9994ce41b7000b90f2091aa76df1f441925f9879a20db4f9adc05a1645e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/b/Gd3dq/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32788
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19644
last-modified: Thu, 01 Sep 2016 11:16:53 GMT
server: cloudflare
etag: "4cbc-53b7059e2fda1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FO%2BD82rSgZDn5hd8m%2FoLhZHJWVi1QOmvY6M5wn%2FmazzSGS%2FGlQy12W1yB5wn%2BvoJZfnU3LdcPnsXBM1M9DMS0%2FQ61Fu80b%2BPjt%2BpXNNtYIEL29YnZWNrCr089PZ%2FYMv%2BiyPe92n9nv3t2Wc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6d34f18518225c26-FRA
expires: Tue, 01 Feb 2022 13:23:17 GMT

GET
H3 200 fin.png
minimore.com/images/feeling-icon/2016/ 20 KB
20 KB 35ms
34ms Image
image/png 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minimore.com/images/feeling-icon/2016/fin.png
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43fcd2a8b70856067eb28797f7895556e93a8b03e433744a79be649df2398b69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/b/Gd3dq/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35102
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20282
last-modified: Thu, 01 Sep 2016 11:16:53 GMT
server: cloudflare
etag: "4f3a-53b7059db1e01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c86FY%2BABQ5PihCoR8Fguv0vloA5lIIn214BffzsVgYT8keLJDwOvf4L5irvoT8imJ31liPOQT3kuaqOT1tZCYcKs%2Bi15qJeXqZZ668riyr5%2B1xXuBGRvLE2Fj0REcX%2B5A6zu81vl%2FDdDIbY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6d34f18518235c26-FRA
expires: Tue, 01 Feb 2022 12:44:44 GMT

GET
H3 200 wow.png
minimore.com/images/feeling-icon/2016/ 18 KB
18 KB 38ms
37ms Image
image/png 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minimore.com/images/feeling-icon/2016/wow.png
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8be7e5733335a4a991f4b33df7d95fa406a107e2e0d1a7d97f9c485cd0c6d8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/b/Gd3dq/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32788
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18073
last-modified: Thu, 01 Sep 2016 11:16:53 GMT
server: cloudflare
etag: "4699-53b7059db7bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8frR%2FsSj9rF14qZmqDiniPwQZCu6De3ZGPIU4rTzXVVNA6BbFi4U4GDvzY3zIU%2F%2BetoZIIfn05zCEfrkvcy4sdBlBvsN6%2B6vetd%2F2n%2B4BE8%2FR%2BqR0o%2F6x2Gu%2By%2F%2BEvBEGZDd%2BGK92UnUqxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6d34f18518255c26-FRA
expires: Tue, 01 Feb 2022 13:23:17 GMT

GET
H3 200 meh.png
minimore.com/images/feeling-icon/2016/ 16 KB
17 KB 41ms
40ms Image
image/png 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minimore.com/images/feeling-icon/2016/meh.png
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13aef4b6665f35639d7820771e8c941cc081fb4e63776e43ea6c87c3dba5aea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/b/Gd3dq/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32788
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16810
last-modified: Thu, 01 Sep 2016 11:16:53 GMT
server: cloudflare
etag: "41aa-53b7059e2cec1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DTEz%2FLeCUBMc9IQpjzXsKODDwW%2BIioce2Rjv0qxchE9%2B6kjBI%2BuZTh3cMNmUSjA%2BcQV9YFpRpc%2FvVYz9aO50k3t6B4r%2BI%2FgYIlrR6YhB7txTpQ7tFMNS6rgWWOmwLkSZC5s8l3gmDzOdXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6d34f18518275c26-FRA
expires: Tue, 01 Feb 2022 13:23:17 GMT

GET
H3 200 setstatimage.api.php
minimore.com/apis/ 924 B
2 KB 931ms
930ms Image
image/png 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minimore.com/apis/setstatimage.api.php?chapter_id=152915&r=61f079d95377f
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: 08b9a06ea03c286ff3dea88f9ea3d86896d44e9f73543f8ecd43cb71b0b4c009

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/b/Gd3dq/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

mm-dbg-002: USER TRUE DB
date: Tue, 25 Jan 2022 22:30:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/5.5.38
content-type: image/png
mm-dbg-001: api view: setstatimage
mm-dbg-003: restoreMinimoreSession
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mm-dbg-004: restoreMinimoreSession - session userid not found
mm-dbg-000: DEVTEST =
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EygbX9y%2FwmI3WLfVXvdPgnZt6w8PAu%2FTYmKDdFblmzjnPsLsbdP5pOkNdObKJak6A9VxhQoFKqrjyieU1njWHhJZBVpBqJUGVnJpLR60JjseRnRVBxO4a%2FipdciG5OK3syr%2BbMuuHWIpFVc%3D"}],"group":"cf-nel","max_age":604800}
mm-dbg-006: restoreMinimoreSession - End
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6d34f18518285c26-FRA
mm-dbg-005: restoreMinimoreSession - no time indicator
expires: 0

GET
H3 200 email-decode.min.js Show response
minimore.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
10ms Script
application/javascript 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://minimore.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/b/Gd3dq/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Jan 2022 15:52:06 GMT
server: cloudflare
etag: W/"61e833a6-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOlsOKZYEEjmrsAEITc8Ytg7Eennx3x6q4XDnNdzHuYnX0hZFt3cOmZvoiOTKjvLwVYxiv1JXbwuRTjOGw5ojzHbE1oOHsKMzWgn%2BmI88%2B4Z2LCehztAnOU8n4JwkE0MHm08ZbGL0Tq2D68%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d34f184cf9a5c26-FRA
vary: Accept-Encoding
expires: Thu, 27 Jan 2022 22:29:59 GMT

GET
H3 200 functions.js Show response
minimore.com/javascripts/canvas/ 63 KB
15 KB 25ms
25ms Script
application/javascript 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minimore.com/javascripts/canvas/functions.js?5
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b67fa9a77fc336726af6baf8a3a24df07c67aa7d439ce560d2d11de67bf55a67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/b/Gd3dq/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 147785
cf-polished: origSize=85453
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 20 Dec 2016 10:14:10 GMT
server: cloudflare
etag: W/"14dcd-544144c194ef0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JYg%2BFhVLWy1JSJxxO5QVhVbOsHPLBLy6TeeAk8Azj8Z3qKbAGFhgU4rIfc%2FXU2j9eMk7s2WPbW0huqoYLQCLjEnmGQTH%2Brl9LCp5UXvVGUVOI%2BAmo65UFu18Mail51Z4VSEWYjzCHreSDw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 6d34f184dfb45c26-FRA
expires: Mon, 31 Jan 2022 05:26:41 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158497/5963/ 245 KB
76 KB 56ms
25ms Script
text/javascript 2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158497/5963/pwt.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/1839/ats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0cf0d2c57ff789c0fe0cb96a31924f416cf0d4810177d4dd5556a18b22578cb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:23:56 GMT
server: Apache/2.2.15 (CentOS)
etag: "15c1dd9-3d366-5d07d6325cb90"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=31121
accept-ranges: bytes
content-type: text/javascript
content-length: 77261
expires: Wed, 26 Jan 2022 07:08:40 GMT

GET
H3 200 minimoreicon.woff
minimore.com/font/minimore/ 14 KB
15 KB 42ms
41ms Font
application/x-font-woff 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minimore.com/font/minimore/minimoreicon.woff?-ivzbtp
Requested by: Host: minimore.com
URL: https://minimore.com/stylesheets-v2/custom_mnm-v4-ne.css?7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0686e48316c6e36b37e64e0bf109248aca130a9944aca0cf04c7c0754712f6ee

Request headers

Referer: https://minimore.com/stylesheets-v2/custom_mnm-v4-ne.css?7
Origin: https://minimore.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Feb 2015 10:06:26 GMT
server: cloudflare
age: 35540
etag: W/"39b4-50fd2abf53b07-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvZNe6QNpH5cncp8Kvp9w%2F7ua5xV39m6l97RRBrGHSov9o7kvMgvsTim4TYjNC1KGWhYqxtYGQyeYHqGNE0rW6qIqDumQGLBUn197mdWisgy5LOYomKTcw4KmYrWkCDogTWFec1%2FXmjOIN8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-woff
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d34f18518355c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 26 Jan 2022 12:37:25 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 198ms
77ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400italic,600,700|Raleway:300,400,500,600,700|Crete+Round:400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minimore.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:12:20 GMT
x-content-type-options: nosniff
age: 8259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 20:12:20 GMT

GET
H3 200 font-icons.woff
c.min.ms/stylesheets-v2/canvas/fonts/ 176 KB
176 KB 44ms
33ms Font
application/octet-stream 2606:4700:3036::ac43:d4f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.min.ms/stylesheets-v2/canvas/fonts/font-icons.woff
Requested by: Host: c.min.ms
URL: https://c.min.ms/stylesheets-v2/canvas/font-icons.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d4f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13de66596d19798ffdcad167e0913ab7afddc5ad944f669242dbeb87814843d4

Request headers

Referer: https://c.min.ms/stylesheets-v2/canvas/font-icons.css
Origin: https://minimore.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4039
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 179736
last-modified: Thu, 29 Sep 2016 07:39:49 GMT
server: cloudflare
etag: "57ecc545-2be18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjQT2inGFojV0d3qC4TN9Qo8cOk30P6dLMCmv1LsKrpnU9QVRQAO1fm6F4ZAbCmCCW%2BvhBLf1hmLD7rvBXbUvxCSfte2DknzH0xKuV5eGBwK2r9D2RIlk8AtnKQzUYR2BcLF2FCk5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d34f1853dab91ef-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
24 KB 161ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400italic,600,700|Raleway:300,400,500,600,700|Crete+Round:400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minimore.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 20:12:18 GMT
x-content-type-options: nosniff
age: 526661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 20:12:18 GMT

GET
H3 200 DroidSans.ttf
minimore.com/font/ 128 KB
129 KB 31ms
31ms Font
application/x-font-ttf 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minimore.com/font/DroidSans.ttf
Requested by: Host: minimore.com
URL: https://minimore.com/stylesheets-v2/custom_mnm-v4-ne.css?7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1977f16bb2b7b6cbc9051a2db1d8e291aed9dd1c0ca858daa63ccb127ae614b

Request headers

Referer: https://minimore.com/stylesheets-v2/custom_mnm-v4-ne.css?7
Origin: https://minimore.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Feb 2014 09:51:14 GMT
server: cloudflare
age: 15238
etag: W/"2000c-4f23283750647-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3DERRkblfyTcySUunLzWLv9ChS%2BirRAA0G1jmGIibJsG%2B%2F8Wtghvug9EY%2FJ%2Bgk286JqAdotNxJSNJifBcHyRzdoCKxhBqGx3V1to%2BMCC44OVP9DIPZNMJ%2Fv9c%2FX1wmn8V%2FvGe8VzaICAeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d34f185385c5c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 26 Jan 2022 18:15:48 GMT

GET
H2 200 55xqey1sJNPjPiv1ZZZrxK1-4b_oLg.woff2
fonts.gstatic.com/s/creteround/v9/ 13 KB
13 KB 247ms
144ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/creteround/v9/55xqey1sJNPjPiv1ZZZrxK1-4b_oLg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400italic,600,700|Raleway:300,400,500,600,700|Crete+Round:400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c10adb508ce231a8dd9db9d0b49871b45971578107ff302150d68698be68a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minimore.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 06:00:47 GMT
x-content-type-options: nosniff
age: 577752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12896
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:49:32 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 06:00:47 GMT

GET
H3 200 DroidSans-Bold.ttf
minimore.com/font/ 134 KB
134 KB 44ms
43ms Font
application/x-font-ttf 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minimore.com/font/DroidSans-Bold.ttf
Requested by: Host: minimore.com
URL: https://minimore.com/stylesheets-v2/custom_mnm-v4-ne.css?7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3166b9ae5d697ad31eebc3b95efbb58b823c0bbf8c3b1c7916c7640a2f89416

Request headers

Referer: https://minimore.com/stylesheets-v2/custom_mnm-v4-ne.css?7
Origin: https://minimore.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Feb 2014 09:51:14 GMT
server: cloudflare
age: 32788
etag: W/"21670-4f232836ebce7-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gz%2BEqADtDiUH2%2Bl4utp%2Bsrc%2B8FpMC8ZuOrt0cDVvp2DD9iS2wwrY9UQfeKIQeGXZKtLdBWUBbRNAFMm93cpRHcoHaWlFPT%2Fj8jrKMuTMF3LyZ8dAmOenPCY9SUMwZCjHEOrXQKVbjz%2BfV8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d34f18548855c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 26 Jan 2022 13:23:18 GMT

GET
H2 200 nKKZ-Go6G5tXcraBGwCYdA.woff2
fonts.gstatic.com/s/kanit/v7/ 13 KB
13 KB 238ms
138ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v7/nKKZ-Go6G5tXcraBGwCYdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kanit:400,500,300&subset=thai,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

185c8f0ba5c84bb93c5ce2c23f353a9f5db8d4b7cdb4a03d816867c2a3871ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minimore.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:02:00 GMT
x-content-type-options: nosniff
age: 41279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13252
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:14:13 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 11:02:00 GMT

GET
H2 200 nKKU-Go6G5tXcr4-ORWnVaE.woff2
fonts.gstatic.com/s/kanit/v7/ 18 KB
19 KB 204ms
104ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v7/nKKU-Go6G5tXcr4-ORWnVaE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kanit:400,500,300&subset=thai,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cf3ccdaa22b37724649b4c2a0b37ac8122dbb811ee64cec167b6cdebddc3f08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minimore.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 05:49:49 GMT
x-content-type-options: nosniff
age: 578410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18824
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:19:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 05:49:49 GMT

GET
H2 200 nKKU-Go6G5tXcr4-ORWzVaF5NQ.woff2
fonts.gstatic.com/s/kanit/v7/ 13 KB
13 KB 248ms
151ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v7/nKKU-Go6G5tXcr4-ORWzVaF5NQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kanit:400,500,300&subset=thai,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c186dde8f8122ed32d48751d14243a7fe40d85f5137199d0a6473484d3dcb41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minimore.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 11:26:39 GMT
x-content-type-options: nosniff
age: 558200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12980
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:54:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 11:26:39 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 46 KB
46 KB 158ms
121ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,400italic,600,700|Raleway:300,400,500,600,700|Crete+Round:400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minimore.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:12:54 GMT
x-content-type-options: nosniff
age: 8225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 20:12:54 GMT

GET
H3 200 fontawesome-webfont.woff2
minimore.com/font/fontawesome/ 70 KB
71 KB 34ms
33ms Font
application/octet-stream 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minimore.com/font/fontawesome/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: minimore.com
URL: https://minimore.com/stylesheets-v2/custom_mnm-v4-ne.css?7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://minimore.com/stylesheets-v2/custom_mnm-v4-ne.css?7
Origin: https://minimore.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
cf-cache-status: HIT
last-modified: Tue, 17 May 2016 08:04:55 GMT
server: cloudflare
age: 35541
etag: W/"118d8-533053256b863-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwMN5w6DNMCu4a30SFbVc7Z8jv8CRviooEKuxlxLNybwuxiaAfPVqW%2BoyWfFV1F7A34cXQTTdDvGhbxS9P7yq7YSExF6wbiHJK9ArVGNzKc5XLvqHMlhhCAWoRR68yWyuJ%2FMOmQFT7C3CKk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d34f185a91d5c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 26 Jan 2022 12:37:25 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
80 KB 44ms
12ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=eb490f0dd4c2fde579257eeae76a3168

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9531d78014d5700ec3b9c01c8d8aa418730058dd0ea800af2a7dd43d8def9f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://minimore.com/
Origin: https://minimore.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Dy1DFlnOaKwAneyQVF82iw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 25 Jan 2023 20:45:59 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82045
x-fb-rlafr: 0
x-fb-debug: SboYCw/fTg17x9pnF+n0nvSa4AmuPYh+8GnjFAj2pKsORq1oK5W83HPPuw5xFnMcaJz7RA+wiWYMBeWB/HAmgQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 651c5667e1fd5acb1ee283988abbca0e
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 25 Jan 2022 22:29:59 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "3a9a7229e0715279a853e5c9dccb44b1"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
33ms Script
text/javascript 2a00:1450:400f:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3408
date: Tue, 25 Jan 2022 21:33:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 25 Jan 2022 23:33:11 GMT

POST
H3 200 setstat Show response
minimore.com/apis/ 63 B
892 B 1659ms
1658ms XHR
text/plain 2606:4700:3034::6815:5d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minimore.com/apis/setstat
Requested by: Host: c.min.ms
URL: https://c.min.ms/libs/jquery-1.9.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:5d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.5.38
Resource Hash: 2e79f8258727924b28fd16911c591d077ff2c32509f7f16544c79bb68e4366e5

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://minimore.com/b/Gd3dq/1
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

mm-dbg-002: USER TRUE DB
date: Tue, 25 Jan 2022 22:30:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/5.5.38
content-type: text/plain; charset=utf-8
mm-dbg-001: api view: setstat
mm-dbg-003: restoreMinimoreSession
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mm-dbg-004: restoreMinimoreSession - session userid not found
mm-dbg-000: DEVTEST =
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxISxG9LOtHh55mSslDCseFyqywFhnLlO6k9pLp4GsExKZ0zAE6hnI4VQ6%2Bl2giKHDUyVTwMCzBpGIQUUGrKn%2FAT4gFfiZXb5r89hlmTDHhBpvRaE92XSY0WNlAv2gKjkDvjMntAcE%2BjECM%3D"}],"group":"cf-nel","max_age":604800}
mm-dbg-006: restoreMinimoreSession - End
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6d34f185c9605c26-FRA
mm-dbg-005: restoreMinimoreSession - no time indicator
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 187ms
93ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/1839/ats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

3249631fbc5c94178ff4773d364d3d4fd0facbb4f900260ad690514d0a006c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27054
x-xss-protection: 0
server: sffe
etag: "1113 / 153 of 1000 / last-modified: 1643136798"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 25 Jan 2022 22:29:59 GMT

GET
H2 200 atsprebid.js Show response
anymind360.com/js/ 424 KB
133 KB 8ms
7ms Script
application/javascript 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/atsprebid.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/1839/ats.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5305e5358afc5f5129d897773d195b044ef43f74e72634fef9410ef3c8da1c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: gzip
age: 127247
x-guploader-uploadid: ADPycdu_CtZPUJgLRdA45JA3rKTiDLXtVnBTis2Ter34VO2WYN9bk19_a8F2Ec95LUltm7Brg14klZjHzfM1qQRLzK8
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
strict-transport-security: max-age=300
content-length: 135429
x-served-by: cache-tyo11969-TYO, cache-hhn4080-HHN
access-control-allow-origin: *
expires: Mon, 24 Jan 2022 11:09:12 GMT
last-modified: Thu, 13 Jan 2022 11:08:34 GMT
server: UploadServer
x-timer: S1643149799.374708,VS0,VE1
etag: "3dfb6bec0a9f873c3f15350204aaea44"
vary: Accept-Encoding
x-goog-hash: crc32c=wRYb1g==, md5=Pftr7Aqfhzw/FTUCBKrqRA==
x-goog-generation: 1642072114188471
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: max-age=43200
x-goog-stored-content-length: 135429
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 7, 1

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 25ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=164221187085346&ev=fb_page_view&dl=https%3A%2F%2Fminimore.com%2Fb%2FGd3dq%2F1&rl=&if=false&ts=1643149799398&sw=1600&sh=1200&at=

Requested by

Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 25 Jan 2022 22:29:59 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 54ms
16ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fminimore.com%2F&domain=minimore.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://minimore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://minimore.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1521
date: Tue, 25 Jan 2022 22:29:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
940 B 39ms
18ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46296
x-amz-request-id: txca2727b717ab4faab02af-0061dd52cb
x-amz-id-2: txca2727b717ab4faab02af-0061dd52cb
last-modified: Mon, 06 Dec 2021 11:00:36 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evEnkdsCrVOw%2F7VizR3WBW5m0xB%2F5dWOtG7DS5zeilVJ7y%2F9E6VT%2FneDnSaPG1BP2zF99y4fbXBnJNKDvZtDNFdgvaXx44VIS8CSGC5qttrxQ4D2d6gdpsUZSjtLRkTZao9pbramZITVsN3V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1638788436623244
cf-ray: 6d34f1868f9b91d1-FRA

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fminimore.com%2F&domain=minimore.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=KXuWY3x3dlRNQUZWR1U5TG5BOS9GV3VOci9TNUQ1bGhNVWF1UXM3a0dsQVNhSXNjSmNWR1dsdkJBb2NVS2NDTGZNRHBsMHpHS2llRStqamdCbEVpU0YrY01XZFBBMjE1Um9LaEdNS0xzZjZ6Y2VxRHBXa0lteWNtbHBnWU...

350 B
618 B

46ms
16ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=KXuWY3x3dlRNQUZWR1U5TG5BOS9GV3VOci9TNUQ1bGhNVWF1UXM3a0dsQVNhSXNjSmNWR1dsdkJBb2NVS2NDTGZNRHBsMHpHS2llRStqamdCbEVpU0YrY01XZFBBMjE1Um9LaEdNS0xzZjZ6Y2VxRHBXa0lteWNtbHBnWU9idnpMeFF1aTBFTSs0NHZVZ2k0TExGdGw5MENFbitzRktRWFU2T3ZKWjZ5cVQ1d2VDemJVNkdhSlRnVlZSTFVwWElDeUhKdTZ6dHJ0K0hrVUZaNjZrUSs2ZllJcERDeThxQW1PNmFWREZuNlg1bjlPcjdBPXw&cppv=2

Requested by

Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

39b89b930643f8ca586b4a322daca59ec22bd13381f16711466b92474ea5541b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2369
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:58 GMT
location: https://mug.criteo.com/sid?cpp=KXuWY3x3dlRNQUZWR1U5TG5BOS9GV3VOci9TNUQ1bGhNVWF1UXM3a0dsQVNhSXNjSmNWR1dsdkJBb2NVS2NDTGZNRHBsMHpHS2llRStqamdCbEVpU0YrY01XZFBBMjE1Um9LaEdNS0xzZjZ6Y2VxRHBXa0lteWNtbHBnWU9idnpMeFF1aTBFTSs0NHZVZ2k0TExGdGw5MENFbitzRktRWFU2T3ZKWjZ5cVQ1d2VDemJVNkdhSlRnVlZSTFVwWElDeUhKdTZ6dHJ0K0hrVUZaNjZrUSs2ZllJcERDeThxQW1PNmFWREZuNlg1bjlPcjdBPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://minimore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1855
content-length: 482
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
276 B 48ms
11ms XHR
application/json 35.158.60.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.3&referrer=https%3A%2F%2Fminimore.com%2Fb%2FGd3dq%2F1&tmax=2000

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.158.60.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-60-56.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:59 GMT
x-auction-status: 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://minimore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
329 B 115ms
84ms XHR
application/json 2.21.111.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=474656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2238fcf6e70d8067%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fminimore.com%2Fb%2FGd3dq%2F1%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.3%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anymanager.io%22%2C%22sid%22%3A%221839%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2247e08be3c1825a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474656%22%2C%22sid%22%3A%2222288338634%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225ac10c2bbaed41%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474656%22%2C%22sid%22%3A%2222288338634%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226518a9d0725114%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474656%22%2C%22sid%22%3A%2221788902838%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227d3e9d20d2fd5f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474656%22%2C%22sid%22%3A%2221788902838%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%228eb2ad4c965af5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474656%22%2C%22sid%22%3A%2221788902838%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2297078da9177801%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474656%22%2C%22sid%22%3A%2222288741170%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2210b14a7454306f7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474656%22%2C%22sid%22%3A%2222288741170%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221169b26b51014a4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474656%22%2C%22sid%22%3A%2222288741170%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2212fcecf448290e5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474656%22%2C%22sid%22%3A%2222288741170%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22133f480b542dbdb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22474656%22%2C%22sid%22%3A%2222288741170%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-111-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a77cb4e0ec4c549699e60af62918986629af286f6f6643783b368c6e2230a902

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:59 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.163], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://minimore.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Tue, 25 Jan 2022 22:29:59 GMT

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
339 B 136ms
29ms XHR
text/plain 18.201.7.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.201.7.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-201-7-199.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://minimore.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Tue, 25 Jan 2022 22:29:59 GMT
X-SMT-SessionId: ef3510df-0eb0-4de1-8271-6d9817891758

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
339 B 143ms
32ms XHR
text/plain 18.201.7.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.201.7.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-201-7-199.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://minimore.com
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Tue, 25 Jan 2022 22:29:58 GMT
X-SMT-SessionId: 94c5a64e-927e-4018-93a1-6b3776d44e2d

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 130ms
82ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://minimore.com
date: Tue, 25 Jan 2022 22:29:59 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 540 B
3 KB 87ms
34ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=373988&zone_id=2047292%3B2049524%3B2047122&size_id=2%3B15%3B15&alt_size_ids=55%3B2%2C16%2C43%2C117%3B9%2C8%2C10%2C16&rp_schain=1.0,1!anymanager.io,1839,1,,,&rf=https%3A%2F%2Fminimore.com%2Fb%2FGd3dq%2F1&tg_i.pbadslot=ats-overlay_bottom-2%3Bats-insert_ads-4%3Bats-insert_ads-7&tk_flint=pbjs_lite_v4.43.3&x_source.tid=5074a35b-1dd7-4942-b5ae-6865fe0a489f%3B9b96faee-a516-4aac-bdb8-52c6af890a05%3B30d8c6ac-673d-4497-9477-f72c6967f648&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.9566994737577512
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b3a11dc08fd87451321c1c5f318fe5c9c3142fd29f76edf45f69d7cae3008496

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:29:59 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://minimore.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 540
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
732 B 52ms
18ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:29:59 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b61e475c-e0f2-43ca-970a-8d16f20e199b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://minimore.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
334 B 58ms
17ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:59 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://minimore.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
577 B 63ms
22ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:58 GMT
content-encoding: br
x-smrt-d: 4%3b11%3b85
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://minimore.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
578 B 63ms
22ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
x-smrt-d: 4%3b21%3b104
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://minimore.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
577 B 74ms
34ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:58 GMT
content-encoding: br
x-smrt-d: 4%3b15%3b79
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://minimore.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
576 B 61ms
21ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
x-smrt-d: 4%3b3%3b81
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://minimore.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
577 B 62ms
23ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:58 GMT
content-encoding: br
x-smrt-d: 4%3b18%3b95
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://minimore.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
577 B 74ms
20ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:58 GMT
content-encoding: br
x-smrt-d: 4%3b24%3b95
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://minimore.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
334 B 76ms
17ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:58 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://minimore.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
583 B 83ms
25ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
x-smrt-d: 4%3b23%3b105
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://minimore.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
577 B 84ms
26ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:58 GMT
content-encoding: br
x-smrt-d: 4%3b15%3b89
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://minimore.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H2 200 arj Show response
adasia-d.openx.net/w/1.0/ 73 B
376 B 82ms
30ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adasia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fminimore.com%2Fb%2FGd3dq%2F1&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5074a35b-1dd7-4942-b5ae-6865fe0a489f%2C9b96faee-a516-4aac-bdb8-52c6af890a05%2C30d8c6ac-673d-4497-9477-f72c6967f648&nocache=1643149799452&schain=1.0%2C1!anymanager.io%2C1839%2C1%2C%2C%2C&aus=970x90%2C728x90%7C300x250%2C336x280%2C728x90%7C300x250%2C336x280%2C120x600%2C160x600%2C300x600&divids=ats-overlay_bottom-2%2Cats-insert_ads-4%2Cats-insert_ads-7&aucs=ats-overlay_bottom-2%2Cats-insert_ads-4%2Cats-insert_ads-7&auid=544050485%2C544050498%2C544050474
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 74e21afa9969b32f95c20927b46cfb25ada8e98a2dc04cd0e08482fb72bebdca

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://minimore.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
213 B 49ms
15ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.3&cb=58984007101

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://minimore.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 89ms
43ms XHR
text/plain 2a00:1450:400f:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1802967729&t=pageview&_s=1&dl=https%3A%2F%2Fminimore.com%2Fb%2FGd3dq%2F1&ul=en-us&de=UTF-8&dt=Scream%20(2022)%20%E0%B8%AB%E0%B8%A7%E0%B8%B5%E0%B8%94%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B8%82%E0%B8%B5%E0%B8%94%20%E0%B9%80%E0%B8%95%E0%B9%87%E0%B8%A1%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%20-%20%E0%B8%94%E0%B8%B9%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%20-%20%E0%B8%AB%E0%B8%A7%E0%B8%B5%E0%B8%94%E0%B8%AA%E0%B8%B8%E0%B8%94%E0%B8%82%E0%B8%B5%E0%B8%94%205%20-%20Minimore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1374990876&gjid=1087238900&cid=183532480.1643149799&tid=UA-44891769-1&_gid=948121949.1643149799&_r=1&_slc=1&z=1848162735

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://minimore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
23 KB 34ms
19ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50179
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx0a072350e053471da9e62-0061d6cd27
x-amz-id-2: tx0a072350e053471da9e62-0061d6cd27
last-modified: Mon, 06 Dec 2021 11:00:35 GMT
server: cloudflare
etag: W/"d56fadf5a52703aee9982c415a17065a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPZCGXorM7tqfkYvAGXDL51Lte%2BhHJ84s8%2FfoUtyvrZJwJ6RJcL41y1WHSAcJCbA4yze3H0608NkX2094fZmhYkyEval%2BmPZ16%2FTe1s4e2KTpsplWjFvuVq55hOCyhQT2lY0g14FByn578oF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1638788435319991
cf-ray: 6d34f1870ada5c44-FRA
access-control-allow-headers: Authorization

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 47ms
15ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1013
date: Tue, 25 Jan 2022 22:29:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 pubads_impl_2022011002.js Show response
securepubads.g.doubleclick.net/gpt/ 352 KB
118 KB 86ms
38ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121009
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 21:10:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 20:34:16 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 116 B
121 B 90ms
46ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=minimore.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f59ee9a7ff6df262c23892bf490a140744ea31d2611be6265b074113a9e244bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
expires: Tue, 25 Jan 2022 22:29:59 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-44891769-1&cid=183532480.1643149799&jid=1374990876&gjid=1087238900&_gid=948121949.1643149799&_u=IEBAAAAAAAAAAC~&z=1418940043

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 25 Jan 2022 22:29:59 GMT
content-type: text/plain
access-control-allow-origin: https://minimore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 133ms
49ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44891769-1&cid=183532480.1643149799&jid=1374990876&_u=IEBAAAAAAAAAAC~&z=417861401

Requested by

Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 123ms
46ms Image
image/gif 2a00:1450:400f:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-44891769-1&cid=183532480.1643149799&jid=1374990876&_u=IEBAAAAAAAAAAC~&z=417861401

Requested by

Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:29:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 135ms
48ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=minimore.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 131ms
45ms Script
application/javascript 2a00:1450:400f:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=minimore.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 22:29:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 127 KB
33 KB 547ms
547ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1403719842208934&correlator=4223873017400424&output=ldjh&impl=fifs&eid=31063821%2C44752541&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220125&iu_parts=21622890900%3A22440369188%2CTH_minimore.com_pc_anchor_bottom_sticky_728x90%2C970x90%2CTH_minimore.com_res_allsite_interstitial&enc_prev_ius=%2F0%2F1%2F%2F2%2C%2F0%2F3&prev_iu_szs=728x90%7C970x90%2C1x1&ists=1&fas=0%2C8&eri=1&cust_params=url%3D%252Fb%252FGd3dq%252F1%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&dt=1643149799808&lmt=1643149799&dlt=1643149799005&idt=766&frm=20&biw=1600&bih=1200&oid=2&adxs=0%2C-9&adys=4%2C-9&adks=1920108457%2C2949952710&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fminimore.com%2Fb%2FGd3dq%2F1&vis=1&scr_x=0&scr_y=0&psz=1600x1%7C0x-1&msz=728x0%7C0x-1&ga_vid=183532480.1643149799&ga_sid=1643149800&ga_hid=1802967729&ga_fc=true&fws=132%2C2&ohw=1600%2C0&btvi=0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a3cb618eb32df6e446ea61ca314a8a4d7be2375a7b44ef04a1d9cd493d849324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 211995,213202
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33420
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: 327881
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://minimore.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 935ms
935ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1403719842208934&correlator=4223873017400424&output=ldjh&impl=fifs&eid=31063821%2C44752541&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220125&iu_parts=21622890900%2CTH_minimore.com_res_article_top_728x90%2C336x280%2C300x250%2C320x100%2C320x50&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4%2F%2F5&prev_iu_szs=728x90%7C300x250%7C336x280&prev_scp=ad_group%3Dad_opt&eri=1&cust_params=url%3D%252Fb%252FGd3dq%252F1%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&dt=1643149799813&lmt=1643149799&dlt=1643149799005&idt=766&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1414&adks=257447385&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fminimore.com%2Fb%2FGd3dq%2F1&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=183532480.1643149799&ga_sid=1643149800&ga_hid=1802967729&ga_fc=true&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

60ae27a5e13cc46f02f480cfa0d1c61008e6ae125ac71a12f0fd289b3912e392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 213202
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 327881
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://minimore.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 331ms
330ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1403719842208934&correlator=4223873017400424&output=ldjh&impl=fifs&eid=31063821%2C44752541&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220125&iu_parts=21622890900%3A22440369188%2CTH_minimore.com_pc_article_right_sticky_300x600%2C160x600%2C120x600%2C300x250%2C336x280&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4%2F%2F5&prev_iu_szs=300x250%7C336x280%7C300x600%7C160x600%7C120x600&eri=1&cust_params=url%3D%252Fb%252FGd3dq%252F1%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&dt=1643149799815&lmt=1643149799&dlt=1643149799005&idt=766&frm=20&biw=1600&bih=1200&oid=2&adxs=1290&adys=260&adks=3370341254&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fminimore.com%2Fb%2FGd3dq%2F1&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=300x-1&ga_vid=183532480.1643149799&ga_sid=1643149800&ga_hid=1802967729&ga_fc=true&fws=644&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5ab99002c776d6de0ee1373bd88ea7ef87868f6afa694efb35b9f270d5d5c4f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 211995
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12117
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 314490
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://minimore.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 746ms
746ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1403719842208934&correlator=4223873017400424&output=ldjh&impl=fifs&eid=31063821%2C44752541&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220125&iu_parts=21622890900%3A22440369188%2CTH_minimore.com_res_article_top_728x90%2C336x280%2C300x250%2C320x100%2C320x50&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4%2F%2F5&prev_iu_szs=300x250%7C336x280%7C728x90&eri=1&cust_params=url%3D%252Fb%252FGd3dq%252F1%26ref%3Dnull&cookie_enabled=1&bc=31&abxe=1&dt=1643149799818&lmt=1643149799&dlt=1643149799005&idt=766&frm=20&biw=1600&bih=1200&oid=2&adxs=425&adys=262&adks=3449471483&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fminimore.com%2Fb%2FGd3dq%2F1&vis=1&scr_x=0&scr_y=0&psz=750x0&msz=300x0&ga_vid=183532480.1643149799&ga_sid=1643149800&ga_hid=1802967729&ga_fc=true&fws=132&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b0dfb9dd15fbb314186d2132db354b12b382536fe427a5097ccecaeb618bd0ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 211995
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12115
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 314490
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://minimore.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6C8A 6 KB
4 KB 165ms
44ms Document
text/html 2a00:1450:400f:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 25 Jan 2022 22:29:59 GMT
expires: Wed, 25 Jan 2023 22:29:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2022011002.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 39ms
39ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022011002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5132d372cb173a8a03581054f07b694cf11fbdce25ca75e0b9676abeecd101f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 13:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34048
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12969
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 21:10:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 13:02:31 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 144ms
61ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011002&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acbfeab6c119c670b90369a7a54fb525d2d68dcc05af848d828b6ff9f4fdaba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 25 Jan 2022 22:30:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8941
x-xss-protection: 0

GET
H3 200 container.html Show response
c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8393 6 KB
3 KB 78ms
34ms Document
text/html 2a00:1450:400f:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Jan 2022 22:29:59 GMT
expires: Wed, 25 Jan 2023 22:29:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8393 0
0 77ms
76ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cqwl953nwYYDdNJ-M7_UP0t2LoAfukrWTXL-ihcfkBcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxyAEJ4AIAqAMBqgSuAk_QfrhqmeFbrnzMELiiPbTWCd5TSLNmLIwsLUT-bAHp1QhbU1nhLAnYRdIipoSjPi8klvEd5jkBas8lMGhG4J_EmHNoyjd-olJ7Tu1Zvou5Pitul0xWxEjGV-EP8CssWIazmPhTqWJFlgkQ7wxTo4M_akr0rOeOvK6ubyOtY8udRPGnu0p-ZfTbVsW6Iu3Rb5SAakmZXIDOcH6g7obYKEkX9ZZyjOql7nEy2tAwfqfQTwHvbX_vZD1RoRccUJZKujfMGLLuQCHY_r2RxUtzuoIPjyyi037B9bc-4oetwGvtFsuH_5qSyhnkXWVNvxQJpU9xHKcQH2OsihgE-xDXp8c-Mwa5uJ00syBEBJfnXk3b0UJRvsvjI41GD2QVuwZD1Zc1Yh9Uk4OrEPqOUmnw4AQBgAb12PjEye2Jp0egBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfIIG2FkeC1zdWJzeW4tNjY4NTcyNTA1ODYyMTgxOYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05MDU4MjkxODU0NDQzODgxGLbXaQ&sigh=p6e8Z0OeZks&uach_m=[UACH]&cid=CAQSPwCNIrLMMZLqn56TePmbKikyQTWIRjw9XqwmDasZWLvRM1WDpE6lV9Bnx0Jh2CUmlyZdbsQWG6kOcTSbudYOjBgB
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 ttj Show response
ib.3lift.com/ Frame 8393 4 KB
2 KB 53ms
10ms Script
application/javascript 108.157.4.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e034413566571294f644c0b81ff0a93c1bb402263c0cc797b566fe457841af1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:15:23 GMT
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
age: 882
etag: "c19830128c230c5aed152b54a2e51d7e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-P2
content-encoding: gzip
content-length: 2005
x-amz-cf-id: xFyXE_ipIAZZfz5uJbWNAtFUfBLXGQQ9IQAXfvtf5FOel8TrYjWnLQ==

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 8393 2 KB
1 KB 133ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 21:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8393 122 KB
38 KB 131ms
46ms Script
text/javascript 2a00:1450:400f:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 22:30:00 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame 8393 15 KB
7 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 21:54:43 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8393 22 KB
7 KB 127ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 20:55:51 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame 8393 37 B
183 B 9ms
8ms Image
image/gif 35.158.60.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=YfB55wANLoAIu8YfAALu0tN-SYElndlzT2KMHw&ts=1643149799&aid=27049067744258766196180&ec=2460_15241_66021650&n=GvQEaHR0cDovL2IxLWV1ZGMxLnplbWFudGEuY29tL2JpZGRlci93aW4vdHJpcGxlbGlmdF9kaXNwbGF5LzU0ZTVlMDU4LTdlMmUtMTFlYy04Y2Q0LWMyZTRkY2MzYmNmNS8wLjAxNS9RU1pYQjZZNk41TVRZRjczQ0JJVEJCTzNYUVBKNzRFMk1MV0FWWDNYSFdSRlUzWFc3M0xGU1lRUEtCMllJRzZNT1RDQ1o3RFlEN0RBMlhBS0tIS0w0U0FNQldUM0FJWFU0NU1ZWTZONlZXNDIyTEZaU1NEUE5HVVFRTTZGWURDVlczNlZVSVpYQlVJUFdJNFlNSUVLWVpBREdOQU5LNFlPUkVMNUFLQ1pNQUpNNTJPTUJOWUpPRlUyRzVGRVlPRFBIM0dRVlZZUVc3QkJITkVOWUVINTdJQkJGV1ZHV1kySUdCNzVLU0FWNU1QUkhDVlozWVRaUENJR09CRk5UTjQ3QjZWV1FDUlIzSkFXT01MTEMzVUo1WE41VEhOUkpMSENGUldNT0FLR1BZNERUWlBKTVRNTk1KUFJETUJKQUo1NUhKTjJUSUlNVjVMRkFJUlRXUklVNUVJRTRRUkhUWkRMVzVaSTZNUERYQVNWUVFOWUpKNlVOWDVaQ0VNTUFGSFY2T1AyVlBRT0wyS05NWUEyNjJUMjcyWUI1UVRKQllFSDNFNkRRSERQTTZERFFXVVMyUURCU0VQVUpHVTUyVFdUS0lGTlBFSkVZWkpTUkc0N0pKUVZRU1E2NzZLMlo2UExQU1JVSTZFSEJDM0RISkRYMzJJNVA3T1lJUVA3MkFFTUc2RzVEUU9XRVJVUEcvP%2FICtgEIABIXMjcwNDkwNjc3NDQyNTg3NjYxOTYxODAYACABKJwTMIl3QAFIAFAAYApoAHDp2yKQAQCYAQCoAQCwAQ%2B4AQnAAQ3IAQ%2FgAQ3wAQD4AQ%2BAAg2IAg2RAgAAAAAAAPA%2FmQIzMzMzMzPDP6ECAAAAAAAA8D%2BoAgCwAgLIAgTYAgDxAmZmZmZmZuY%2F%2BAK%2FMYADrAKIA%2FoBkAMCmAMAoAMAuAPl4w3AAwDIAwDSAwg2NjAyMTY1MPgCBYgDAJIDBGRiYTg%3D
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.60.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-60-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 8393 37 B
140 B 25ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=27049067744258766196180
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 178ms
138ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 22:30:00 GMT

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/ Frame 8393 246 KB
79 KB 11ms
10ms Script
application/javascript 108.157.4.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2ed6f4144d1c12483676cbd0bbb32aa7b23d7b7f54709176c16c782ca668dfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 20:30:54 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 20:27:26 GMT
server: AmazonS3
age: 611947
etag: "5c3d88435f7bf18aebb1be8c86371794"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 80392
x-amz-cf-id: oxFFttFASQLiPnES8O__aT07yGSdziMUJhtjdU-FLmF24P0ctu9ViA==

GET
H2 200 r
eb2.3lift.com/ Frame 8393 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=adasia_allpublishers_display&aid=27049067744258766196180&rev=e0fe245&ss=5&bc=0.015&pr=can%27t%2520access%2520top%2520document&brid=568809&bmid=2460&biid=6335&bcud=15&sid=15241&ts=1643149799&caid=0&unid=0&domain=c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com&ref=https%253A%252F%252Fminimore.com%252F&rr=creative&fid=10&rb=0&g=0&cb=68579
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
DATA 200
OK truncated Show response
/ Frame 7D83 26 B
0 Script
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 8393 3 KB
3 KB 13ms
12ms Image
image/png 108.157.4.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:58:08 GMT
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 5513
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: HN4WK2O5rUWsz09pPfgCTqk8E0fRP4T-j9N10fMuKhMSDW4bXGb-JA==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 8393 3 KB
4 KB 14ms
13ms Image
image/png 108.157.4.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 00:56:14 GMT
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 423226
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: vTsTWN8fq9WCABKn1hJym_GvRL41I9roZb0QwIlP1T3W0a1fHG7ifg==

GET
H2 200 widget-300x250.js Show response
widgets.zemanta.com/1629452000/ Frame B702 7 KB
3 KB 57ms
6ms Script
application/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.zemanta.com/1629452000/widget-300x250.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7c75a38078335258d8ce738cd3f4e0787aad0002007440f5d50b5764bee9ae7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: uvl_AIMeZvArCt.KvXhYtwKAfEkUCElc
content-encoding: gzip
etag: "a9c246aea852dd1d70e8d9a62065985b"
age: 592
x-cache: HIT
content-length: 2413
x-amz-id-2: l7/RiCw5IeMV8Au5dBIg8B+8BoA4t9jhXKGrNOHRM1aBpHc2GyLREF/Z7euoWLBwLIfDX8msgKw=
x-served-by: cache-hhn4036-HHN
last-modified: Fri, 20 Aug 2021 09:35:26 GMT
server: AmazonS3
x-timer: S1643149800.440870,VS0,VE0
date: Tue, 25 Jan 2022 22:30:00 GMT
vary: Accept-Encoding
x-amz-request-id: 53ZZPXB1M02PCHEZ
via: 1.1 varnish
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 72

GET
H2 200 aop
eb2.3lift.com/ Frame 8393 37 B
139 B 9ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_display&aid=27049067744258766196180&rev=e0fe245&ss=5&bc=0.015&pr=can%27t%2520access%2520top%2520document&brid=568809&bmid=2460&biid=6335&bcud=15&sid=15241&ts=1643149799&caid=0&unid=0&domain=c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com&ref=https%253A%252F%252Fminimore.com%252F&rr=creative&fid=10&rb=0&g=0&cb=16228
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 container.html Show response
c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BA02 6 KB
3 KB 34ms
33ms Document
text/html 2a00:1450:400f:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Jan 2022 22:29:59 GMT
expires: Wed, 25 Jan 2023 22:29:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 152B 6 KB
3 KB 34ms
33ms Document
text/html 2a00:1450:400f:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Jan 2022 22:29:59 GMT
expires: Wed, 25 Jan 2023 22:29:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8393 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41e9f95a247035978ad9a75e08a8c82627a393163155e522d25c1cafb41e5e43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK writeStatistics
stas.outbrain.com/Stas/api/ Frame B702 43 B
274 B 428ms
86ms Image
image/gif 64.202.112.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stas.outbrain.com/Stas/api/writeStatistics?p=DkkDeS6rbTUlpHOKBYqrQHxfRDX-NESZiC17KcYlUUm0BdtY9NSRG82xx2TbH0qBrQZIHbmsKmNUjuX-aLJ7K_N4J7CzX03QjDJ-cRfjNwhtNm-qxMkzqS148pEnI4nr-3lhCQSemoVq6hTxSU_07VHq-arfkUk-NEUO-PinFiRWNbVyCQHA7SwnUbwQ5ymSxNHT3OLMxKjw82OfmXPwreEsYIIg9yCeSJlvZPPI2ktr_Q3D6AlBhVHO5oQ9zQsx8vZUnQ53DubfGtgW9C6HZxssxFi0iWcYtJ2Wgc3n30EQmerTSdD_SNDh1k9JWKvzIGihGbp1Ky9_2WRIsK8UFfbv50oQrDqUGcpLUV8CE64uW4Jl5OWn-2dHUFwMO8Kui95ZPsWddHB-GNXrKKxtnv1dTgcjdQ-2xvBHbjTMYzVc9SKdy5imGKcV185tOyqrWwTDYXs1BT6NUq1lxvJSnHTLZV2w_VeerROH-REhy-5xSaEak81zz_4lWEo4n3KD2UNuQa9EuoDKG5HLuPa5wyMEop8UdaYiQBbJdgBPSkKoi3ncygaBIohEF1pTOvuCVRT5oI2N3Z4dtxixzCWYwGlilM44iRyUjwGYWRKm4xJ-NWaxu15G7TkGCJWyMWlPbXsgWN4Ea_GUGXgVzWMVd35fmjpD-VM7GvADtjyp1pRjfObIpwqXnc-4nE5p879LidhYj7Ite2mmtC8dogOpH8oDW9K0Q_h8uoQV-mAAM-8&c=bdf46ab5&v=3
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 22:30:00 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: ff2ab8406f6c684e9359a43516642876
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/SAUTBJIHOU2V2ISGBZYQVLMKNCCGUJUBS2IHAZXHPNCRBIZJHVAV2UG3P7PK3GOMZPBYY3AVAB5NWH3YIYL226HKFV2PKYG6GZEM3VNW447QWQOSVOVSSSY5IGSXIE3MB5JZLCTZFEYQNNARBAD65NEL44PRJG... Frame B702 26 B
151 B 61ms
14ms Image
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/SAUTBJIHOU2V2ISGBZYQVLMKNCCGUJUBS2IHAZXHPNCRBIZJHVAV2UG3P7PK3GOMZPBYY3AVAB5NWH3YIYL226HKFV2PKYG6GZEM3VNW447QWQOSVOVSSSY5IGSXIE3MB5JZLCTZFEYQNNARBAD65NEL44PRJGEVPBEBIZNZTEZLQMR3JTFX6BBTEWM7QUFLMWWI7IGQO6FAKLPZGQHNGGC3HE43JHNLIHMPHSR5ZZCLYYMCUYFECE3YV6FKSAFJZQ4URZBIIOPNEIWYSYXZKUA3NQTY3B7X75FR7FMRPXLO6UTDFUPPFQEAC55GYJVLXHMKY4277GBAFT3PYVBF5JPBRNP2QFAEKPSS6HJQXUPKNM3J5A4MSBJXXBY53JLNP6QYBYL2B3ZGO/?
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 22:30:00 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 1673eec9aea13c107644128f35455ba533.jpg
zem.outbrainimg.com/p/srv/sha/1b/83/50/ Frame B702 9 KB
9 KB 67ms
7ms Image
image/jpeg 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/1b/83/50/1673eec9aea13c107644128f35455ba533.jpg?w=298&h=110&fit=crop&crop=center&fm=jpg

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

0242290e99cc90de276b2920ca668b8f8d662e1d82bfefa90ecc47beb6c16aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 1902054
x-cache: HIT, MISS, HIT
x-imgix-id: 3383aed2764b2b4e493aff0ecd81f8f1c8933ff8
content-length: 8743
x-served-by: cache-sjc10081-SJC, cache-fra19122-FRA, cache-fra19141-FRA
last-modified: Mon, 03 Jan 2022 22:09:05 GMT
server: imgix
x-timer: S1643149801.548484,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
x-cache-hits: 1

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BA02 0
0 78ms
78ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CD7sJ6HnwYbWNB6aB7_UPm9C3-ATukrWTXL-ihcfkBcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxyAEJ4AIAqAMBqgSQAk_QdVosfgGHjZDLbUOZkRrToR3lMdx8U-9iVW9oH-WuZjI7YrQCpccJEKwex_Q4RVcIPr9yV9RtqRvgGkSouOpAXFvzedg9aiwrvtQ5QrhisRVfvPuzqb1CpwLNrCMSw8EnvNKdoxrRa41SIuZHUhN2hCYSO3uwQ2oKeb7gVOcVrRMly0zE0sIilJQ5mlKT1yv54wcN7k_WCQ-0w72-u3TojecfLI9Fgmfz9aFfXOMSDSI8dRgki0JIzalsVBjL8Gotg6oVogDmO8elyBAWKqYym4WmSjUVkSYjjptphZQs1EnxN9i6O_5VvG1zTM6-5PubzijumxoNic9sP0U0pysonAOKJ2dDZdb4TKOiquoI4AQBgAbq7fXirZmImekBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTY2ODU3MjUwNTg2MjE4MTmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=L8y_DVIJAQc&uach_m=[UACH]&cid=CAQSPgCNIrLMOoKJKByelatcHzwIARoBe6-WYvG7kZN97YBFpkYma010qiFeS-2KAoDWthGZyV0DjR3Lmn1NFDmHGAE
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 ttj Show response
ib.3lift.com/ Frame BA02 4 KB
2 KB 11ms
8ms Script
application/javascript 108.157.4.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e034413566571294f644c0b81ff0a93c1bb402263c0cc797b566fe457841af1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:15:23 GMT
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
age: 882
etag: "c19830128c230c5aed152b54a2e51d7e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-P2
content-encoding: gzip
content-length: 2005
x-amz-cf-id: ea9vjgdSoAAswH-yvsQkkFmVSzg7tZeO_P-tWegpkJADsG2HLot9xw==

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame BA02 2 KB
1 KB 127ms
78ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:19:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 22:19:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame BA02 15 KB
6 KB 93ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 21:52:04 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BA02 0
0 100ms
49ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2yAowaZR33TaeeQ0_NrPGAc-uGS-6nUP5f2CXKxAVXPB0GzCYNNnM91uUUFtDWcZPDja8_uS2XV0esAliDxm1JK2XyA
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame BA02 22 KB
7 KB 114ms
66ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 20:55:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA02 122 KB
37 KB 100ms
56ms Script
text/javascript 2a00:1450:400f:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 22:30:00 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame BA02 37 B
183 B 10ms
8ms Image
image/gif 35.158.60.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=YfB56AABxrUIu8CmAA3oG583zsL3P1ZhcgYS2Q&ts=1643149800&aid=24003664053951352908640&ec=2460_15241_65973683&n=GucEaHR0cDovL2IxLWV1ZGMxLnplbWFudGEuY29tL2JpZGRlci93aW4vdHJpcGxlbGlmdF9kaXNwbGF5LzU1MGJiYzA3LTdlMmUtMTFlYy04ZDE3LWVkNGUyY2VmYzRiMC8wLjAxNS9SN0pGWEpBTlQ3VklVV0VCMk1UNURLQ05WQVBKNzRFMk1MV0FWWDZPV0RWQVYzVkY3SExISTJYUkZCUk9EVjdYR1VSQkJXMldTSDM1UEdaV09VNkFYWU5DNVhYRkw2SExPVExQM0ZHV0tWTENNRFZMRVM1REhTQjZVQVdTTFRBSENFNjNIVTc1QkRESDNYNldSVVdOSUs2SzZRTlhFU0hYT1YyRFgyNFJSM1lVSVhTT1NITVpPRlUyRzVGRVlPRFBSVDZEV1RFUEY3NEhYTkVOWUVINTdJQkJGVlI2TUk2WFdORVdNMzdIQ1FURzNGSEI2NEdITklER0pQS1lCRzZQVFJaQUlUMktZMjdLNzVBRzdHWFc1U1pDRENEM1NRN1AzSlQ1NVdMM1BMRlBTN0hNNE01TkpXWlVGVElJS0M2Vk5YRUxVUlJIR1g3U0VKUFlQVkZBMzY3WE0yTVdTWkpZQUlKNk1WNElKN1hKNTQ3NUpSWE1XUVhRSjJONjVHQVNMNllWU1pFTlJTRjNHWlZEUUdCRlFGV1lPTklZNUMzWUdXWlpQSEVIQklMQUVMQldFU0E2WDJMU0pHRk5CMjJRMlFDRVFKVFpONUpGVkdRNEVOR0dQRVFDWE0zWVNKSlA0Nkg3NkRYUUwzTU1RNUNXVlFFNlJOQTNLTEpNNktDUy8%2F8gK1AQgAEhcyNDAwMzY2NDA1Mzk1MTM1MjkwODY0MBgAIAEonBMwiXdAAUgAUABgCmgAcMHBIpABAJgBAKgBALABD7gBCcABDMgBD%2BABDPABAPgBD4ACDIgCDJECAAAAAAAA8D%2BZAjMzMzMzM8M%2FoQIAAAAAAADwP6gCALACAMgCBNgCAPECZmZmZmZm5j%2F4Ar8xgAPYBYgDWpADApgDAKADALgDlcwGwAMAyAMA0gMINjU5NzM2ODP4AgWIAwCSAwRkYmE4
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.60.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-60-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame BA02 37 B
139 B 9ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=24003664053951352908640
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 css2
fonts.googleapis.com/ Frame 152B 4 KB
634 B 100ms
53ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 22:24:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 25 Jan 2022 22:30:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jan 2022 22:30:00 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/ Frame CBF5 19 KB
8 KB 76ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/abg_lite_fy2019.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 22:03:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CBF5 8 KB
714 B 85ms
47ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 22:21:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 25 Jan 2022 22:30:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jan 2022 22:30:00 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame CBF5 14 KB
3 KB 140ms
34ms Stylesheet
text/css 2a00:1450:400f:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 17:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jan 2023 17:27:44 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame CBF5 355 KB
123 KB 140ms
35ms Script
text/javascript 2a00:1450:400f:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 22 Jan 2022 01:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Jan 2023 01:20:46 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame CBF5 15 KB
6 KB 90ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 21:52:04 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CBF5 0
0 87ms
48ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgkoPuoaV7WmTR2NSDtQ8wlyB8xQaX3894s0wycdPpopTSdqdOtQivYGQ-o_uLOdmP1x8zDS1xfO3pdlp43I8RaE7AwQ
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CBF5 22 KB
7 KB 108ms
71ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 20:55:51 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/elements/html/ Frame 152B 18 KB
8 KB 94ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b277171297bfc840b62b9f160060bf8fc630389b0dee3aadcbb0e855ac7ecbc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11153116566150069083
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 22:25:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 11FC 13 KB
5 KB 70ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Jan 2022 20:56:05 GMT
expires: Wed, 25 Jan 2023 20:56:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 5635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8CAB 783 B
534 B 81ms
50ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0bbbd3072c721effa98fbdb50024f33b68c2497f1e7be8603053ea405b4677a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SeQ83Ta8DIvuCrF4Tmld2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 25 Jan 2022 22:30:00 GMT
date: Tue, 25 Jan 2022 22:30:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-SeQ83Ta8DIvuCrF4Tmld2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/ Frame BA02 246 KB
79 KB 11ms
10ms Script
application/javascript 108.157.4.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2ed6f4144d1c12483676cbd0bbb32aa7b23d7b7f54709176c16c782ca668dfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 20:30:54 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 20:27:26 GMT
server: AmazonS3
age: 611947
etag: "5c3d88435f7bf18aebb1be8c86371794"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 80392
x-amz-cf-id: T0kBy-4pWiMzd6KyIFW-Xo0IvoIU_TaIYHS248VAqpS4t9WPBahk_A==

GET
H2 200 r
eb2.3lift.com/ Frame BA02 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=adasia_allpublishers_display&aid=24003664053951352908640&rev=e0fe245&ss=5&bc=0.015&pr=can%27t%2520access%2520top%2520document&brid=565441&bmid=2460&biid=6335&bcud=15&sid=15241&ts=1643149800&caid=0&unid=0&domain=c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com&ref=https%253A%252F%252Fminimore.com%252F&rr=creative&fid=10&rb=0&g=0&cb=89163
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame BA02 3 KB
3 KB 9ms
9ms Image
image/png 108.157.4.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:58:08 GMT
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 5513
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: E4dvoyCscTSOeWcm8O_gDNLQ_Tokh4nAC03U1_lp-isZgLkxtdxTbQ==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame BA02 3 KB
4 KB 10ms
10ms Image
image/png 108.157.4.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 00:56:14 GMT
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 423226
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: smGXOe0DmW4bXq2nfrInrnHgXf8xVyyzbGCCAuF2RcJmMWoua_TM3A==

GET
DATA 200
OK truncated Show response
/ Frame 143F 26 B
0 Script
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 widget-728x90.js Show response
widgets.zemanta.com/1629452000/ Frame B75C 5 KB
2 KB 14ms
13ms Script
application/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.zemanta.com/1629452000/widget-728x90.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 292cd5300be1b6bbb20d4b9d1c94c74974f917e406d06327d39fda96a998c1f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: LM6YJq73AIFspLMbFebonljoqW7by2Ki
content-encoding: gzip
etag: "ac34009e610c577f9654a45a184cb8c7"
age: 1272
x-cache: HIT
content-length: 2156
x-amz-id-2: RiIUM9CIIO9yjJsszh0DfeOHDktN/g0KggMSRt76kAWmln8gRKgybvgmZAGT9+LmAEwbMYiiXm0=
x-served-by: cache-hhn4036-HHN
last-modified: Fri, 20 Aug 2021 09:35:29 GMT
server: AmazonS3
x-timer: S1643149801.570650,VS0,VE0
date: Tue, 25 Jan 2022 22:30:00 GMT
vary: Accept-Encoding
x-amz-request-id: 9GCMVK3H8YHNJ1FM
via: 1.1 varnish
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 108

GET
H2 200 aop
eb2.3lift.com/ Frame BA02 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_display&aid=24003664053951352908640&rev=e0fe245&ss=5&bc=0.015&pr=can%27t%2520access%2520top%2520document&brid=565441&bmid=2460&biid=6335&bcud=15&sid=15241&ts=1643149800&caid=0&unid=0&domain=c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com&ref=https%253A%252F%252Fminimore.com%252F&rr=creative&fid=10&rb=0&g=0&cb=50152
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H3 200 container.html Show response
c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BC47 6 KB
3 KB 35ms
34ms Document
text/html 2a00:1450:400f:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Jan 2022 22:29:59 GMT
expires: Wed, 25 Jan 2023 22:29:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK writeStatistics
stas.outbrain.com/Stas/api/ Frame B75C 43 B
274 B 367ms
92ms Image
image/gif 64.202.112.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stas.outbrain.com/Stas/api/writeStatistics?p=Lh-QeoWPIEIV8XcHlCzBCP0icXUMt4oYveFFfPUTFhlkH3QA-MidJJhmr_g_U44O8C7fZT42qgiWwPi3AYuwbPbnRXwov_uCNCYwRVLsxEhMXBIBC4TIzFzH9SyjO0MsyBYTVzXxoVfBwYZyb2OG1nVtjNDnNj3vMMEGNk24t5jezTVnw_-jAkrWKydK2Gp1dZ03QvdYRjKpOSyVX34e6LIhY-2-wIRpbpwRdOmQyTjYOzj4r_kly7SeBD4YjcW1zCsrGjQ6Nf2twPyR0xhzs5IdKugxlHjbzaoP74blETXW0SbjAzECxv8_bZ1zu1zAd4Wb10Hhdm8sGDqiZusNhX-OSfaOpc28z-06sadT_ivEPF7P7mIzEcNTnVEKfyOUMsYN6A_78jsuMn1IYleUd8Kx7xi8K0XjGNZGgchnte4US7EvM38LJr9RRy94kYBvkN6-qujPBB1KZB3770STP0pjHaQeyAxX6X5uvrEJ8kZWQqSpuPbYe73GGHUm6vqG0i7O0xp76BTWHIQBUtDrBXfALX5MdmuF1XNL1GdYUMDetBhGjOhnanFgM8DrS4lKBJiUz-1Z2ibg1qwf0xoesKN4hhOtbxztgb-10cl22xUnM9wRehRUU1UVEParfdE-esMOPpqJcggPjkByMTRxW5mSC_eZHREf8gfULq9Beb8PSCHzTuyaTIYhEODhcOTeai51pyJZlykXRYGL203a5Pkfs-EnyZFVTIc-BqhiBCE&c=55d2f791&v=3
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 22:30:00 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: 7f45b1506ba7f6a038970f428c0bf702
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/2TWCQSCVB6KWRY63GVMXBLNXVGCGUJUBS2IHAZV4FXEMROHIWRAKCKUHFKALHVUUOKBGB4W5FZ6SFCG6OI24JUT3TPW63ONA3K5T73YVUELV5OBA3I55PJ6NRGWGXKGK7FWLTC3X4TDZ5NARBAD65NEL44PRJG... Frame B75C 26 B
151 B 14ms
14ms Image
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/2TWCQSCVB6KWRY63GVMXBLNXVGCGUJUBS2IHAZV4FXEMROHIWRAKCKUHFKALHVUUOKBGB4W5FZ6SFCG6OI24JUT3TPW63ONA3K5T73YVUELV5OBA3I55PJ6NRGWGXKGK7FWLTC3X4TDZ5NARBAD65NEL44PRJGEVPBEBIZNZTEZLQMR3JTF5XLPUSGSLRW6NMWWI7IGQO6FALAV2IZSZFUPW2JHMDNSTZ3E2RTMIQJ6TIWN3ELWHCTCJDIIQGYLRNLG7X26OIWYMZJTD6MHMC2DTTLCCZFPA4WFK5ZJ3BM7FILFUOCQKTEYJACP2MU2NCLNDK6SNC46ZFNYDAEKNNFJJTIXDNZ66Y2IWBVHFKNJTRU7Z74FXMFDYZC4IJQKKZJ34R6Q7CAPOW/?
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 22:30:00 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 8509cd81652796786f45d1a3766b732fd6.jpg
zem.outbrainimg.com/p/srv/sha/b7/42/9d/ Frame B75C 9 KB
9 KB 8ms
7ms Image
image/jpeg 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/b7/42/9d/8509cd81652796786f45d1a3766b732fd6.jpg?w=159&h=88&fit=crop&crop=center&fm=jpg

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

c31cb0559d5940e70c66db6cd55eb50e048a785d1c0dfbfca48e152335d5a569

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 128658
x-cache: HIT, MISS, HIT
x-imgix-id: b1d69f3ed82b3ba205471a43b96c85122f85f98b
content-length: 8858
x-served-by: cache-sjc10080-SJC, cache-fra19183-FRA, cache-fra19141-FRA
last-modified: Mon, 24 Jan 2022 10:45:42 GMT
server: imgix
x-timer: S1643149801.586272,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
x-cache-hits: 1

GET
H3 200 R1B9DkRZwcDIRZ3R9sqVqoa_rY5Qa04vEjSiPeGSXMQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 11FC 35 KB
13 KB 87ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/R1B9DkRZwcDIRZ3R9sqVqoa_rY5Qa04vEjSiPeGSXMQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47507d0e4459c1c0c8459dd1f6ca95aa86bfad8e506b4e2f1234a23de1925cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 16:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13406
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 16:04:50 GMT

GET
DATA 200
OK truncated
/ Frame BA02 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e6b2cc48bd185e1ef14195edc1830bafbaf621e1dfda1e8905607da0cb6f02c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8CAB 0
0 108ms
88ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011002&jk=1403719842208934&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BC47 0
0 79ms
78ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQlkX6HnwYfDOE8GZlQfI0KKwDu6StZNcv6KFx-QFwI23ARABIABgleKQgqAHggEXY2EtcHViLTkwNTgyOTE4NTQ0NDM4ODHIAQngAgCoAwGqBKQCT9Bfc2Y3OXcs_RvcCqEQqN-t6pCtcn5JolZyjxSAFrZeEGW1o9_2RcLk8ZbLREhNzmRj9ieQA9lGrSIUnr39Jx0O3g2EqkNPDRpKS53QiHmrBAQtTkn4J6dkTdWLfn-r9-Wg9dPBdqcA7cboaJm04WopOXDtT3_rlFu39aGyl7_Z0EQVmgNNq-5c13kEcHnsyieCDsyaDJ8FI4e_HTsDHVlLkCSTiFrSis3SCozYPwDUNcWS0SpHmhWZyWlWS_V4ElSgY1H8n4LdWHTchtp2gV-dhUnsBHMq9wxdTwd59dXm6L9d5-OqFompbTo0_LkUT3NshuVMOFPxa-LTexmD0FJtpOwwjXathFCTrtAKBqDdFpcpHonsLEdybrLiNCreXxxb_uAEAYAGwZemu-P4gopdoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTY2ODU3MjUwNTg2MjE4MTmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=Sa9H6nzuzT8&uach_m=[UACH]&cid=CAQSPgCNIrLMQBGl1KqPxD_aiZ--AlYAwzUb5IhF65bKiBoY2P8ci_LMlt_5UJ6kGBzD6YrFnZI9LnMx5mmTzKAMGAE
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 ttj Show response
ib.3lift.com/ Frame BC47 4 KB
2 KB 10ms
9ms Script
application/javascript 108.157.4.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e034413566571294f644c0b81ff0a93c1bb402263c0cc797b566fe457841af1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:15:23 GMT
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
age: 882
etag: "c19830128c230c5aed152b54a2e51d7e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-P2
content-encoding: gzip
content-length: 2005
x-amz-cf-id: NP0u7ykehy-VR5tB2aHlyuql228d8IS6mAw1_K2EVtIbmwZcAFgUxw==

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame BC47 2 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:19:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 22:19:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC47 122 KB
37 KB 55ms
54ms Script
text/javascript 2a00:1450:400f:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 22:30:00 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame BC47 15 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 21:52:04 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame BC47 22 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 20:55:51 GMT

GET
H2 200 notify
tlx.3lift.com/s2s/ Frame BC47 37 B
183 B 9ms
8ms Image
image/gif 35.158.60.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/s2s/notify?px=1&pr=YfB56AAE53AK5UzBAAioSAquVF-6XZVLFEs8og&ts=1643149800&aid=13824541294987695538910&ec=2460_15241_66021661&n=GvQEaHR0cDovL2IxLWV1ZGMxLnplbWFudGEuY29tL2JpZGRlci93aW4vdHJpcGxlbGlmdF9kaXNwbGF5LzU1Mjk5OTZhLTdlMmUtMTFlYy1hZGY0LWU2MDkyY2EyZjk1Zi8wLjAxNS9SN0pGWEpBTlQ3VklWWTdDTEpVRTNMV1NNSVBKNzRFMk1MV0FWWDZPUllISENEMzczNUtTVVk3QktNUVk0VUFNUkk3SVdIQjNBM0czTE02Q0dJRlk1Q0VPUlZDWEtOQ0pFUklVR0JQRDRSS1lMRlZMVUc1TjJBUUNLVE9BRktaRkxaS1BHTzVPRENZSzZJNFlNSUVLWVpBREdOQU5LNFlPUkVMNUFLQzZJWkxPVVlYM1I0RUpPRlUyRzVGRVlPRFAyNjdONURVRUVXSlpITkVOWUVINTdJQkJGV1ZHV1kySUdCNzVLU0FWNU1QUkhDVlozWVRaUENJR09CRk5UTjQ3VUE3UlFaQUpOSldRVU9RN0FFUlZXWDJKMlk0N1ROU05HUkhDSVJaT1JES09PV1I3WTVJREVBNk9URDJTT0hRN0pHRFY3M1kzNFFOQ0VaUDJJTkZBWlpaTVVUTlBOSllYN0o0T1BKQlVQVUkzUVFJQkFSSjZCSENUUEJUUDI2SE5NM1pSUEdQSllENUM0UTVXN1BTTVlJNUxBUkdMVlo2UlRBUjZNRElCWkVZTEVHWjNBNVE2V1VMSTY2UFJMT1gyRUpYSkhJWkJGT1pGRkJHWFpDVDZGRE5aTUpPUEVaVUFHWkI2V1FaTlpSQkNITFJMSkVNNUhKVzVTTklNVU9TR0hCVkZBQTRFTVAyUU0vP%2FICtQEIABIXMTM4MjQ1NDEyOTQ5ODc2OTU1Mzg5MTAYACABKJwTMIl3QAFIAFAAYApoAHDp2yKQAQCYAQCoAQCwAQ%2B4AQnAAQ3IAQ%2FgAQ3wAQD4AQ%2BAAg2IAg2RAgAAAAAAAPA%2FmQIzMzMzMzPDP6ECAAAAAAAA8D%2BoAgCwAgLIAgTYAgDxAmZmZmZmZuY%2F%2BAK%2FMYAD2AWIA1qQAwKYAwCgAwC4A%2BXjDcADAMgDANIDCDY2MDIxNjYx%2BAIFiAMAkgMEZGJhOA%3D%3D
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.60.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-60-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame BC47 37 B
139 B 10ms
9ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=10&peid=0&aid=13824541294987695538910
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/ Frame BC47 246 KB
79 KB 10ms
10ms Script
application/javascript 108.157.4.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=adasia_allpublishers_display
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2ed6f4144d1c12483676cbd0bbb32aa7b23d7b7f54709176c16c782ca668dfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 20:30:54 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 20:27:26 GMT
server: AmazonS3
age: 611947
etag: "5c3d88435f7bf18aebb1be8c86371794"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
cache-control: max-age=31536000, immutable
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 80392
x-amz-cf-id: egKcQ1cvNA5AcQRM3gq3SUh_sx1-ijnbvItdQD7bK-9TRDVZ9M69zw==

GET
H2 200 r
eb2.3lift.com/ Frame BC47 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=adasia_allpublishers_display&aid=13824541294987695538910&rev=e0fe245&ss=5&bc=0.015&pr=can%27t%2520access%2520top%2520document&brid=568809&bmid=2460&biid=6335&bcud=15&sid=15241&ts=1643149800&caid=0&unid=0&domain=c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com&ref=https%253A%252F%252Fminimore.com%252F&rr=creative&fid=10&rb=0&g=0&cb=32061
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame BC47 3 KB
3 KB 10ms
9ms Image
image/png 108.157.4.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:58:08 GMT
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
age: 5513
etag: "ddf020e069f1706b72b7698b28fede09"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 3125
x-amz-cf-id: Jz6Yo-jSaZTQ_3u-LjokvHzP9CFQTrjUffV6fbn7pcmpIVxgMHhWjA==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame BC47 3 KB
4 KB 10ms
10ms Image
image/png 108.157.4.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 00:56:14 GMT
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
age: 423226
etag: "7ceab27af00fa466072a3c3360041755"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 3518
x-amz-cf-id: FWyZHvSxFkM-gqb9dp0NGqpHv9L7Q8zVxceDh9GLZLYBHR8O2SIv3A==

GET
DATA 200
OK truncated Show response
/ Frame 6E0A 26 B
0 Script
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 widget-728x90.js Show response
widgets.zemanta.com/1629452000/ Frame 2E07 5 KB
2 KB 13ms
13ms Script
application/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.zemanta.com/1629452000/widget-728x90.js
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 292cd5300be1b6bbb20d4b9d1c94c74974f917e406d06327d39fda96a998c1f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: LM6YJq73AIFspLMbFebonljoqW7by2Ki
content-encoding: gzip
etag: "ac34009e610c577f9654a45a184cb8c7"
age: 1272
x-cache: HIT
content-length: 2156
x-amz-id-2: RiIUM9CIIO9yjJsszh0DfeOHDktN/g0KggMSRt76kAWmln8gRKgybvgmZAGT9+LmAEwbMYiiXm0=
x-served-by: cache-hhn4036-HHN
last-modified: Fri, 20 Aug 2021 09:35:29 GMT
server: AmazonS3
x-timer: S1643149801.702440,VS0,VE0
date: Tue, 25 Jan 2022 22:30:00 GMT
vary: Accept-Encoding
x-amz-request-id: 9GCMVK3H8YHNJ1FM
via: 1.1 varnish
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 109

GET
H2 200 aop
eb2.3lift.com/ Frame BC47 37 B
139 B 8ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=adasia_allpublishers_display&aid=13824541294987695538910&rev=e0fe245&ss=5&bc=0.015&pr=can%27t%2520access%2520top%2520document&brid=568809&bmid=2460&biid=6335&bcud=15&sid=15241&ts=1643149800&caid=0&unid=0&domain=c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com&ref=https%253A%252F%252Fminimore.com%252F&rr=creative&fid=10&rb=0&g=0&cb=19034
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame BC47 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2f1edf43c46ebeb9256eba23bae73f69f60f45c93451a3e1a30d52e947bbdd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK writeStatistics
stas.outbrain.com/Stas/api/ Frame 2E07 43 B
274 B 336ms
84ms Image
image/gif 64.202.112.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stas.outbrain.com/Stas/api/writeStatistics?p=_SczqQz0fk1HRD7zAXKF4QkZlr9UAINLv4I3laGa7cNcFjouVo3fDeyc6aSUm1RY75eymre-9RqmRIbUizJsSvhPR1S79s8JGyBDerY5mcMj6KwjHtOlhcpvj9HaDk96R0S7kT4foZUZPEjv2Ib2dsfzE52-AgId5pAPZJf7SrGAjoCMtiQ9WHMOEt08hYCKEdIFlDQPyL0aFI5jaupv9YdcNupKbdaK9Ga03VHuS0wc9O_tnQ4mgZxR_glWxoeMGHcMCUplxSXZHo2Mr3BtWI2kWrr1KU9LK9uio3wnkGHzV5pLbZuG2dvQsBmVEWvdNnx22JaV6W3KDyowd_GAUHBHCow61dqb9-mAp-Z46jVgon10YgJoIOcCiJ0e8GbzfVlBWQVoudVb1Hj0szcLgNHd9KZBBZr7jcWo1gCuUyolPHfOQUFrls3INpa_urMI7I7mWdfVpiPvsdugFyNG6k-uiqTzigNXf7Es3xW3keSlQ4v6AiZqIsdFx6MjGs64E-Cnv4h7DF7b-i7YnZMyFFBnoBrSfq80fdViwClQq5E-OOEM-MBRBg1alA46gctOyEIVPSdrMHcEXKB-C7EL-HMEEiY--3Fe9H4E3VyqbLrZBr6UAI0Duht4ybzK5fwg2GirREMbNSZS4qWxuB0ZLxB_ddLrVrGYHHThnLnTs8sq4lY2XWqAvsGC2P5ZktC26pGaQpikRdDKw0uvhEUmw8ZiY45QBFUkg876xvqOcEg&c=a2e03c9a&v=3
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 22:30:01 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: 673fb029789973faf67199b0cfb9861e
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/2TWCQSCVB6KWQPW23CFG754W56CGUJUBS2IHAZQO3FJ56WMYSQ6DP7G35Y6MRMQ3IZFHHF6UFTGKRW4O7MZBK7S3PQVJ5FCSKSQUWIO2LQ727OUMCATFRHTLKCJR6VUCB5PT3CYZNITEZNARBAD65NEL44PRJG... Frame 2E07 26 B
151 B 14ms
14ms Image
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/2TWCQSCVB6KWQPW23CFG754W56CGUJUBS2IHAZQO3FJ56WMYSQ6DP7G35Y6MRMQ3IZFHHF6UFTGKRW4O7MZBK7S3PQVJ5FCSKSQUWIO2LQ727OUMCATFRHTLKCJR6VUCB5PT3CYZNITEZNARBAD65NEL44PRJGEVPBEBIZNZTEZLQMR3JTFX6BBTEWM7QUFLMWWI7IGQO6FAKLPZGQHNGGC3HE6VNZXB4O4XDOZ5ZZCLYYMCUYFAG65Z6JBNFZGWNLG7X26OIWYMZJTD6MHMC2DTTLCCZFPA4WFK5ZOBNKG2EIJLZPA2TEYJACP2MU2NCLNDK6SNC46ZFNYDAEKNNFJJTIXDNZ66Y2IWBVHFKNJTRU7Z74FXMFDYZC4IJQKKZJ34R6Q7CAPOW/?
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 22:30:00 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 b6da977b65a62f52d20118596cdd71abb3.jpg
zem.outbrainimg.com/p/srv/sha/dc/ae/a4/ Frame 2E07 7 KB
8 KB 7ms
6ms Image
image/jpeg 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/dc/ae/a4/b6da977b65a62f52d20118596cdd71abb3.jpg?w=159&h=88&fit=crop&crop=center&fm=jpg

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

64d6bad9d2c4c8f647de2cc0b6f9d3590f9e67710a6e194ebb0d8d662fa146c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 869033
x-cache: HIT, MISS, HIT
x-imgix-id: 8fe4dcab99f49c011978973cda8cbea44f545f8c
content-length: 7573
x-served-by: cache-sjc10062-SJC, cache-fra19158-FRA, cache-fra19141-FRA
last-modified: Sat, 15 Jan 2022 21:06:07 GMT
server: imgix
x-timer: S1643149801.738859,VS0,VE0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
x-cache-hits: 6

POST
H2 204 csi
csi.gstatic.com/ Frame CBF5 0
327 B 69ms
18ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kyuoyskx&c=746570102247&slotId=373285051123.5&qqid=CLahmIH6zfUCFabAuwgdG-gNTw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBF5 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CveJp6HnwYbaNB6aB7_UPm9C3-ASeoaGuXKH56P6fA8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxyAEF4AIAqAMByAMCqgSIAk_Q0qmeM4ebxwMMG6V199L_99C5eQBCREnsOPtFfPXMFQJ6bO6qZ4PmhLtC_cPyPjyrX1Zo7IUN0pXOCB8c6puHnLMWaR5mU-fPgo8W8VJAG8FkxCxVWdQBhweX-K-I7LPs8QJmsMGi147fIhEPmUFKr5uFOytoBNvVs7TVcDedgsPHxAQTqpF-IrVLcHR3xP2mIx6AXb0PG-USw6NWCIDuk6JpNDFl_is3wS_rVve-WogTuGErsC4mulzg-fwyaqv6R_rX44tIeA_shCTc-Bluxs7B2P8gt3k6MAqq7XLk7q6_PIMGlhx50oK7y8MJFy7ZY1C427wGYOV_1Tnov1G884sDXSnR4eAEAYAG1ryH0YDohbGLAaAGKqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi02Njg1NzI1MDU4NjIxODE5-gsCCAGADAHQFQGAFwE&eventType=clickstring&clientTime=1643149800758&ai=CveJp6HnwYbaNB6aB7_UPm9C3-ASeoaGuXKH56P6fA8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxyAEF4AIAqAMByAMCqgSIAk_Q0qmeM4ebxwMMG6V199L_99C5eQBCREnsOPtFfPXMFQJ6bO6qZ4PmhLtC_cPyPjyrX1Zo7IUN0pXOCB8c6puHnLMWaR5mU-fPgo8W8VJAG8FkxCxVWdQBhweX-K-I7LPs8QJmsMGi147fIhEPmUFKr5uFOytoBNvVs7TVcDedgsPHxAQTqpF-IrVLcHR3xP2mIx6AXb0PG-USw6NWCIDuk6JpNDFl_is3wS_rVve-WogTuGErsC4mulzg-fwyaqv6R_rX44tIeA_shCTc-Bluxs7B2P8gt3k6MAqq7XLk7q6_PIMGlhx50oK7y8MJFy7ZY1C427wGYOV_1Tnov1G884sDXSnR4eAEAYAG1ryH0YDohbGLAaAGKqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB8ggbYWR4LXN1YnN5bi02Njg1NzI1MDU4NjIxODE5-gsCCAGADAHQFQGAFwE

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame CBF5 27 KB
14 KB 164ms
71ms XHR
text/xml 173.194.73.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DEfLmDtyAGKS4GUTd9tnct-2GkiKMVbwoj3cM09CvhtUJZt5NEryDV7_BvU3LIoK2eNqCfHzE_hMD-IEduV0jIW8I8dg&cry=1&dbm_d=AKAmf-D3SKOCwbkeH68-Hz-WEbhx2wFMs0xpuL1LxNLYGHyHm8KVEj_a7aBT4_MfGYirlJ4O6wrbFSOrQcjyNzA3ltLFb4BAhj7dGIfbj2339kKoeOCrLAuBKfkgLz27gtwr00ipIsUazegIGwFTOiapToJi4iKRK7pgF-p4ALXfczATKN9bZDyYulYhbdFhTfICIOeW5vfX-6SXEQDojQnivJKm2fSF1LiT4IXVwjQzmwxtCJGW8Sz-1CiV5rWqO4ZEmXHYVsrpnQX5PxW8HnLlx6ONu-H7KayGTWFdw7y3JxqfdO8AIedqgUXw5_dQNAfPa-_gInY8VpSjWk--v-9pmio4l_TClqpuklR_0xvwz4DgBi-ncLgB9802uTW4yHYhxqI6tcExXwRIUQOvW5eq1-qf7zmFPSkBM7uQAykcRt-5NEhAA47aQPBFEJ7gARa6OQ5oyA2f8_IBrvcY9BaRqacBbv8A3Ej6NYPCQ6pGj-WTEdm9v4CHybpDiHxmteZfpQf31kVQ_rJ71eA-NclBAsMpIejbxwN_NpRwndSMsQy56PWN3O99R2THMVn_xrf829m2vt0qYBrIYQl2AH79zXebJMyUx6RS0RHk53z9CI2x4kTtayWWbLe8u0vFnLbyx6K8Gq60ozRBh0hBpCsGFGWs9n6V_2wVk2nipaSjEgF9I4fuvNyhXBvD8tuodZfLUjCApU-wWIzPHi9s4BNe5YnlkDgW-hryvzdt798tlvv1J_mXUAeGPV0Pw3b29H0QnF6UTIV5fJff0TFAWjlHpCzO6Vcc_1riuKzsB1SQGo4w1c7h1m5wgHZiA4koJzwSSyoD2zuuMbsm9vrIrDkhBz7WDZyK-zjLIGmIVsvkJcgt7D4wVOr7A1Gvyd7GiAvCTDMOL0Q8e3CndCH3apxGgl_VepqYpNU8zMlcR4Vlqle05Z94_07x6p_EDRTlOV4CZAA8uf2FNTzEdPPC0Jis3mAIopbZlcOqWTuawfnF3pEPpHZi6VLUmCWmYY1bZBr67nO1h2XN2XgJNx7cbPkhzNbyzXst2p4ikPlbooO5k9P_WupXMAFwuN0MiqwehkgNGgP47-VtlZH2l4LVG4H0kNG1vbLw7_PVsW1pJV2ePwMbUavjYXklIiCfjZFYNc5s1zCgn7sBneuNLSe-E_7t3wNsclF8fMdN-If9x52GGPHwXm1i33ypWE3dtExJJ4RCulCqMfRSafaXvwMky3CQw1PEGJCoMOb4q5LCcHxj4nN2AKRCGz9ofRLO-stbSjdv-BFPIYDcRevqzE9KGiNpd8V_GxuypXKGjbf4eclDCK_01SuZ_X6XXJcplm5VKWxTNg-pSD9htmUBV-WnhmGMj5k-GLOffQapsf6QafoqCBXgwXlyS4foVPA0Pt712susKIj3XtJNKqgBZqfYkCvFlRmttwBRNIYm9c-JplocZCv6lpYJ0jV4D3fTJiq-KMDUHSqncPR49eKh0PvhNhoxbuKGfl-cwLsD7ydPteCfXs4HjLiB0tm1icEQlidN8k_I8swJ998N6Y4Cv1pSftGbVpCAZpRWaOU8lTDtxIlT5lJireyiu71DXQLHx2nA6Lm9gZTgXkrZiHkIFHlFXVTs_cOIZ8JmiFX1Bj_WY7pOwTN41iyD3ad1pXuuXAkma1MYA9oo5wD_OYw_WvsyIXfREp5V_I0hBNivnWC2HR2Ri0vbVe99dR0xBcf407L_NJ88MhYduUfJJDZpXnXNHLX0xW9_I-czYaLCPkW5xtHO69AVkIgpJi8YpHROz-RGMX0IhYeG2CViVWtXyOjBXyCTgY_94zSC3gLj0787PgQDapo6SBFmd8DigKI7j2pazYD88G_M0zN-fGO6puLkiuwMvYhcwvBkv7JlUrtxU4kUjlenxFgJVZbri8GTuDjHJPVgLrlmoDgpzFGOBklbjqj8jU7qh1DC2n0kxnGDhDkm3mqF4Pg_e80zvq5W7yALB89I6IkMwqaE_qLRSILZ6XGCYwlyrngVXZnQojEj5EPZ_m-wL8g_VHB2JfCYJikAs0vtDSXlEM2Bu-gddpTXOxMPhNw3n44uYwsx8YQuore8NaY8ZdBp5YMbmZ0Hl47HxOdpmbecUTWy4Nds4bdhoBJFBjQw1d2BP39QRNFkjXX2KK_KNWnMBHfpomFavCvE_ivpCY53SwyhsriKSgZT9udO9fyy8wzw-hi3MPBpCN1Tg5dmPFkcofkkCp7F5J3djMX64akttNzYOYhYZn1T78yKog51YO4OkogU2TCRIPNgFuWjMyB_4Rn2j8u_bWtIYh-2OUN80V3NyU_NHuhFxqZXkmqEL6LIkxlx_ndGTccG3XiP6KMXbuBLMIvP5Gtdi-BFEKGtp1tEX3t3onVmSPBScA8GDhIj3RGIpPjYWPCTZ3ThstO8ZfJz5AYCC_frqyAEteQfx2d81z8qO7CUF80X0S2l5qNvn8aO7SU6VVFE1_ul6ITFyIhVx-HDc1yiv4Um3hIw4kV35aQDvOiawL01c4u6btS0wInvCOmlRlYSEWI1p_spoVz0nuMb1-gk1rBnQIlf6Aj2YCBHri1AfNLdm-1ME4-LOw&cid=CAASBORowwk&pr=13%3AYfB56AAAAAAAwNwrI3CyQDSjDOw8e1qSN5yUWg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.73.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lq-in-f154.1e100.net

Software

cafe /

Resource Hash

7d7c31c8e64abeec514e58d87400e4ec4aa2884c23546315718519eed7b40ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13819
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EB5C 6 KB
3 KB 34ms
33ms Document
text/html 2a00:1450:400f:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Jan 2022 22:29:59 GMT
expires: Wed, 25 Jan 2023 22:29:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET generate_204
tpc.googlesyndication.com/ Frame 11FC 0
0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EB5C 0
0 78ms
77ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZi_M6HnwYfOyINaM7_UP84-JsAyeoaGuXKH56P6fA8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxyAEJ4AIAqAMBqgSjAk_QbxoYtnwJZ-0uLtTnbA0Qo8Sf2zZ_PY5XsXBrOISu1O8yRmWbfmmMwmawP_hUkolrlNVAs053E0KXI-TkxIb2ahkvcFqY6JCt_ZaK5oKev77b654uZ22WZO8C7KP1FXWBbedAhEdS_XmfJYWTyXhoiYaPFGMSvYUuFeGKEFAZADnJrtkkVT1iWBugT7OW2cl45vmq_7uYTuEk_xMh8spowwY927gM8ZpgC1QK_pG9Mr9UsAy39Ehz6_bSLtdl0YkmHXdhkLL14E6d3BG4GDisIGkHpdmqwYYcKCV-A96m-0RNSG89y7qy7eMXXN0DfUE_YXRTZ7_JGWzaVZhveOaLV1XTfBwdIB9A4ZgHn_bA3zglWbLKLwuRivyYMrn0uqFDc-AEAYAGg8rA5JKOpeocoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTY2ODU3MjUwNTg2MjE4MTmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=t-m1zmYn5vk&uach_m=[UACH]&cid=CAQSPgCNIrLMUVVtvORdAXLDr7Nl0St76Hiz4UrN20HqbTrUwfRw8DoLQItTb1QeYDzd-OEeCWiMJZJ8SSGJhKK9GAE
Requested by: Host: minimore.com
URL: https://minimore.com/b/Gd3dq/1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame EB5C 996 B
1 KB 65ms
21ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=36796705;rtbwp=YfB56AAAAAAjNe5KlRkzRYQTqBjs2C0xGftmCA;rtbdata=tWV6gTg5WA6NS_FImGYenm3D8dR4Dml35rnIrCv9XgqYic5QlEC-v7Dd6IBTF6wcbs_y4F3FakebPiOIFRqJ0N4BwJeMBBKNvNJQwZ4OBA7I7m_A1k_NU_ib8jg-SvhU6pztL-iGPb7oDfAUUVkUKhOj0ao7Q162wCidn-nBNuITsVSb_KQnMQ-XcTZOwalrkB4rjiUQUDXNUx7JxpcxO6BhaagGO6Qx4lNJcucBCO_DeIjrSAcYFw2

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

749ae4d4b787b5e0bc06181c4d7ae355ac2898686fcd131a77c4d7b1e7fcfa43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 853
expires: -1

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame EB5C 2 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/window_focus_fy2019.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:19:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 22:19:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB5C 122 KB
37 KB 53ms
52ms Script
text/javascript 2a00:1450:400f:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643027698847572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 22:30:00 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/ Frame EB5C 15 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220120/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 21:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 21:52:04 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EB5C 0
0 47ms
46ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjHhpVx2vXfJNJHqEWJSkYfQo3ltZfxIFwdSySFYNLAP5QkViEJl3ajNZXU6s30eHkAwnivJysJuXxszoyR5OxBD5rCQ
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame EB5C 22 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 25 Jan 2023 20:55:51 GMT

GET
H/1.1 200
OK v1
a2192.casalemedia.com/impression/ Frame EB5C 43 B
303 B 31ms
7ms Image
image/gif 185.170.60.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a2192.casalemedia.com/impression/v1?bidID=a4d36a56-a307-41b4-b51a-7062f5f69a19&traceID=c7o7jq2pmguft6bbmln0&dspID=111&userID=&cmpro=0&ap=YfB56AAIGXMIu8ZWAAJH8y7v6eAQp6tJh2Y0Dw
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.170.60.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:00 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=100
Content-Length: 43
Expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011002&jk=1403719842208934&bg=!DQ6lDkrNAAZ_DxPPfw87ACkAdvg8WrA7HCH9Dl70A5ekTHv9s-DwXXWAfBTqsclCbunxOboY9vLhJwIAAACGUgAAAAJoAQcKAAuc_LN8sqEWlczAM5kCxLtp6ZyCtxn043f-RM2SEzJPOSiYHfuLzkcttX0qqwsCX0sgHBu2ATU7_LmQyu6B71yFuavFgm3WGPpIgIQNextQ0noTnAsY1biHEh2iYqVao1fuPh77qHoGKppUB08H3BOuUfo1lQo_OOWG6BR2KsIbAqejYg-vK-2rGK3NBFiH6MgGCZXyJvkPOPRx1zg65U1Xp0KFnZ4wjBsnQ9mNR5ao5yt3LxFF28KkpiqS7M38evy--va1L631qJMeWpuhF389OKIWs-8NN2sbk-5UcyuMDOzNxuNUFGTM0eyWQ9LM0hETNhxS9mgxV5a_RwMix32ymLVIH_XqhK9RgdRnKYCkskgc8Bm-IhbJlx3knBW738AftveEwcZHH0SM0FU3WDPWsvIkQF1fX0txg6tEhuuDqAHjx90W-C_uEiyVTCEROVL-L8RA06WTSpjDs2nsT_rszIA4YIpWu6Q3O6dHiDboWvbCkaKdpG8iNziT9Fj69dtgfLe5s4yXnONp5P3_VhUWdbF-Wl2KXMC2H6QDOEuRdvlEYhRC3nnysdK2lVobRUY1CPMoHV1q4HAbTWyK2VuNOe-J8Dtyg6sdf2nDHiHB1IZExGaZF-23j9bjyWTz3N8cxpH3F7g4Iy_p1AMvzmi_Xge4IozcTybjpcjgjWjKvWg9853gv3KYHscAs06n34pVe_HBT5AO97uCovGsY9t4hdR5XIIKWRpf355dB3N2ZFLa4zALYA-h7CkF6J8JT4cYgL_Jcp6A8IJ7lk9t1i9yBAPpJJmf6um-LyhsIJzC0apZESHkPmx-roYy33LyEKhlwoC51MNVfXJfDseLkknGN77Yv3CNLnExOI6wCMWctnXygj9E7ea21lceotMTJzrp1FYoxM0PHNuN8AdR3cl4fjpx-nnmcXK6YLaHjT7Uwl49MJ1WmSpyrA52Py8BqPQ-7g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame EB5C 33 KB
16 KB 60ms
18ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=36796705;rtbwp=YfB56AAAAAAjNe5KlRkzRYQTqBjs2C0xGftmCA;rtbdata=tWV6gTg5WA6NS_FImGYenm3D8dR4Dml35rnIrCv9XgqYic5QlEC-v7Dd6IBTF6wcbs_y4F3FakebPiOIFRqJ0N4BwJeMBBKNvNJQwZ4OBA7I7m_A1k_NU_ib8jg-SvhU6pztL-iGPb7oDfAUUVkUKhOj0ao7Q162wCidn-nBNuITsVSb_KQnMQ-XcTZOwalrkB4rjiUQUDXNUx7JxpcxO6BhaagGO6Qx4lNJcucBCO_DeIjrSAcYFw2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0ae298f2509111b6eff0a258cb53fafcd63adbacfef38e453f46d7ff50edc24e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 09:30:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 27 Jan 2022 01:26:41 GMT

GET
H2

200

sync Show response
eb2.3lift.com/ Frame CFFD
Redirect Chain

https://eb2.3lift.com/sync?max=10&cb=29097
https://eb2.3lift.com/sync?max=10&cb=29097&ld=1

1 KB
1 KB

8ms
8ms

Document
text/html

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=29097&ld=1
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: ead6494d27dadd6a941380510a869197dbd778a506d390af64879e0784b20e03

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
content-type: text/html; charset=utf-8
content-length: 461
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Tue, 25 Jan 2022 22:30:00 GMT
content-length: 0
location: /sync?max=10&cb=29097&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame CBF5 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 13:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jan 2023 13:03:27 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-5hne6nsr.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674685800/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame CBF5
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674685800/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r3---sn-5hne6nsr.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674685800/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

114ms
14ms

Fetch
video/mp4

2a00:1450:400e:6::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-5hne6nsr.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674685800/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/51FF93B107ED2D69A739B856D20994896914BC39.791B119EC940D3AAC90CDB1B96F7523FD37AFFF7/key/cms1/cms_redirect/yes/mh/Tu/mip/2a03:1b20:6:f011::3e/mm/42/mn/sn-5hne6nsr/ms/onc/mt/1643149191/mv/u/mvi/3/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400e:6::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 22:30:01 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3934099
Last-Modified: Thu, 06 Aug 2020 18:00:20 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 25 Jan 2022 22:30:01 GMT

Redirect headers

date: Tue, 25 Jan 2022 22:30:01 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r3---sn-5hne6nsr.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674685800/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/51FF93B107ED2D69A739B856D20994896914BC39.791B119EC940D3AAC90CDB1B96F7523FD37AFFF7/key/cms1/cms_redirect/yes/mh/Tu/mip/2a03:1b20:6:f011::3e/mm/42/mn/sn-5hne6nsr/ms/onc/mt/1643149191/mv/u/mvi/3/pl/48/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 6CE1 1 KB
1 KB 8ms
8ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=29999
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 29e6bd1072724eba590eab0c6fc244f29d346ac5ca3a97281c7178c97680005a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
content-type: text/html; charset=utf-8
content-length: 401
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CFFD 70 B
265 B 99ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=29097&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

404

xuidmid=7976&xuid=G7KoFx54M&dongle=u6nf
eb2.3lift.com/ Frame CFFD
Redirect Chain

https://ad.mrtnsvr.com/sync/triplelift
https://eb2.3lift.com/xuidmid=7976&xuid=G7KoFx54M&dongle=u6nf

37 B
155 B

8ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuidmid=7976&xuid=G7KoFx54M&dongle=u6nf
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=29097&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: no-cache, no-store, must-revalidate
x-error: Not Found
content-length: 37
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/xuidmid=7976&xuid=G7KoFx54M&dongle=u6nf
date: Tue, 25 Jan 2022 22:30:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92
vary: Origin
content-type: text/html; charset=utf-8

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame CFFD 170 B
317 B 50ms
48ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=29097&ld=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CFFD
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0MzUzNDk2Nzg2NjgxMDI3ODkyNA%3D%3D

170 B
232 B

51ms
51ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0MzUzNDk2Nzg2NjgxMDI3ODkyNA%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=29097&ld=1

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0MzUzNDk2Nzg2NjgxMDI3ODkyNA%3D%3D
date: Tue, 25 Jan 2022 22:30:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame CFFD 0
944 B 233ms
191ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1643534967866810278924&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=29097&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:00 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 0F0934C67E504A4993BC05750BEDB0A0 Ref B: FRAEDGE1116 Ref C: 2022-01-25T22:30:01Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-source-fabric: prod-lva1
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXWb6A0XjicA0WyKy3ydA==

GET
H2

200

xuid
eb2.3lift.com/ Frame CFFD
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/1643534967866810278924?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-xDRO2DZE2oQ25b5Mx4NCI1_SyBFfx_SjD2gwYYvQ9Q--~A&dongle=0883

37 B
354 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-xDRO2DZE2oQ25b5Mx4NCI1_SyBFfx_SjD2gwYYvQ9Q--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=29097&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Tue, 25 Jan 2022 22:30:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-xDRO2DZE2oQ25b5Mx4NCI1_SyBFfx_SjD2gwYYvQ9Q--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame CFFD 43 B
220 B 40ms
14ms Image
image/gif 18.197.84.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=1643534967866810278924&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=29097&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.84.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-84-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 22:30:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame CFFD 42 B
599 B 70ms
36ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=1643534967866810278924&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=29097&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:00 GMT
etag: "9ea1ae3587d81:0"
last-modified: Wed, 12 Jan 2022 02:05:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B43202E0495644B2B3D6E3E99A31F291 Ref B: FRAEDGE1210 Ref C: 2022-01-25T22:30:01Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame CFFD
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=1643534967866810278924
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1643534967866810278924&dcc=t

0
0

167ms
109ms

Image
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1643534967866810278924&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=29097&ld=1
Protocol: HTTP/1.1
Server: 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N99SMBJCRR41FXTWNK2F
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1643534967866810278924&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame CFFD
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

8ms
7ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=29097&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame 6CE1
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4771&xuid=7878509948980262650&dongle=d407

37 B
354 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=7878509948980262650&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=29999
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=7878509948980262650&dongle=d407
pragma: no-cache
date: Tue, 25 Jan 2022 22:30:00 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 6CE1 0
0 53ms
53ms Image
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=1643534967866810278924
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=29999
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 6CE1 0
0 20ms
7ms Image
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=1643534967866810278924
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=29999
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2

200

xuid
eb2.3lift.com/ Frame 6CE1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3690&xuid=1ca461f0-79e9-4e00-b7d1-390af1646a45&dongle=3995&gdpr=1&gdpr_consent=

37 B
354 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3690&xuid=1ca461f0-79e9-4e00-b7d1-390af1646a45&dongle=3995&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=29999
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Tue, 25 Jan 2022 22:30:01 GMT
Server: MT3 4133 baa842e master cdg-pixel-x6 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eb2.3lift.com/xuid?mid=3690&xuid=1ca461f0-79e9-4e00-b7d1-390af1646a45&dongle=3995&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 25 Jan 2022 22:30:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 6CE1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=1%26gdpr_consent=&_test=YfB56QABSkS9RwBB
https://eb2.3lift.com/xuid?mid=3657&xuid=YfB56QABSkS9RwBB&dongle=3c0a&gdpr=1&gdpr_consent=&_test=YfB56QABSkS9RwBB

37 B
354 B

11ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3657&xuid=YfB56QABSkS9RwBB&dongle=3c0a&gdpr=1&gdpr_consent=&_test=YfB56QABSkS9RwBB
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=29999
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:01 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1643149801.127876,VS0,VE0
x-served-by: cache-hhn4041-HHN
x-cache: HIT
location: https://eb2.3lift.com/xuid?mid=3657&xuid=YfB56QABSkS9RwBB&dongle=3c0a&gdpr=1&gdpr_consent=&_test=YfB56QABSkS9RwBB
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 6CE1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
https://eb2.3lift.com/xuid?mid=3335&xuid=2685644907964891823&dongle=4d58&gdpr=1&gdpr_consent=

37 B
354 B

10ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=2685644907964891823&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=29999
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:01 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3f62657b-df6f-46f7-9630-c52e3c2c6926
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=2685644907964891823&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame EB5C 4 KB
2 KB 21ms
21ms Script
text/javascript 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=36796705;rtbwp=YfB56AAAAAAjNe5KlRkzRYQTqBjs2C0xGftmCA;rtbdata=tWV6gTg5WA6NS_FImGYenm3D8dR4Dml35rnIrCv9XgqYic5QlEC-v7Dd6IBTF6wcbs_y4F3FakebPiOIFRqJ0N4BwJeMBBKNvNJQwZ4OBA7I7m_A1k_NU_ib8jg-SvhU6pztL-iGPb7oDfAUUVkUKhOj0ao7Q162wCidn-nBNuITsVSb_KQnMQ-XcTZOwalrkB4rjiUQUDXNUx7JxpcxO6BhaagGO6Qx4lNJcucBCO_DeIjrSAcYFw2;js=1;adfxid=1x;9862;set=en-US|en-US|1600X1200|0|300|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fminimore.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e519702ef068171e1f598aa70b9a67d4dc1cbdc7f9fdd1966685a32f0e0514e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2138
expires: -1

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 90B3 23 KB
9 KB 41ms
41ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Jan 2022 13:03:27 GMT
expires: Wed, 25 Jan 2023 13:03:27 GMT
cache-control: public, max-age=31536000
age: 33994
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 69A8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1

2 KB
3 KB

43ms
43ms

Document
text/html

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Requested by: Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1b1c9f1fd1510f0de730e29cea0b263d29ef032469c3c5a22ec410f6fbb6e59a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|45|230|39|13|195|191|221
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Tue, 25 Jan 2022 22:30:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:01 GMT
Content-Length: 1879
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Tue, 25 Jan 2022 22:30:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:01 GMT
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame EB5C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33645086e037dd138bf770a2e9c3cf1d9a4232698a05729c467373f550825055

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js Show response
pagead2.googlesyndication.com/bg/ Frame 90B3 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 19:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13497
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Jan 2023 19:57:31 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame B9B3 1 KB
1 KB 8ms
8ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=86276
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/e0fe24527bfcc9eed4763b29ecf9b752e4f172b0/dist/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 03e8137e08e2c28fe1c0bd7a4d2d3125dc579a3de03793bb6f6c1a48c9682eff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
content-type: text/html; charset=utf-8
content-length: 454
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame EB5C 85 KB
37 KB 29ms
28ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.216/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0808dc2d2a687e420d40b158c5f88ff5241c36d014c36ee586744cfb9c5ed47e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 09:30:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 27 Jan 2022 01:26:50 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame B9B3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=2685644907964891823&dongle=4d58&gdpr=1&gdpr_consent=

37 B
354 B

11ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=2685644907964891823&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=86276
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:01 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 56d858c4-d99f-4417-8c21-d4d35c61bea1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=2685644907964891823&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B9B3
Redirect Chain

https://eb2.3lift.com/ebda?sync=1
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0MzUzNDk2Nzg2NjgxMDI3ODkyNA%3D%3D

170 B
188 B

49ms
49ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0MzUzNDk2Nzg2NjgxMDI3ODkyNA%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=86276

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0MzUzNDk2Nzg2NjgxMDI3ODkyNA%3D%3D
date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

xuid
eb2.3lift.com/ Frame B9B3
Redirect Chain

https://match.prod.bidr.io/cookie-sync/trl
https://match.prod.bidr.io/cookie-sync/trl?_bee_ppp=1
https://eb2.3lift.com/xuid?mid=7255&xuid=AACUtU7D4PQAAEGMcOpevA&dongle=bzwx

37 B
354 B

10ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7255&xuid=AACUtU7D4PQAAEGMcOpevA&dongle=bzwx
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=86276
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=7255&xuid=AACUtU7D4PQAAEGMcOpevA&dongle=bzwx
Date: Tue, 25 Jan 2022 22:30:01 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 204 current
triplelift-match.dotomi.com/match/bounce/ Frame B9B3 0
104 B 109ms
26ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=86276
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame B9B3 43 B
220 B 8ms
7ms Image
image/gif 18.197.84.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=1643534967866810278924&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=86276
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.84.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-84-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 22:30:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame B9B3
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=

37 B
354 B

24ms
23ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=86276
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:01 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://eb2.3lift.com/xuid?mid=3646&xuid=no-consent&dongle=1fa5&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame B9B3
Redirect Chain

https://sync.hgrtb.com/triplelift?redir=http%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmy_external_user_id%26dongle%3D8f7
https://eb2.3lift.com/xuid?mid=7666&xuid=fca8f1c1-75f2-4471-85ee-1d8358b51324&dongle=8f7

37 B
354 B

12ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7666&xuid=fca8f1c1-75f2-4471-85ee-1d8358b51324&dongle=8f7
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=86276
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: http://eb2.3lift.com/xuid?mid=7666&xuid=fca8f1c1-75f2-4471-85ee-1d8358b51324&dongle=8f7
date: Tue, 25 Jan 2022 22:30:01 GMT
content-length: 118
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame B9B3
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=1&gdpr_consent=
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=triplelift&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4945&xuid=68606eba-53ec-4249-835a-38987125a61d&dongle=31ac

37 B
354 B

11ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4945&xuid=68606eba-53ec-4249-835a-38987125a61d&dongle=31ac
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=86276
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: //eb2.3lift.com/xuid?mid=4945&xuid=68606eba-53ec-4249-835a-38987125a61d&dongle=31ac
Date: Tue, 25 Jan 2022 22:30:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame B9B3
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=13&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2319&xuid=0-37b29cc0-1a0d-46c6-504e-069d8ba7579f$ip$185.213.155.163&dongle=4430

37 B
354 B

17ms
17ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2319&xuid=0-37b29cc0-1a0d-46c6-504e-069d8ba7579f$ip$185.213.155.163&dongle=4430
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=86276
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2319&xuid=0-37b29cc0-1a0d-46c6-504e-069d8ba7579f$ip$185.213.155.163&dongle=4430
Date: Tue, 25 Jan 2022 22:30:01 GMT
Connection: keep-alive
Content-Length: 141
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 69A8
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfB56cj8rJs8K-1hv-YszgAABMQAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfB56cj8rJs8K-1hv-YszgAABMQAAAIB&dcc=t

43 B
645 B

105ms
105ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfB56cj8rJs8K-1hv-YszgAABMQAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CCRGC407BDPB0S9QC4EE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FBY53BF5RJNVHSGR1P4R
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YfB56cj8rJs8K-1hv-YszgAABMQAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 69A8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YfB56cj8rJs8K.1hv.YszgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELJrOmhylbUDy5AkxErVgSs&google_cver=1&gdpr=1&google_hm=2

43 B
1000 B

12ms
12ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELJrOmhylbUDy5AkxErVgSs&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 25 Jan 2022 22:30:01 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELJrOmhylbUDy5AkxErVgSs&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 69A8 170 B
188 B 50ms
48ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YfB56cj8rJs8K-1hv-YszgAABMQAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 69A8 70 B
264 B 32ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET indexexchange
sync.adotmob.com/cookie/ Frame 69A8 0
0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 69A8
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-fb850740-8e35-4297-a752-48b58a93c0d0

43 B
1 KB

22ms
21ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-fb850740-8e35-4297-a752-48b58a93c0d0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 25 Jan 2022 22:30:01 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-fb850740-8e35-4297-a752-48b58a93c0d0
date: Tue, 25 Jan 2022 22:30:01 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2 200 index
dmp.brand-display.com/cm/api/ Frame 69A8 43 B
261 B 525ms
170ms Image
image/gif 54.71.47.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.47.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-47-92.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:01 GMT
last-modified: Tue, 25 Jan 2022 22:30:01 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Tue, 25 Jan 2022 22:30:02 GMT

GET
H2

200

tpid=YfB56cj8rJs8K.1hv.YszgAA%261220
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 69A8
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YfB56cj8rJs8K.1hv.YszgAA%261220?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YfB56cj8rJs8K.1hv.YszgAA%261220?gdpr_consent=&us_privacy=&gdpr=1

49 B
735 B

42ms
41ms

Image
image/gif

54.229.233.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YfB56cj8rJs8K.1hv.YszgAA%261220?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: H2
Server: 54.229.233.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-233-249.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.3.123
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:01 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YfB56cj8rJs8K.1hv.YszgAA%261220?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.31.16
content-length: 0
expires: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 69A8 43 B
424 B 33ms
7ms Image
image/gif 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YfB56cj8rJs8K-1hv-YszgAABMQAAAIB?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=189149&us_privacy=&gdpr_consent=&gdpr=1&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 22:30:01 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=599
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 25 Jan 2022 22:40:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame EB5C 35 B
502 B 19ms
19ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=36796705&csi=GO27mNETJ8FciG3DIosmuHiZ_-r0UR1s-Q4UcwCyl5XZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 41371946.jpg
s1.adform.net/Banners/41371946/ Frame EB5C 29 KB
30 KB 23ms
23ms Image
image/jpeg 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/41371946/41371946.jpg?bv=3

Requested by

Host: c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
URL: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e28a65cbbe342f201f15e1b9f23a7300f20c56015bf726851e1bcb6047e27144

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
last-modified: Mon, 17 Jan 2022 15:33:24 GMT
server: nginx
etag: "61e58c44-759a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 30106

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90B3 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BitZ_6HnwYYW6NuSO7APUsYLgDwAAAAA4AeAEAg&bg=!zM-lz4vNAAZ_DxPPfw87ACkAdvg8WlHJN8o2VB0ypSPbKiRroCF9JO_M4DjwIjJM06VuGR8x3lOP8wIAAABiUgAAAANoAQeZA0TvbsLhiByMsrmvPiU5-mcOtuuA9DbxdPpDFVrIvMfXXChJ-RW6Eg0blvJ1WErz11AYe_7zZy4eqJE_QciNxsg7gDLCeb2x1xg42Qhp11ZztVspllZyjohMp1u5PwV9zFudGRN4lDHkIp5XAABVicTp6DmWUETRomtI3Z-tZypmkjSqwMqGgOrT3Tp98WljgEPtNYfv4-4fsAcma9MYRLqxkcJDtrL8CFSrzZl3NEjfUfYUktKex4OorCBdPHb4gFgIxeQ-r_hssV4X40a7dMwBIRRQraYaSA4UDi5zh8sERNcu19GgMTmYGLBdzuRfZy1V2ccEHJqYut5Zcca02HH3o7BE_3XmLb7AH8y7NaoWPqt7T5CdWLvbY1JBOsXy4AOioHRjjQhSlfWrh2YYDN3ad4nmT4_ELX-iRaO3WBDTI3a7owa6FGR1-3-0bId4lwrijVoNnYZ_U2rmDrF_JbKGPJBKDnnUgBiB7wFHl4WCGCFwh5lwkMN5hG0t79ahX6EEvLLTPjP9B0mv4cLiMD1FNjc9jQ28sAP2sGWnwleOEkWpWvX5ogjp4D55ZB77-GdlsKKQeWiT2gU-n7KAfSwO1H5mWlYINGuTeB4rrC3hUzlKqTH9eoNIiIVeHImJa4o6oxzNiSznzUwus4I2mwtbfEt7gI-DV56bLInISs6ZbUSHq51uaVaMCdkOhUoitemmdQk-z1-bERV5WDBRUjRjwl-kc4zmhu0P1bvbW9k8j-4CLU4G3mcaJxVF16SBXcMNVxYd6TaPCZ9JNdCLYbz1dSZyKzqq-pjrkBrJifD8o4XT5WBj1d_15erKuoaYeEYikKQ5oMy19kfNWpXlGHBmgehBYwhnjUXa-R0AVHahhjz6bVMH3zsI6KeXv9qkLwJ2RoaOYNIArwaW2w5jvksxDFkT9mCwDUA1RK2AV89ucFzipa9CeeUmc5mvQyRl8g2Jj82lzsotfz_NvsY7Hyt_JG-wrwim87lT6gxlI-1WpE2_mb83f29D-XX-Vyr0511PPaknFhkL5Ybr2p4XZ81Rp5JQ3dqfeG0RCXQcQf5qK2T3XttzYr3nqH6lMTEmmlx4MDrHriQ7CguEo-y1WzAIDJNxNw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r3---sn-5hne6nsr.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674685800/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame CBF5 160 KB
0 31ms
15ms Media
video/mp4 2a00:1450:400e:6::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:6::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-3934098/3934099
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3934099
expires: Tue, 25 Jan 2022 22:30:01 GMT
last-modified: Thu, 06 Aug 2020 18:00:20 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
client-protocol: quic

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
540 B 45ms
45ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158497/5963/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: c7d05de5d4ebb403c114124fecc5581b09c977bfcefdabbfd439bd35047017c9

Request headers

Referer: https://minimore.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://minimore.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 24 Feb 2022 22:30:01 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 59ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:43 GMT
server: nginx
etag: W/"61cc54f3-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jan 2022 22:30:01 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 97D6 13 KB
5 KB 34ms
33ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=minimore.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7225c811b9035a4ce65639eb7ab5e7850833a340a866cc8e4bc5c2ce4abe8756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1914
date: Tue, 25 Jan 2022 22:30:01 GMT
content-length: 5180
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 83ms
26ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:43 GMT
server: nginx
etag: W/"61cc54f3-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 26 Jan 2022 22:30:01 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 97D6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=minimore.com&sn=ChromeSyncframe&so=3&topUrl=minimore.com&bundle=UV_nBV9zWHUxb2ZTRnV5RzZDRiUyQjJFdWo0VVNNbUlQb3VHb2tHelRYcUhrRmxneXdFUzRDJT...
https://mug.criteo.com/sid?cpp=Nts8m3xRb24welR5Wk5NKzF4Z3ZDdVhMRXhRNGVsMVpkM3NYV1UrUStxamREZE40SW94WHplc0ZxQjBRdS8yQWFnQkhacWUyZThPL29ZMGFxc3ZDdXNpSzcwWHFIRGphU2ZaTlpDd1pTVnR6OXJYeXVSL3NNdmsvQ1YxWm...

447 B
637 B

18ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Nts8m3xRb24welR5Wk5NKzF4Z3ZDdVhMRXhRNGVsMVpkM3NYV1UrUStxamREZE40SW94WHplc0ZxQjBRdS8yQWFnQkhacWUyZThPL29ZMGFxc3ZDdXNpSzcwWHFIRGphU2ZaTlpDd1pTVnR6OXJYeXVSL3NNdmsvQ1YxWmJsTjdPYm5ZYXJTUGxsNEhBalYxaFhFYTcvK1haQ2w2c0o3cUVqeFN4YzB6S2tCR1JnaHRGWVJKYWJnTXN1UUtUNDYxSnFYd2hqL3o4ci9xQkM3QTk4WitITkphNEFFMlNVZXQ3T0pROXNEaE85TlRSak1EOFdoZDc2QiswTGNaVGtiOTFHNTVhOVk3K1VFdFRvM00zNHpoUmFDbkRCZz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ea50f4cb5d09ed2d0c90d45b7535f4ed67d82725dad72af49891675530331f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:00 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4670
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:00 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=Nts8m3xRb24welR5Wk5NKzF4Z3ZDdVhMRXhRNGVsMVpkM3NYV1UrUStxamREZE40SW94WHplc0ZxQjBRdS8yQWFnQkhacWUyZThPL29ZMGFxc3ZDdXNpSzcwWHFIRGphU2ZaTlpDd1pTVnR6OXJYeXVSL3NNdmsvQ1YxWmJsTjdPYm5ZYXJTUGxsNEhBalYxaFhFYTcvK1haQ2w2c0o3cUVqeFN4YzB6S2tCR1JnaHRGWVJKYWJnTXN1UUtUNDYxSnFYd2hqL3o4ci9xQkM3QTk4WitITkphNEFFMlNVZXQ3T0pROXNEaE85TlRSak1EOFdoZDc2QiswTGNaVGtiOTFHNTVhOVk3K1VFdFRvM00zNHpoUmFDbkRCZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2136
content-length: 541
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8393 42 B
64 B 121ms
72ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZ4y_jrcXsyAssiGd55jeisI6THhVJRa8O356HgeNZlEQGUxgY8bnau5kdmu2ZRihdXigzj15yaf4Zg4OPj0ahDA&sig=Cg0ArKJSzDTee11O4WIdEAE&id=lidar2&mcvt=1000&p=282,1290,532,1590&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220124&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3370341254&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643149800162&rpt=751&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame CBF5 0
17 B 36ms
18ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kyuoysl4&c=746570102247&slotId=373285051123.5&qqid=CLahmIH6zfUCFabAuwgdG-gNTw&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=853&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=15&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C43%2C44%2C45%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BA02 42 B
64 B 84ms
72ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCYNjuNa2fZEFbm6ypJlmabi6OOvmM6jVzyxedBZU6niA4piqWTRWQV7wO7hgfAYq8HOJto4_9mhp58iYXWP8W7Q&sig=Cg0ArKJSzPT8yQEE0ejgEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220124&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1920108457&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643149800396&rpt=557&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BC47 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKy-aT9eYPMRx-ym4QmLScBWiO5NxvjC0EuSGF-wdkPKDOfttmsab1oONJxuoqvIAhqX6dzUjYesNHXEaVXiFVvA&sig=Cg0ArKJSzBxpSGk0dYrYEAE&id=lidar2&mcvt=1000&p=263,436,353,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220124&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3449471483&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1643149800574&rpt=497&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 61E0 1 KB
2 KB 10ms
10ms Document
text/html 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 423604515b29739576463f3c37aed7fb15681cb55aa14627feda8858f2caf1f8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/

Response headers

date: Tue, 25 Jan 2022 22:30:02 GMT
content-type: text/html; charset=utf-8
content-length: 599
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 7483 2 KB
1 KB 7ms
7ms Document
text/html 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Tue, 25 Jan 2022 22:30:02 GMT
Connection: keep-alive

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BB9E 14 KB
5 KB 7ms
7ms Document
text/html 2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=138615
expires: Thu, 27 Jan 2022 13:00:17 GMT
date: Tue, 25 Jan 2022 22:30:02 GMT
vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame BD5F 0
91 B 44ms
21ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.1.0
date: Tue, 25 Jan 2022 22:30:02 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A6EA 281 B
554 B 68ms
6ms Document
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Jan 2022 22:30:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E328 52 KB
17 KB 32ms
8ms Document
text/html 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/atsprebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://minimore.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 26 Jan 2022 22:30:04 GMT
Date: Tue, 25 Jan 2022 22:30:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

xuid
eb2.3lift.com/ Frame 61E0
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3702&xuid=56b747b4-7e2e-11ec-a519-b1962ed8ea81&dongle=d54f&gdpr=1&gdpr_consent=

37 B
354 B

40ms
40ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3702&xuid=56b747b4-7e2e-11ec-a519-b1962ed8ea81&dongle=d54f&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=3702&xuid=56b747b4-7e2e-11ec-a519-b1962ed8ea81&dongle=d54f&gdpr=1&gdpr_consent=
Date: Tue, 25 Jan 2022 22:30:02 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 56b747b6-7e2e-11ec-a519-b1962ed8ea81

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 61E0 35 B
380 B 413ms
98ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=3a66d299-1ebd-4293-884e-8e6f36dc1a6a&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:02 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

xuid
eb2.3lift.com/ Frame 61E0
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=6863561DC9284FFEB17B932B433FA6BC&dongle=yf3

37 B
354 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=6863561DC9284FFEB17B932B433FA6BC&dongle=yf3
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Tue, 25 Jan 2022 22:30:02 GMT
x-content-type-options: nosniff
server: nginx
location: https://eb2.3lift.com/xuid?mid=7969&xuid=6863561DC9284FFEB17B932B433FA6BC&dongle=yf3
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 24 Jan 2022 22:30:02 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 61E0
Redirect Chain

https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?gdpr=1&mid=5316&dongle=fa68&xuid=WNgCAlnQAVNDiFACCIpJUw3ZV1ZD31BXXI9Pi9uT

37 B
354 B

11ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?gdpr=1&mid=5316&dongle=fa68&xuid=WNgCAlnQAVNDiFACCIpJUw3ZV1ZD31BXXI9Pi9uT
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://eb2.3lift.com/xuid?gdpr=1&mid=5316&dongle=fa68&xuid=WNgCAlnQAVNDiFACCIpJUw3ZV1ZD31BXXI9Pi9uT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 61E0
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=6019&xuid=zeLbE85S1Ncukb5&dongle=465e&gdpr=1&gdpr_consent=

37 B
354 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=6019&xuid=zeLbE85S1Ncukb5&dongle=465e&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:02 GMT
Server: PingMatch/v2.0.30-700-g8d321aa#rel-ec2-master i-0aa4ff6ab45be3113@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://eb2.3lift.com/xuid?mid=6019&xuid=zeLbE85S1Ncukb5&dongle=465e&gdpr=1&gdpr_consent=
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iu3
aax-eu.amazon-adsystem.com/s/ Frame 61E0
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=1643534967866810278924
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1643534967866810278924&dcc=t

0
0

32ms
32ms

Image
text/html

52.95.115.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1643534967866810278924&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Server: 52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:02 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: D1GGGAVVCX1Q7BSJC0DE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1643534967866810278924&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK CookieSyncTripleLift&gdpr=1&gdpr_consent=
rtb.adentifi.com/ Frame 61E0 0
88 B 407ms
96ms Image
text/plain 34.206.79.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncTripleLift&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.79.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-79-92.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2

200

value=1643534967866810278924
sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/ Frame 61E0
Redirect Chain

https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=1643534967866810278924
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=1643534967866810278924

43 B
524 B

271ms
270ms

Image
image/gif

52.64.162.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=1643534967866810278924
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 52.64.162.179 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-64-162-179.ap-southeast-2.compute.amazonaws.com
Software: Match/6755.56fe4e1bd4ab3854d5aff5b91350f6a35636daa1 (i-05c1a3ed4817777e5) /
Resource Hash: 82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:03 GMT
server: Match/6755.56fe4e1bd4ab3854d5aff5b91350f6a35636daa1 (i-05c1a3ed4817777e5)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: image/gif
content-length: 43
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:03 GMT
server: Match/6755.56fe4e1bd4ab3854d5aff5b91350f6a35636daa1 (i-04f61143a23253afd)
p3p: CP="NOI NID ADMa PSAa OUR BUS COM NAV"
location: https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=1643534967866810278924
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
expires: -1

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 61E0 0
331 B 76ms
19ms Image
text/plain 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1245&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:02 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

xuid
eb2.3lift.com/ Frame 61E0
Redirect Chain

https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=1&gdpr_consent=
https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=1&gdpr_consent=&tc=1
https://eb2.3lift.com/xuid?mid=6547&xuid=d6Xp1gi2rgC9yO3N7bpu&dongle=45fg&pi=triplelift&gdpr_consent=&gdpr=1&tc=1

37 B
354 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=6547&xuid=d6Xp1gi2rgC9yO3N7bpu&dongle=45fg&pi=triplelift&gdpr_consent=&gdpr=1&tc=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=6547&xuid=d6Xp1gi2rgC9yO3N7bpu&dongle=45fg&pi=triplelift&gdpr_consent=&gdpr=1&tc=1
pragma: no-cache
date: Tue, 25 Jan 2022 22:30:02 GMT, Tue, 25 Jan 2022 22:30:02 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 93BA 1 KB
3 KB 37ms
37ms Document
text/html 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://minimore.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cdcafc9cc185f849ab91b57aeb2dc2d8f07305046cccb8f058bbc380d3851834

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 73|46|88|130|41|65|188|221
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Expires: Tue, 25 Jan 2022 22:30:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:02 GMT
Content-Length: 1519
Connection: keep-alive

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BB9E 3 KB
4 KB 499ms
162ms Script
text/html 104.36.113.23
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74079482&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 61ca24645eb9eb3d7ac3ad3ff096269b8f0beca2ac5b788a06f38c02bbfc5fc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:02 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E328 0
735 B 7ms
7ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:02 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1affe660-ed80-4e88-9115-11dd22fd2982
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 YfB56cj8rJs8K-1hv-YszgAABMQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 93BA 43 B
990 B 37ms
33ms Image
image/gif 2a05:d018:d29:3605:f8ff:4e61:fc04:1ff8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YfB56cj8rJs8K-1hv-YszgAABMQAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://minimore.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:f8ff:4e61:fc04:1ff8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:02 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 93BA 0
0 45ms
13ms Image
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://minimore.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 93BA 85 B
259 B 102ms
98ms Image
image/png 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://minimore.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:02 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1643149803.686906,VS0,VE93
x-served-by: cache-hhn4041-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-type: image/png
content-length: 85
x-cache-hits: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 93BA
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACUtU7D4PQAAEGMcOpevA&expiration=1644359402&gdpr=1

43 B
1 KB

13ms
13ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACUtU7D4PQAAEGMcOpevA&expiration=1644359402&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://minimore.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 25 Jan 2022 22:30:02 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACUtU7D4PQAAEGMcOpevA&expiration=1644359402&gdpr=1
Date: Tue, 25 Jan 2022 22:30:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 93BA 43 B
408 B 531ms
154ms Image
image/gif 72.251.232.229
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://minimore.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.232.229 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:03 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: sjc-delivery-1
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 93BA
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643236202&gdpr=1

43 B
315 B

244ms
15ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643236202&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://minimore.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:02 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 25 Jan 2022 22:30:02 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1643236202&gdpr=1
pragma: no-cache
date: Tue, 25 Jan 2022 22:30:02 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame 93BA 0
88 B 389ms
96ms Image
text/plain 34.206.79.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://minimore.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.79.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-79-92.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2 200 tpid=YfB56cj8rJs8K.1hv.YszgAA%261220
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame 93BA 49 B
264 B 40ms
38ms Image
image/gif 54.229.233.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YfB56cj8rJs8K.1hv.YszgAA%261220?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://minimore.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.233.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-233-249.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.22.93
content-type: image/gif
content-length: 49
expires: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 93BA 43 B
424 B 9ms
8ms Image
image/gif 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YfB56cj8rJs8K.1hv.YszgAA%261220
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://minimore.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 22:30:02 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=598
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 25 Jan 2022 22:40:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A6EA 32 KB
10 KB 9ms
7ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1b4d44fb3e74973d5ce13318ef23971fa3c9109c3bbf4db89dbdeb2aff528b15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 22:30:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=73384
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9704
Expires: Wed, 26 Jan 2022 18:53:06 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame A6EA 0
0 88ms
19ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame A6EA 70 B
264 B 46ms
44ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame A6EA
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/9xU_qewpkLT-j2DxKwHPJA?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4007180525440373652

0
239 B

155ms
154ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4007180525440373652
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type: image/gif

Redirect headers

date: Tue, 25 Jan 2022 22:30:03 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4007180525440373652
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame A6EA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfB56QABSkS9RwBB

0
239 B

616ms
153ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfB56QABSkS9RwBB
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1643149803.804593,VS0,VE0
x-served-by: cache-hhn4041-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YfB56QABSkS9RwBB
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame A6EA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEDx7vnpjaSa3QkQih6OZeg&google_cver=1

0
239 B

608ms
153ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEDx7vnpjaSa3QkQih6OZeg&google_cver=1
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEDx7vnpjaSa3QkQih6OZeg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A6EA
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lVT1lSTUMtVS1GWjJO

170 B
188 B

48ms
48ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lVT1lSTUMtVS1GWjJO

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lVT1lSTUMtVS1GWjJO
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame A6EA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1ca461f0-79e9-4e00-b7d1-390af1646a45&expires=28

0
239 B

616ms
156ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1ca461f0-79e9-4e00-b7d1-390af1646a45&expires=28
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type: image/gif

Redirect headers

Date: Tue, 25 Jan 2022 22:30:02 GMT
Server: MT3 4133 baa842e master cdg-pixel-x25 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1ca461f0-79e9-4e00-b7d1-390af1646a45&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 25 Jan 2022 22:30:01 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A6EA
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzY5YWYyNzc0Njg1NzVkYWE2NDhhMjE3YzdlNmNjZDliOWRiYTkxYQ

170 B
188 B

49ms
49ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzY5YWYyNzc0Njg1NzVkYWE2NDhhMjE3YzdlNmNjZDliOWRiYTkxYQ

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MzY5YWYyNzc0Njg1NzVkYWE2NDhhMjE3YzdlNmNjZDliOWRiYTkxYQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 3DC0
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=512ED59C-E11D-4EDE-B90A-E7FB4123CCD4
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=512ED59C-E11D-4EDE-B90A-E7FB4123CCD4

35 B
467 B

20ms
20ms

Document
image/gif

37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=512ED59C-E11D-4EDE-B90A-E7FB4123CCD4

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 25 Jan 2022 22:30:03 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Tue, 25 Jan 2022 22:30:03 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=512ED59C-E11D-4EDE-B90A-E7FB4123CCD4
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 59B7
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfB56QABSkS9RwBB&gdpr=0&gdpr_consent=

1 B
238 B

60ms
17ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfB56QABSkS9RwBB&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 25 Jan 2022 22:30:03 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: lhrpug009:0:2400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YfB56QABSkS9RwBB&gdpr=0&gdpr_consent=
accept-ranges: bytes
date: Tue, 25 Jan 2022 22:30:03 GMT
via: 1.1 varnish
x-served-by: cache-hhn4041-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1643149803.136631,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E86A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1ca461f0-79e9-4e00-b7d1-390af1646a45&gdpr=0&gdpr_consent=

42 B
339 B

49ms
16ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1ca461f0-79e9-4e00-b7d1-390af1646a45&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 25 Jan 2022 22:30:03 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug011:0:658
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Tue, 25 Jan 2022 22:30:03 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master cdg-pixel-x28 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1ca461f0-79e9-4e00-b7d1-390af1646a45&gdpr=0&gdpr_consent=
Expires: Tue, 25 Jan 2022 22:30:02 GMT

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 8528
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDVXRVN0Q0UFFBQUVHTWNPcGV2QQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACUtU7D4PQAAEGMcOpevA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...

43 B
163 B

420ms
122ms

Document
image/gif

199.187.193.193
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACUtU7D4PQAAEGMcOpevA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.193 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 25 Jan 2022 22:30:03 GMT
content-type: image/gif
transfer-encoding: chunked

Redirect headers

Date: Tue, 25 Jan 2022 22:30:03 GMT
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACUtU7D4PQAAEGMcOpevA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 4769 43 B
408 B 235ms
155ms Document
image/gif 72.251.232.229
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.232.229 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Date: Tue, 25 Jan 2022 22:30:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: sjc-delivery-1
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 06C0
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
111 B

16ms
15ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 25 Jan 2022 22:30:03 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug026:0:394
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

date: Tue, 25 Jan 2022 22:30:02 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: Tue, 25 Jan 2022 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1583296
strict-transport-security: max-age=31536000; preload;

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BB9E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=US7VnOEdTt65Cuf7QSPM1A%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

8ms
8ms

Image
text/html

2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:03 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=138614
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Thu, 27 Jan 2022 13:00:17 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 420486.gif
idsync.rlcdn.com/ Frame BB9E 0
44 B 23ms
22ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420486.gif?partner_uid=512ED59C-E11D-4EDE-B90A-E7FB4123CCD4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:03 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame BB9E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1ca461f0-79e9-4e00-b7d1-390af1646a45

0
128 B

511ms
162ms

Image
text/plain

204.237.133.121
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1ca461f0-79e9-4e00-b7d1-390af1646a45
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 204.237.133.121 Philadelphia, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:03 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 25 Jan 2022 22:30:03 GMT
Server: MT3 4133 baa842e master cdg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1ca461f0-79e9-4e00-b7d1-390af1646a45
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 25 Jan 2022 22:30:02 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BB9E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTEyRUQ1OUMtRTExRC00RURFLUI5MEEtRTdGQjQxMjNDQ0Q0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
186 B

473ms
162ms

Image
image/gif

104.36.113.17
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:03 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug005:0:910
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BB9E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHqt3Vx-eIRTLiOSCtE1BkE&google_cver=1

42 B
591 B

471ms
161ms

Image
image/gif

104.36.113.17
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHqt3Vx-eIRTLiOSCtE1BkE&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:02 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug006:0:281
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHqt3Vx-eIRTLiOSCtE1BkE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame BB9E 43 B
409 B 16ms
14ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:03 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 24 Jan 2022 22:30:03 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame BB9E
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7878509948980262650&gdpr=0&gdpr_consent=&us_privacy=

1 B
187 B

36ms
15ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7878509948980262650&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:03 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug025:0:436
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7878509948980262650&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Tue, 25 Jan 2022 22:30:02 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame BB9E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d5508542-7ef5-437c-ac95-943be9b2a954

42 B
603 B

18ms
15ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d5508542-7ef5-437c-ac95-943be9b2a954
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:03 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:418
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:03 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d5508542-7ef5-437c-ac95-943be9b2a954
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2 200 512ED59C-E11D-4EDE-B90A-E7FB4123CCD4
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame BB9E 43 B
990 B 36ms
34ms Image
image/gif 2a05:d018:d29:3605:f8ff:4e61:fc04:1ff8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/512ED59C-E11D-4EDE-B90A-E7FB4123CCD4?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:f8ff:4e61:fc04:1ff8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:03 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame BB9E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=512ED59C-E11D-4EDE-B90A-E7FB4123CCD4&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KSqIHQlE2uVcN5ucwMqG6qYMwlmjW_Y-~A&gdpr=0&gdpr_consent=

0
260 B

494ms
162ms

Image
text/plain

204.237.133.121
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KSqIHQlE2uVcN5ucwMqG6qYMwlmjW_Y-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 204.237.133.121 Philadelphia, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:02 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KSqIHQlE2uVcN5ucwMqG6qYMwlmjW_Y-~A&gdpr=0&gdpr_consent=
date: Tue, 25 Jan 2022 22:30:03 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BB9E
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2685644907964891823&gdpr=0&gdpr_consent=

42 B
388 B

510ms
161ms

Image
image/gif

104.36.113.17
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2685644907964891823&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:01 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug001:0:426
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:03 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 7f58273a-ba93-4c4d-af15-be0739685b00
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2685644907964891823&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BB9E
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
359 B

428ms
161ms

Image
image/gif

104.36.113.17
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 104.36.113.17 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 16:49:03 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug004:0:385
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:02 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame BB9E 0
103 B 61ms
13ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=512ED59C-E11D-4EDE-B90A-E7FB4123CCD4&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:03 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E328 0
735 B 9ms
9ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jan 2022 22:30:03 GMT
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2403cee5-fa02-4c5a-99ea-d44d7b363c5b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame BB9E 0
260 B 81ms
15ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158497&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 22:30:04 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 /
track.adform.net/serving/unload/ Frame EB5C 35 B
502 B 19ms
19ms Ping
image/gif 37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@36796705,2481617658105633653,0|0|0|0|0|0|0|0|0||0|1|1538|bd6fe819-bfc9-406a-9c22-ec59d8046b36_1|||1|0|0|yMRq8W5p5T3i5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 22:30:06 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?qnP3FA

Domain: sync.adotmob.com
URL: https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

79 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mrtnsvr.com/sync	1970-01-20 09:12:52	Name: userId Value: G7KoFx54M
.3lift.com/sync	1970-01-20 02:35:25	Name: sync Value: CgoIgAIQ-ezwmukvCgoIgQIQ4uvwmukvCgoIggIQ5vjwmukvCgoIhwIQ4uvwmukvCgkICRDi6_Ca6S8KCgiJAhD57PCa6S8KCQhJEOb48JrpLwoJCAsQ4uvwmukvCgoIiwIQ5vjwmukvCgoIjAIQ4uvwmukvCgoIzgEQgezwmukvCgoIjgEQgezwmukvCgoIjwIQ5vjwmukvCgoIkAIQ5vjwmukvCgoIkQIQgezwmukvCgoIkgIQgezwmukvCgoIlAIQ-ezwmukvCgoIlgIQ-ezwmukvCgoI1gEQ-ezwmukvCgoIlwIQ-ezwmukvCgoImAIQgezwmukvCgoImQIQgezwmukvCgoImgIQ-ezwmukvCgoImwIQgezwmukvCgkIGxD57PCa6S8KCgicAhCB7PCa6S8KCgidAhDm-PCa6S8KCgieAhDi6_Ca6S8KCgjeARD57PCa6S8KCQhfEOLr8JrpLwoJCB8QgezwmukvCgoIoQEQ-ezwmukvCgoI4gEQ4uvwmukvCgoI4wEQ5vjwmukvCgoI5gEQ4uvwmukvCgoI5wEQ5vjwmukvCgkIcxDm-PCa6S8KCQg5EIHs8JrpLwoJCDoQ4uvwmukvCgoI_wEQ5vjwmukv
.minimore.com/	1969-12-31 23:59:59	Name: mmid Value: 35vlo3vt1313hmc5fh7e4rpu30
minimore.com/	1970-01-20 01:09:01	Name: _pbjs_userid_consent_data Value: 3524755945110770
.minimore.com/	1970-01-20 04:45:01	Name: _pubcid Value: 5ed95476-a091-416c-9a7a-efe0d5aae598
.minimore.com/	1970-01-20 17:57:01	Name: _ga Value: GA1.2.183532480.1643149799
.minimore.com/	1970-01-20 00:27:16	Name: _gid Value: GA1.2.948121949.1643149799
.minimore.com/	1970-01-20 00:25:49	Name: _gat Value: 1
.rubiconproject.com/	1970-01-20 09:11:25	Name: khaos Value: KYUOYRMC-U-FZ2N
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|XoTpdAZC/OrCXi+t2tt8Mx7c5rJaP5uXhxptHvrzPAh1r4P5O2ziQ6qdYLyMi4/FKQattD3GB2TGFkanCXKRK1XEokALhlcJ9R8vVZqNCxgmzGqqEKVXU66THvScWV7/AA==
.rubiconproject.com/	1970-01-20 09:11:25	Name: audit Value: 1\|naVuGyos1qpqfiytWd1vfz5APvdogVCbaTd6KyMQnat7y9GyzaExIYy6pLg9Qtp1La8kNA+c8G5ymPvo8plePzm05Xhm+qskudG7ymXM6VE=
minimore.com/	1970-01-20 09:47:25	Name: cto_bidid Value: 5MluKV9LcER1Z002OTlJcTFNa3RWcHpGY2Y3UXBwRGZjJTJGaUFRSGFKJTJCVUNRRFZMVmdmMWclMkJ6S2VwUEozODAzOHJkT1RNYzdyUm10UXNnUlZYM1BmaTklMkI2TkN3JTNEJTNE
minimore.com/	1970-01-20 09:47:25	Name: cto_bundle Value: UV_nBV9zWHUxb2ZTRnV5RzZDRiUyQjJFdWo0VVNNbUlQb3VHb2tHelRYcUhrRmxneXdFUzRDJTJGT3Y0WTUlMkJHU3UzS2o5RWg3eDhITVVlNkZaRXpqTWdyWTh0dXpxejRCN093NE1DdUZXUlBHbkZocWpIaGJRS0VTOG5LVm1KT2ZLSXlPV3ZLSg
.doubleclick.net/	1970-01-20 09:47:25	Name: IDE Value: AHWqTUnDUqNoe-Fbmdh5iA7gUo5mOy8aXrVavICFlI_ZEcTb-ElVskpc2jyjfdaQWLk
.doubleclick.net/	1970-01-20 00:25:50	Name: test_cookie Value: CheckForPermission
.minimore.com/	1970-01-20 09:47:25	Name: __gads Value: ID=438b8c290504502c-222ee2c22bcd004f:T=1643149799:S=ALNI_Ma4LAVd1oYoDmjfzdOQRPm9xhAL1w
.3lift.com/	1970-01-20 02:35:25	Name: tluid Value: 1643534967866810278924
.adnxs.com/	1970-01-20 02:35:25	Name: uuid2 Value: 2685644907964891823
.bing.com/	1970-01-20 09:47:25	Name: MUID Value: 11EAF2FB339167EE1E2FE3CC3243661F
.mathtag.com/	1970-01-20 09:51:45	Name: uuid Value: 1ca461f0-79e9-4e00-b7d1-390af1646a45
.casalemedia.com/	1970-01-20 09:11:25	Name: CMID Value: YfB56cj8rJs8K.1hv.YszgAA
.casalemedia.com/	1970-01-20 02:35:25	Name: CMPS Value: 3268
.turn.com/	1970-01-20 04:45:01	Name: uid Value: 7878509948980262650
.yahoo.com/	1970-01-20 09:11:47	Name: A3 Value: d=AQABBOl58GECEAHH2ifGy7VIx6ZnHp5x2bEFEgEBAQHL8WH6YQAAAAAA_eMAAA&S=AQAAAhHTkTgPxhdAM09Dx825RW4
.casalemedia.com/	1970-01-20 02:35:25	Name: CMPRO Value: 1220
.everesttech.net/	1970-01-20 09:11:25	Name: everest_g_v2 Value: g_surferid~YfB56QABSkS9RwBB
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:57:43	Name: bcookie Value: "v=2&f96b6e80-501f-4e58-88bd-7e5b07c3553b"
.linkedin.com/	1970-01-20 17:38:31	Name: li_gc Value: MTswOzE2NDMxNDk4MDE7MjswMjEdLRBS5gXKRcq2hFzlZbmD/nFB+pL4xZfjjPJohOqfmA==
.linkedin.com/	1970-01-20 00:27:16	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2542:u=1:x=1:i=1643149801:t=1643236201:v=2:sig=AQEjTABHnqW2EAszbbP6VGpCj1nxx1Gc"
.bidr.io/	1970-01-20 09:54:19	Name: bito Value: AACUtU7D4PQAAEGMcOpevA
.bidr.io/	1970-01-20 09:54:19	Name: bitoIsSecure Value: ok
.crwdcntrl.net/	1970-01-20 06:54:36	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 06:54:36	Name: _cc_id Value: 813426cce74f05c74e9a1bd313b499a5
.crwdcntrl.net/	1970-01-20 06:54:37	Name: _cc_cc Value: "ACZ4XmNQsDA0NjEyS05ONTdJMzBNNjdJtUw0TEoxNjROMrG0TDRlAILED5UvQTQUAABY4wtm"
.crwdcntrl.net/	1970-01-20 06:54:37	Name: _cc_aud Value: "ABR4XmNgYGBI%2FFD5EkhBAQAhPwK0"
.adsrvr.org/	1970-01-20 09:11:25	Name: TDID Value: d5508542-7ef5-437c-ac95-943be9b2a954
minimore.com/	1970-01-20 01:52:13	Name: pubmatic-unifiedid Value: %7B%22TDID%22%3A%22d5508542-7ef5-437c-ac95-943be9b2a954%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-01-25T22%3A30%3A01%22%7D
sync.srv.stackadapt.com/	1970-01-20 09:11:25	Name: sa-user-id Value: s%3A0-37b29cc0-1a0d-46c6-504e-069d8ba7579f.YSrzH%2BS2I1BNypxUFEpPTeOo3ei7mGsne6ul2O4KZwg
.srv.stackadapt.com/	1970-01-20 09:11:25	Name: sa-user-id-v2 Value: s%3A0-37b29cc0-1a0d-46c6-504e-069d8ba7579f%24ip%24185.213.155.163.DFdZlnXom0lwP%2BFrCJ2KthTnVKS8ZOiNXnhOdVShBf4
.criteo.com/	1970-01-20 09:47:25	Name: uid Value: d543006e-9115-4525-a6df-ed643f37a04b
.minimore.com/	1970-01-20 09:47:25	Name: cto_bundle Value: ptdt6l9zWHUxb2ZTRnV5RzZDRiUyQjJFdWo0VVczdjJUZEJRR1ltdDZMbHdudDFGeWhjTm5NMGlzakNaTjZDJTJGZjZTMUhnN0lpTmt4U2NFWFUlMkYlMkJIZjElMkI1MzUlMkZnS1pGakQ2QUNXRmZRUWx2MEpGRSUyQllKdHE1b2QyOFNjdHdjSiUyRjJnTGltVUQyTHFKYVVFaUJuTzVkQjlFJTJCJTJGRUZndyUzRCUzRA
.mfadsrvr.com/	1970-01-20 17:57:01	Name: tuuid Value: 68606eba-53ec-4249-835a-38987125a61d
.mfadsrvr.com/	1970-01-20 17:57:01	Name: c Value: 1643149801
.mfadsrvr.com/	1970-01-20 17:57:01	Name: tuuid_lu Value: 1643149801
.mfadsrvr.com/	1970-01-20 17:57:01	Name: ssh Value: !triplelift,1643149801
.ads.pubmatic.com/	1970-01-20 00:27:16	Name: KCCH Value: YES
.casalemedia.com/	1970-01-20 00:27:16	Name: CMST Value: YfB56WHweeoA
.quantserve.com/	1970-01-20 02:35:25	Name: d Value: EBkBDQGkJez6kwA
.quantserve.com/	1970-01-20 09:56:04	Name: mc Value: 61f079ea-a40fc-ac03d-64e2f
.simpli.fi/	1970-01-20 09:12:52	Name: suid Value: 6863561DC9284FFEB17B932B433FA6BC
.casalemedia.com/	1970-01-20 09:11:25	Name: CMRUM3 Value: e661f079e92760&dd61f079ea2760&2e61f079ea05a0&2d61f079e92760CAESELJrOmhylbUDy5AkxErVgSs&8261f079ea2760AACUtU7D4PQAAEGMcOpevA&2961f079ea05a0&0d61f079e905a0&5861f079ea05a0&bf61f079e905a0&f161f079e905a0&4161f079ea05a0&bc61f079ea05a00&2761f079e90b40&4961f079ea05a0&c361f079e92760av-fb850740-8e35-4297-a752-48b58a93c0d0
.mathtag.com/	1970-01-20 01:09:01	Name: mt_mop Value: 9:1643149802
.creativecdn.com/	1970-01-20 09:11:25	Name: u Value: d6Xp1gi2rgC9yO3N7bpu
.creativecdn.com/	1970-01-20 09:11:25	Name: ts Value: 1643149802
.ipredictive.com/	1970-01-20 09:11:25	Name: cu Value: 56b747b4-7e2e-11ec-a519-b1962ed8ea81\|1643149803009
.w55c.net/	1970-01-20 09:56:04	Name: wfivefivec Value: zeLbE85S1Ncukb5
.pubmatic.com/	1970-01-20 02:35:25	Name: KADUSERCOOKIE Value: 512ED59C-E11D-4EDE-B90A-E7FB4123CCD4
.pubmatic.com/	1970-01-20 02:35:25	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 00:27:16	Name: pi Value: 158497:2
.pubmatic.com/	1970-01-20 02:35:25	Name: DPSync3 Value: 1644278400%3A197_201%7C1643673600%3A164%7C1643155200%3A174
.pubmatic.com/	1970-01-20 02:35:25	Name: SyncRTB3 Value: 1644278400%3A13_22_7_3_55_21_71_166_165_220_54%7C1643673600%3A2_223_15%7C1644364800%3A35
.adform.net/	1970-01-20 01:10:28	Name: C Value: 1
.adform.net/	1970-01-20 01:52:13	Name: uid Value: 840635747058970979
.adsrvr.org/	1970-01-20 09:11:25	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwjApsq1iJewOhAFGAEgASgCMgsIwJ7N4p6XsDoQBTgBWghwdWJtYXRpY2AC
.analytics.yahoo.com/	1970-01-20 09:12:52	Name: IDSYNC Value: 18z8~22va
.w55c.net/	1970-01-20 01:09:01	Name: matchtriplelift Value: 5
.pubmatic.com/	1970-01-20 02:35:25	Name: KRTBCOOKIE_377 Value: 6810-d5508542-7ef5-437c-ac95-943be9b2a954&KRTB&22918-d5508542-7ef5-437c-ac95-943be9b2a954&KRTB&23031-d5508542-7ef5-437c-ac95-943be9b2a954
.pubmatic.com/	1970-01-20 01:09:01	Name: KRTBCOOKIE_22 Value: 14911-7878509948980262650
.pubmatic.com/	1970-01-20 02:35:25	Name: KRTBCOOKIE_27 Value: 16735-uid:1ca461f0-79e9-4e00-b7d1-390af1646a45&KRTB&16736-uid:1ca461f0-79e9-4e00-b7d1-390af1646a45&KRTB&23019-uid:1ca461f0-79e9-4e00-b7d1-390af1646a45&KRTB&23208-uid:1ca461f0-79e9-4e00-b7d1-390af1646a45
.pubmatic.com/	1970-01-20 02:35:25	Name: KRTBCOOKIE_218 Value: 4056-YfB56QABSkS9RwBB&KRTB&22978-YfB56QABSkS9RwBB&KRTB&23194-YfB56QABSkS9RwBB&KRTB&23209-YfB56QABSkS9RwBB
.realestate.com.au/	1970-01-25 20:29:45	Name: mid Value: 6900596085764538593
.pubmatic.com/	1970-01-20 02:35:25	Name: KRTBCOOKIE_80 Value: 22987-CAESEHqt3Vx-eIRTLiOSCtE1BkE&KRTB&16514-CAESEHqt3Vx-eIRTLiOSCtE1BkE&KRTB&23025-CAESEHqt3Vx-eIRTLiOSCtE1BkE
.pubmatic.com/	1970-01-20 02:35:25	Name: PUBMDCID Value: 1
.pubmatic.com/	1970-01-20 02:35:25	Name: KRTBCOOKIE_188 Value: 3189-no-consent
.pubmatic.com/	1970-01-20 02:35:25	Name: KRTBCOOKIE_57 Value: 22776-2685644907964891823&KRTB&23339-2685644907964891823
.pubmatic.com/	1970-01-20 01:09:01	Name: PugT Value: 1643149801
.pubmatic.com/	1970-01-20 01:09:01	Name: SPugT Value: 1643149803
.realestate.com.au/	1970-01-20 09:11:25	Name: External Value: %2FTRIPLELIFT%3D1643534967866810278924%2F_EXP%3D1674685803%2F_exp%3D1674685803

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://minimore.com/b/Gd3dq/1(Line 5) Message: The key "target-densitydpi" is not supported.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=1643534967866810278924 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=1643534967866810278924 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://eb2.3lift.com/xuidmid=7976&xuid=G7KoFx54M&dongle=u6nf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://c1.adform.net/serving/cookie/match?party=1245&gdpr=1&gdpr_consent= Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/420486.gif?partner_uid=512ED59C-E11D-4EDE-B90A-E7FB4123CCD4 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a2192.casalemedia.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
adasia-d.openx.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
anymind360.com
b1sync.zemanta.com
b1t-eudc1.zemanta.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
bidder.criteo.com
bttrack.com
c.bing.com
c.min.ms
c1.adform.net
c15110ceda5b855b7e0c58e2769d08ac.safeframe.googlesyndication.com
casale-match.dotomi.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
dis.criteo.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.3lift.com
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
match.adsrvr.org
match.prod.bidr.io
minimore.com
mug.criteo.com
nep.advangelists.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.ad.smaato.net
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r3---sn-5hne6nsr.c.2mdn.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s1.adform.net
sasinator.realestate.com.au
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
stas.outbrain.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adotmob.com
sync.hgrtb.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
triplelift-match.dotomi.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us.creativecdn.com
widgets.zemanta.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.bidswitch.net
zem.outbrainimg.com
sync.adotmob.com
tpc.googlesyndication.com
104.36.113.17
104.36.113.23
104.92.74.8
108.157.4.109
13.248.245.213
142.250.181.226
15.197.193.217
151.101.14.132
151.101.66.132
151.101.66.49
159.122.14.34
173.194.73.154
178.250.0.157
178.250.0.165
178.250.2.151
18.197.84.79
18.201.7.199
185.170.60.223
185.184.10.30
185.29.134.244
185.33.221.13
185.64.189.112
185.64.190.80
185.86.138.122
192.132.33.46
198.47.127.20
199.187.193.193
2.21.111.28
2.21.141.148
2.21.141.175
2.21.141.232
2001:4860:4802:32::3
2001:678:cb4:bbbb::11
204.237.133.121
207.198.113.171
213.227.153.220
2602:803:c003:200::41
2606:4700:20::681a:8a9
2606:4700:3034::6815:5d59
2606:4700:3036::ac43:d4f6
2620:116:800d:21:f916:5049:f87f:108e
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:830::200a
2a00:1450:400c:c06::9c
2a00:1450:400e:6::8
2a00:1450:400f:802::200e
2a00:1450:400f:803::2002
2a00:1450:400f:804::2001
2a00:1450:400f:804::200a
2a00:1450:400f:80c::2003
2a00:1450:400f:80d::2002
2a00:1450:400f:80d::200e
2a02:2638:1::13
2a02:2638:1::3
2a02:fa8:8806:13::1400
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:400::645
2a05:d018:d29:3605:f8ff:4e61:fc04:1ff8
3.126.56.137
34.102.163.6
34.193.59.132
34.206.79.92
34.232.92.67
34.98.64.218
35.156.3.27
35.158.60.56
35.244.174.68
37.157.2.238
37.157.2.249
37.157.6.246
37.252.173.27
44.202.78.54
52.31.13.93
52.46.130.91
52.64.162.179
52.95.115.255
54.144.85.208
54.229.233.249
54.71.47.92
54.82.194.177
64.202.112.255
64.202.112.63
72.251.232.229
8.39.36.141
0242290e99cc90de276b2920ca668b8f8d662e1d82bfefa90ecc47beb6c16aaa
03e8137e08e2c28fe1c0bd7a4d2d3125dc579a3de03793bb6f6c1a48c9682eff
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0686e48316c6e36b37e64e0bf109248aca130a9944aca0cf04c7c0754712f6ee
0808dc2d2a687e420d40b158c5f88ff5241c36d014c36ee586744cfb9c5ed47e
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
08b9a06ea03c286ff3dea88f9ea3d86896d44e9f73543f8ecd43cb71b0b4c009
0aabdc513de62dcc6b946b5fd77b3bc20ecce90254b9088351dc31bfaec99f56
0ae298f2509111b6eff0a258cb53fafcd63adbacfef38e453f46d7ff50edc24e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbbd3072c721effa98fbdb50024f33b68c2497f1e7be8603053ea405b4677a5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cf0d2c57ff789c0fe0cb96a31924f416cf0d4810177d4dd5556a18b22578cb8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13de66596d19798ffdcad167e0913ab7afddc5ad944f669242dbeb87814843d4
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
185c8f0ba5c84bb93c5ce2c23f353a9f5db8d4b7cdb4a03d816867c2a3871ed0
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ecfe31ee74c430f45c0335a5ff772e050f911b8ebc908ea4c553e7b59c284e
1b1c9f1fd1510f0de730e29cea0b263d29ef032469c3c5a22ec410f6fbb6e59a
1b4d44fb3e74973d5ce13318ef23971fa3c9109c3bbf4db89dbdeb2aff528b15
1ce4fdbc18bd742b5ac6295e92f7c76519804e864d78fd51b9e4251841fd9c38
1dd583c8ff8eaeeb2f5622845527acbf0e4a875e335b4b706b305590d5a7b456
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
292cd5300be1b6bbb20d4b9d1c94c74974f917e406d06327d39fda96a998c1f9
2942f35cd9347557c5ad6a468803878b7f4e4e3a954906421e8282ec286dec42
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
29e6bd1072724eba590eab0c6fc244f29d346ac5ca3a97281c7178c97680005a
2b3334ae35d100a66c0d08b4405e2e334f495cda27b564b38e7eabb08607fdee
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e79f8258727924b28fd16911c591d077ff2c32509f7f16544c79bb68e4366e5
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
3249631fbc5c94178ff4773d364d3d4fd0facbb4f900260ad690514d0a006c9b
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
33645086e037dd138bf770a2e9c3cf1d9a4232698a05729c467373f550825055
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
35a9163ef6a49ede1428d044369ee6bc1aebc6a3aff55aa9eb375902cebb9d6c
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
39b89b930643f8ca586b4a322daca59ec22bd13381f16711466b92474ea5541b
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d61b9994ce41b7000b90f2091aa76df1f441925f9879a20db4f9adc05a1645e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41e9f95a247035978ad9a75e08a8c82627a393163155e522d25c1cafb41e5e43
423604515b29739576463f3c37aed7fb15681cb55aa14627feda8858f2caf1f8
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
43fcd2a8b70856067eb28797f7895556e93a8b03e433744a79be649df2398b69
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
46a7ad4b363112e365705c297e829fca8a22f678ddd288cfd4e7eeaf81fb933f
47507d0e4459c1c0c8459dd1f6ca95aa86bfad8e506b4e2f1234a23de1925cc4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4cf3ccdaa22b37724649b4c2a0b37ac8122dbb811ee64cec167b6cdebddc3f08
4d89ebf65c1e69c42a32862393c0a637bbcac5551f2cb866f636623349b518a6
4ee9dc9af8a4af69f6e088892caab46aa33dacd55971f303db3d98e37344849e
5132d372cb173a8a03581054f07b694cf11fbdce25ca75e0b9676abeecd101f0
52cba3c2d7f1ff44855534f5ed2300b0de74dde793a8f7aa45e0f7ab63520704
5305e5358afc5f5129d897773d195b044ef43f74e72634fef9410ef3c8da1c4c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ab99002c776d6de0ee1373bd88ea7ef87868f6afa694efb35b9f270d5d5c4f9
5e6b2cc48bd185e1ef14195edc1830bafbaf621e1dfda1e8905607da0cb6f02c
60ae27a5e13cc46f02f480cfa0d1c61008e6ae125ac71a12f0fd289b3912e392
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ca24645eb9eb3d7ac3ad3ff096269b8f0beca2ac5b788a06f38c02bbfc5fc6
627d9cdb57a45fdf9957953b33e869467d636e4501c9242b5817ab682fe2c0f5
64624efdab871a51231a587adce134bd13b4f06d45dc5b4a32c39e12c5352abf
64d6bad9d2c4c8f647de2cc0b6f9d3590f9e67710a6e194ebb0d8d662fa146c7
68aa8b79daeec81c083a87413651af06bd3fc4a61873779d05e2a94b283e1f91
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c10adb508ce231a8dd9db9d0b49871b45971578107ff302150d68698be68a9d
7225c811b9035a4ce65639eb7ab5e7850833a340a866cc8e4bc5c2ce4abe8756
749ae4d4b787b5e0bc06181c4d7ae355ac2898686fcd131a77c4d7b1e7fcfa43
74e21afa9969b32f95c20927b46cfb25ada8e98a2dc04cd0e08482fb72bebdca
77da02ea0ad34502e023def72ac44a9e73026761ff777a4ea94c8b18196f567c
7d7c31c8e64abeec514e58d87400e4ec4aa2884c23546315718519eed7b40ba4
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e354092005054186c9408c4f4418888d5aebd0407e6201a61100d23c9216274
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fed1204eb2bb4368115879eb9ba50fb9c5e7be5229f65228f441cc420309176
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
8465ff4935fbf33df92cf419e4f3a55b007b7d00fced3c66fffcb3e4a498e663
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91163e989d623ce14a1573e1cbcd6c6c74a7131c8cca7c4c4d7bb196978d437c
9517cbcdf22959f592313637d9600f4a8496df7ca90a4eb9c5f3ceb5700016bf
9531d78014d5700ec3b9c01c8d8aa418730058dd0ea800af2a7dd43d8def9f16
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9928579af053d8d7d498386a6f57bd59a49a3eada9080617d110c95ad48f5bec
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a13aef4b6665f35639d7820771e8c941cc081fb4e63776e43ea6c87c3dba5aea
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3cb618eb32df6e446ea61ca314a8a4d7be2375a7b44ef04a1d9cd493d849324
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d6b13f6cdf650f873f57ab5b279e37ed9f594759064f2b83a6b4af27030030
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77cb4e0ec4c549699e60af62918986629af286f6f6643783b368c6e2230a902
a8b2a3c2aec418a3c706a8003e3e67707e324bc2d21b0f8d5a9cf26fbec0cc56
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acbfeab6c119c670b90369a7a54fb525d2d68dcc05af848d828b6ff9f4fdaba5
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0dfb9dd15fbb314186d2132db354b12b382536fe427a5097ccecaeb618bd0ff
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1977f16bb2b7b6cbc9051a2db1d8e291aed9dd1c0ca858daa63ccb127ae614b
b277171297bfc840b62b9f160060bf8fc630389b0dee3aadcbb0e855ac7ecbc8
b3a11dc08fd87451321c1c5f318fe5c9c3142fd29f76edf45f69d7cae3008496
b67fa9a77fc336726af6baf8a3a24df07c67aa7d439ce560d2d11de67bf55a67
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdb6bc28e264db2155ebe437a649b4a41237eea35aa1ad34fdce28984216e054
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c186dde8f8122ed32d48751d14243a7fe40d85f5137199d0a6473484d3dcb41b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3166b9ae5d697ad31eebc3b95efbb58b823c0bbf8c3b1c7916c7640a2f89416
c31cb0559d5940e70c66db6cd55eb50e048a785d1c0dfbfca48e152335d5a569
c3b4c6f49ea4ff95304322fb999d4e259055ada349dd54089f8d7cbda7fa081f
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c7d05de5d4ebb403c114124fecc5581b09c977bfcefdabbfd439bd35047017c9
cdcafc9cc185f849ab91b57aeb2dc2d8f07305046cccb8f058bbc380d3851834
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1f5d7b734094009d0decf983a28839b357075aec4252ffd32b5d5cdc2b0e0c0
d69174f817beeb1128f62e8491d5ec0041ac17e136f7aac7fdf718f172bfef2f
d89bd282b43a8f4bcc1cc081893d3957d8faad98a50e0a3a8a50e80f5a8707cf
db086a0371e7d69c0c0a9160f9bfc20db6b00886a938f7d2400e916989d88d9e
e034413566571294f644c0b81ff0a93c1bb402263c0cc797b566fe457841af1a
e12fe580fbbffdcb60362f180046d465ba2ac34044e76f0b8cada90d2ca65240
e28a65cbbe342f201f15e1b9f23a7300f20c56015bf726851e1bcb6047e27144
e2ed6f4144d1c12483676cbd0bbb32aa7b23d7b7f54709176c16c782ca668dfe
e2f1edf43c46ebeb9256eba23bae73f69f60f45c93451a3e1a30d52e947bbdd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519702ef068171e1f598aa70b9a67d4dc1cbdc7f9fdd1966685a32f0e0514e9
e7c75a38078335258d8ce738cd3f4e0787aad0002007440f5d50b5764bee9ae7
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
e8be7e5733335a4a991f4b33df7d95fa406a107e2e0d1a7d97f9c485cd0c6d8f
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea50f4cb5d09ed2d0c90d45b7535f4ed67d82725dad72af49891675530331f27
ea5695da154c7e5689d62dc62cdc3ae7c8ad33c4bd2aaeb06dce6c10c3a6761e
ead6494d27dadd6a941380510a869197dbd778a506d390af64879e0784b20e03
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59ee9a7ff6df262c23892bf490a140744ea31d2611be6265b074113a9e244bd
f6bc45dd2b4cbc48175427fea5bb7123235d27e876da2535ef71f52ffe3c9959
fac90e3fae6b4554d908c9518ae6ad788d3ccd470bd5eaf62e70c5db9bf90531
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b

minimore.com Open in urlscan Pro 2606:4700:3034::6815:5d59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

303 Requests

84 %HTTPS

34 %IPv6

60 Domains

101 Subdomains

75 IPs

12 Countries

2701 kBTransfer

6790 kBSize

79 Cookies

5 Outgoing links

Redirected requests

303 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

minimore.com Open in urlscan Pro
2606:4700:3034::6815:5d59 Public Scan

Screenshot
Live screenshot

Full Image

303
Requests

84 %
HTTPS

34 %
IPv6

60
Domains

101
Subdomains

75
IPs

12
Countries

2701 kB
Transfer

6790 kB
Size

79
Cookies

303 HTTP transactions
8 data transactions