minecraftcommand.science Open in urlscan Pro
68.178.206.128 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://minecraftcommand.science/profile/grassbear8
Submission: On December 23 via manual (December 23rd 2023, 10:43:31 am UTC) from US — Scanned from CH

Summary HTTP 299 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 76 IPs in 10 countries across 75 domains to perform 299 HTTP transactions. The main IP is 68.178.206.128, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is minecraftcommand.science.
TLS certificate: Issued by R3 on December 19th 2023. Valid for: 3 months.

This is the only time minecraftcommand.science was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	68.178.206.128 68.178.206.128	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
2	2606:4700:303... 2606:4700:3038::6815:ea0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d014:776... 2a05:d014:776:a63f:551c:5660:31da:fe01	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2606:4700:10:... 2606:4700:10::6816:2f8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.16 143.204.98.16	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.156.255.65 108.156.255.65	16509 (AMAZON-02) (AMAZON-02)
1	34.243.27.157 34.243.27.157	16509 (AMAZON-02) (AMAZON-02)
1 3	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:3200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	23.57.19.78 23.57.19.78	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 28	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.111.33 34.120.111.33	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4	52.17.199.113 52.17.199.113	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
4	34.254.47.73 34.254.47.73	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
10 14	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
8 10	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4 4	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	195.201.193.117 195.201.193.117	24940 (HETZNER-AS) (HETZNER-AS)
2	18.239.81.30 18.239.81.30	16509 (AMAZON-02) (AMAZON-02)
2	2607:f350:3:2... 2607:f350:3:2569:0:10:0:a	27630 (AS-XFERNET) (AS-XFERNET)
3	63.32.232.28 63.32.232.28	16509 (AMAZON-02) (AMAZON-02)
4	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 22	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	89.149.192.65 89.149.192.65	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	145.40.97.67 145.40.97.67	54825 (PACKET) (PACKET)
2	2606:4700:440... 2606:4700:4400::6812:22b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 14	67.220.224.144 67.220.224.144	16509 (AMAZON-02) (AMAZON-02)
2	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
4	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1 1	2600:9000:25e... 2600:9000:25e8:e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	3.69.41.2 3.69.41.2	16509 (AMAZON-02) (AMAZON-02)
4 4	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2 2	46.228.164.11 46.228.164.11	() ()
1 1	2.18.160.23 2.18.160.23	16625 (AKAMAI-AS) (AKAMAI-AS)
3	3.68.18.56 3.68.18.56	16509 (AMAZON-02) (AMAZON-02)
4	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	178.32.210.231 178.32.210.231	16276 (OVH) (OVH)
2	3.233.88.120 3.233.88.120	14618 (AMAZON-AES) (AMAZON-AES)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 4	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5 6	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	2a05:d018:d29... 2a05:d018:d29:3605:b002:f48e:598f:4792	16509 (AMAZON-02) (AMAZON-02)
3 3	52.214.229.130 52.214.229.130	16509 (AMAZON-02) (AMAZON-02)
4 4	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	23.48.23.63 23.48.23.63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	216.52.2.91 216.52.2.91	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	104.18.41.104 104.18.41.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	2607:ae80:4::25 2607:ae80:4::25	26558 (FREEWHEEL) (FREEWHEEL)
1	3.248.11.85 3.248.11.85	16509 (AMAZON-02) (AMAZON-02)
59	46.105.201.233 46.105.201.233	16276 (OVH) (OVH)
3	2606:4700:10:... 2606:4700:10::6816:4092	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	184.30.16.183 184.30.16.183	16625 (AKAMAI-AS) (AKAMAI-AS)
5	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
3	35.241.31.249 35.241.31.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a02:2638:3::c 2a02:2638:3::c	() ()
1 2	35.244.193.51 35.244.193.51	() ()
1 4	157.90.211.246 157.90.211.246	() ()
4	172.64.149.180 172.64.149.180	() ()
1 1	45.137.176.88 45.137.176.88	() ()
1 1	34.160.19.107 34.160.19.107	() ()
1 1	35.214.184.48 35.214.184.48	() ()
1 1	104.22.69.131 104.22.69.131	() ()
1 1	35.204.74.118 35.204.74.118	() ()
2 2	52.57.12.239 52.57.12.239	() ()
299	76

4 68.178.206.128 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 128.206.178.68.host.secureserver.net

minecraftcommand.science	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:ea0a (United States)

ASN13335 (CLOUDFLARENET, US)

minotar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d014:776:a63f:551c:5660:31da:fe01 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

coloringpagesonly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:2f8e (United States)

ASN13335 (CLOUDFLARENET, US)

hb.vntsm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-16.fra50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.156.255.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-255-65.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.27.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-27-157.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:3200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.57.19.78 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-19-78.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 37.252.171.149 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a0795d2bff8cd0b1579ff9e100f446df.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com

cdn.edkt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.17.199.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-199-113.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.254.47.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-47-73.eu-west-1.compute.amazonaws.com

track.venatusmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 69.173.144.139 (Frankfurt am Main, Germany) 10 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.66 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.191.210 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.193.117 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.193.201.195.clients.your-server.de

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.81.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-81-30.ams58.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f350:3:2569:0:10:0:a (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.32.232.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-232-28.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.149.192.65 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 67.220.224.144 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25e8:e00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.69.41.2 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-41-2.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (None, ) 2 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.68.18.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-18-56.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.32.210.231 (Ivry-sur-Seine, France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip231.ip-178-32-210.eu

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.233.88.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-88-120.compute-1.amazonaws.com

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.143.56 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.138 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3605:b002:f48e:598f:4792 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.214.229.130 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-229-130.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.75.62.37 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-63.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.41.104 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.18 (United States) 3 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:4::25 (United States) 1 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.11.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-11-85.eu-west-1.compute.amazonaws.com

cs.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 46.105.201.233 (France)

ASN16276 (OVH, FR)

static.adbutter.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:4092 (United States)

ASN13335 (CLOUDFLARENET, US)

j.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.16.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-183.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.241.31.249 (Mountain View, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.31.241.35.bc.googleusercontent.com

data00.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (None, )

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.193.51 (None, ) 1 redirects

ASN- ()

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.90.211.246 (None, ) 1 redirects

ASN- ()

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.149.180 (None, )

ASN- ()

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.137.176.88 (None, ) 1 redirects

ASN- ()

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.19.107 (None, ) 1 redirects

ASN- ()

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.184.48 (None, ) 1 redirects

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.69.131 (None, ) 1 redirects

ASN- ()

csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (None, ) 1 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.12.239 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	adbutter.net static.adbutter.net — Cisco Umbrella Rank: 79159	988 KB
36	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478 cdn.adnxs.com — Cisco Umbrella Rank: 1605 fra1-ib.adnxs.com — Cisco Umbrella Rank: 8028 acdn.adnxs.com — Cisco Umbrella Rank: 610	200 KB
28	rubiconproject.com 15 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339 fastlane.rubiconproject.com — Cisco Umbrella Rank: 537 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 461 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2134	45 KB
24	amazon-adsystem.com 3 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807 s.amazon-adsystem.com — Cisco Umbrella Rank: 285	91 KB
22	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 484 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578 dsum.casalemedia.com Failed	25 KB
22	doubleclick.net 8 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	191 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 a0795d2bff8cd0b1579ff9e100f446df.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148	42 KB
7	yahoo.com 5 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474 ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	3 KB
7	pubmatic.com 7 redirects image2.pubmatic.com — Cisco Umbrella Rank: 859 image8.pubmatic.com — Cisco Umbrella Rank: 661	2 KB
6	adlooxtracking.com j.adlooxtracking.com — Cisco Umbrella Rank: 12414 data00.adlooxtracking.com — Cisco Umbrella Rank: 10410	85 KB
6	smartadserver.com 2 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1657 ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	16 KB
5	richaudience.com 1 redirects shb.richaudience.com — Cisco Umbrella Rank: 4065 sync.richaudience.com	2 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	1 KB
5	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	36 KB
5	cpx.to p.cpx.to — Cisco Umbrella Rank: 10397 s.cpx.to — Cisco Umbrella Rank: 7982	5 KB
5	gstatic.com fonts.gstatic.com	151 KB
4	indexww.com js-sec.indexww.com cdn.indexww.com	3 KB
4	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 776 gum.criteo.com	788 B
4	lijit.com ap.lijit.com — Cisco Umbrella Rank: 650 ce.lijit.com — Cisco Umbrella Rank: 835	1 KB
4	venatusmedia.com track.venatusmedia.com — Cisco Umbrella Rank: 26266	677 B
4	4dex.io script.4dex.io — Cisco Umbrella Rank: 1628 mp.4dex.io — Cisco Umbrella Rank: 2346	25 KB
4	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1673 a.ad.gt — Cisco Umbrella Rank: 1869	5 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042	106 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
4	minecraftcommand.science minecraftcommand.science	386 KB
3	bidr.io 3 redirects match.prod.bidr.io — Cisco Umbrella Rank: 563	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	193 KB
3	ad4m.at ad4m.at — Cisco Umbrella Rank: 11359
3	yellowblue.io cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2453 cs.yellowblue.io — Cisco Umbrella Rank: 1547	2 KB
3	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	68 B
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 546	2 KB
3	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 751	504 B
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1276 pixel.quantserve.com — Cisco Umbrella Rank: 1011 cms.quantserve.com	10 KB
3	vntsm.com hb.vntsm.com — Cisco Umbrella Rank: 27884	308 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	33across.com 1 redirects lexicon.33across.com	597 B
2	connatix.com 1 redirects capi.connatix.com — Cisco Umbrella Rank: 1010	522 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	turn.com 2 redirects ad.turn.com	859 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	903 B
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	567 B
2	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 2225	2 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1053	104 B
2	vntsm.io hb.vntsm.io — Cisco Umbrella Rank: 32882	951 B
2	minotar.net minotar.net — Cisco Umbrella Rank: 640754	2 KB
1	simpli.fi 1 redirects um.simpli.fi	623 B
1	smilewanted.com 1 redirects csync.smilewanted.com	626 B
1	loopme.me 1 redirects csync.loopme.me	291 B
1	brand-display.com 1 redirects dmp.brand-display.com	366 B
1	adotmob.com 1 redirects sync.adotmob.com	680 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 526	514 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 866	319 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 327	650 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 1383	424 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 372	140 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1381	672 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	483 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 674	443 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2813	468 B
1	edkt.io cdn.edkt.io — Cisco Umbrella Rank: 20089	8 KB
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1790	10 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1296	1 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1814	45 KB
1	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1018	922 B
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 4480 api.rlcdn.com Failed	37 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	79 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988	6 KB
1	coloringpagesonly.com coloringpagesonly.com — Cisco Umbrella Rank: 302311	84 KB
0	demdex.net Failed dpm.demdex.net Failed
0	zemanta.com Failed b1sync.zemanta.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	crwdcntrl.net Failed sync.crwdcntrl.net Failed
0	liadm.com Failed i.liadm.com Failed
299	75

	Domain	Requested by
59	static.adbutter.net	cadmus.script.ac minecraftcommand.science static.adbutter.net
14	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
14	aax-eu.amazon-adsystem.com	2 redirects cadmus.script.ac aax-eu.amazon-adsystem.com ssum-sec.casalemedia.com cs-server-s2s.yellowblue.io
13	pixel.rubiconproject.com	9 redirects aax-eu.amazon-adsystem.com
13	ib.adnxs.com	1 redirects cadmus.script.ac hb.vntsm.com aax-eu.amazon-adsystem.com acdn.adnxs.com
12	fra1-ib.adnxs.com	cadmus.script.ac cdn.adnxs.com
11	securepubads.g.doubleclick.net	hb.vntsm.com cadmus.script.ac securepubads.g.doubleclick.net minecraftcommand.science
10	cm.g.doubleclick.net	8 redirects aax-eu.amazon-adsystem.com
6	token.rubiconproject.com	5 redirects eus.rubiconproject.com
6	ssum-sec.casalemedia.com	1 redirects aax-eu.amazon-adsystem.com ssum-sec.casalemedia.com js-sec.indexww.com sync.richaudience.com
5	acdn.adnxs.com	minecraftcommand.science hb.vntsm.com
5	match.adsrvr.org	cadmus.script.ac ssum-sec.casalemedia.com aax-eu.amazon-adsystem.com hb.vntsm.com
5	fonts.gstatic.com	fonts.googleapis.com
4	sync.richaudience.com	1 redirects hb.vntsm.com sync.richaudience.com ssum-sec.casalemedia.com
4	ups.analytics.yahoo.com	4 redirects
4	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com aax-eu.amazon-adsystem.com
4	eus.rubiconproject.com	aax-eu.amazon-adsystem.com eus.rubiconproject.com hb.vntsm.com
4	id5-sync.com	cdn.id5-sync.com hb.vntsm.com sync.richaudience.com
4	prg.smartadserver.com	hb.vntsm.com
4	fastlane.rubiconproject.com	hb.vntsm.com
4	image2.pubmatic.com	4 redirects
4	track.venatusmedia.com	hb.vntsm.com
4	s.cpx.to	cadmus.script.ac
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	secure.cdn.fastclick.net	cadmus.script.ac
4	fonts.googleapis.com	minecraftcommand.science static.adbutter.net
4	minecraftcommand.science	minecraftcommand.science
3	data00.adlooxtracking.com	j.adlooxtracking.com
3	cdn.adnxs.com	cadmus.script.ac
3	j.adlooxtracking.com	cadmus.script.ac
3	image8.pubmatic.com	3 redirects
3	match.prod.bidr.io	3 redirects
3	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
3	www.googletagservices.com	cadmus.script.ac
3	ad4m.at	ssum-sec.casalemedia.com
3	match.sharethrough.com	aax-eu.amazon-adsystem.com cs-server-s2s.yellowblue.io
3	sync.1rx.io	3 redirects
3	prebid.a-mo.net	hb.vntsm.com aax-eu.amazon-adsystem.com
3	ap.lijit.com	hb.vntsm.com sync.richaudience.com
3	secure.adnxs.com	3 redirects
3	tpc.googlesyndication.com	cadmus.script.ac
3	id.hadron.ad.gt	cdn.hadronid.net hb.vntsm.com
3	c.amazon-adsystem.com	hb.vntsm.com c.amazon-adsystem.com
3	hb.vntsm.com	minecraftcommand.science hb.vntsm.com
2	pm.w55c.net	2 redirects
2	cdn.indexww.com	ssum-sec.casalemedia.com
2	js-sec.indexww.com	hb.vntsm.com
2	lexicon.33across.com	1 redirects
2	gum.criteo.com	hb.vntsm.com
2	capi.connatix.com	1 redirects aax-eu.amazon-adsystem.com
2	c1.adform.net	2 redirects
2	cs-server-s2s.yellowblue.io	aax-eu.amazon-adsystem.com cs-server-s2s.yellowblue.io
2	ssbsync.smartadserver.com	2 redirects
2	ad.turn.com	2 redirects
2	x.bidswitch.net	2 redirects
2	lb.eu-1-id5-sync.com	cadmus.script.ac hb.vntsm.com
2	mp.4dex.io	hb.vntsm.com
2	htlb.casalemedia.com	hb.vntsm.com
2	bidder.criteo.com	hb.vntsm.com
2	apex.go.sonobi.com	hb.vntsm.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	script.4dex.io	hb.vntsm.com script.4dex.io
2	i.clean.gg	cadmus.script.ac
2	hb.vntsm.io	hb.vntsm.com
2	www.google-analytics.com	minecraftcommand.science www.google-analytics.com
2	minotar.net	minecraftcommand.science
1	um.simpli.fi	1 redirects
1	csync.smilewanted.com	1 redirects
1	csync.loopme.me	1 redirects
1	dmp.brand-display.com	1 redirects
1	cms.quantserve.com	1 redirects
1	sync.adotmob.com	1 redirects
1	cs.yellowblue.io	cs-server-s2s.yellowblue.io
1	ads.stickyadstv.com	1 redirects
1	ce.lijit.com	aax-eu.amazon-adsystem.com
1	hb.yahoo.net	aax-eu.amazon-adsystem.com
1	px.ads.linkedin.com	aax-eu.amazon-adsystem.com
1	pixel-eu.rubiconproject.com	1 redirects
1	s.company-target.com	1 redirects
1	eb2.3lift.com	aax-eu.amazon-adsystem.com
1	cs.media.net	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	a.ad.gt	cadmus.script.ac
1	shb.richaudience.com	hb.vntsm.com
1	www.google.com	cadmus.script.ac
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	cdn.edkt.io	hb.vntsm.com
1	a0795d2bff8cd0b1579ff9e100f446df.safeframe.googlesyndication.com	cadmus.script.ac
1	pixel.quantserve.com
1	cdn.id5-sync.com	cadmus.script.ac
1	cdn.hadronid.net	cadmus.script.ac
1	rules.quantcount.com	cadmus.script.ac
1	config.aps.amazon-adsystem.com	cadmus.script.ac
1	secure.quantserve.com	hb.vntsm.com
1	p.cpx.to	hb.vntsm.com
1	cadmus.script.ac	hb.vntsm.com
1	ad-delivery.net	hb.vntsm.com
1	ats.rlcdn.com	hb.vntsm.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	maxcdn.bootstrapcdn.com	minecraftcommand.science
1	coloringpagesonly.com	minecraftcommand.science
0	dpm.demdex.net Failed	ssum-sec.casalemedia.com
0	b1sync.zemanta.com Failed	ssum-sec.casalemedia.com
0	sync.srv.stackadapt.com Failed	ssum-sec.casalemedia.com
0	dsum.casalemedia.com Failed	ssum-sec.casalemedia.com
0	sync.crwdcntrl.net Failed	ssum-sec.casalemedia.com
0	i.liadm.com Failed	ssum-sec.casalemedia.com
0	api.rlcdn.com Failed	hb.vntsm.com
299	111

This site contains links to these domains. Also see Links.

Domain
www.tumblr.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
minecraftcommand.science R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
minotar.net E1	`2023-12-09` - `2024-03-08`	3 months	crt.sh
coloringpagesonly.com R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.vntsm.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-10` - `2024-04-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-07` - `2024-08-06`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
script.ac E1	`2023-10-31` - `2024-01-29`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-13`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-11-14` - `2024-02-12`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
api.edkt.io GTS CA 1D4	`2023-11-25` - `2024-02-23`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.venatusmedia.com Amazon RSA 2048 M02	`2023-01-24` - `2024-02-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
a.ad.gt E1	`2023-12-12` - `2024-03-11`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.a-mo.net R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
static.adbutter.net R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh
adlooxtracking.com GTS CA 1P5	`2023-11-27` - `2024-02-25`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
*.adlooxtracking.com R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh

This page contains 36 frames:

Primary Page: https://minecraftcommand.science/profile/grassbear8
Frame ID: 7FE5ACF24A24D8F83507E80CEE56492D
Requests: 55 HTTP requests in this frame

Frame: https://hb.vntsm.com/v3/live/ad-manager.min.js
Frame ID: E27C599B4AABB2A699A47168923BB315
Requests: 43 HTTP requests in this frame

Frame: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Frame ID: A9DC20DFB85EA967D2A3CA0FA9B551E0
Requests: 1 HTTP requests in this frame

Frame: https://a0795d2bff8cd0b1579ff9e100f446df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AF112DE80C76C049694AF2C031D2D34D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3CC41EC1E13FEA0B64AB65EEC737636D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 131E75EF1A9D0017C864A8B5E8358E4F
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&dcc=t
Frame ID: A3590C82BC62C924B335496EB02AD8F7
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 3EC19221DC5B3C0A63E6B4B6E6FD02E7
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 6CD348F95A80DCFDDBE32B062DDE10A3
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 5CB24020E6B9380D785405CB87AB93BD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: 330827AF84EBF0F362E8708AB395A821
Requests: 20 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4124010633033810789&gdpr=0&gdpr_consent=
Frame ID: ECA65003170F9823E055587ABD2D5E52
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=4851895891337406080&ex=appnexus.com
Frame ID: E838CF074476A90427CBA93305A23E06
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Frame ID: 08D3698EDF8DB7A209442F4D18A6747E
Requests: 5 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Frame ID: 2F9315DA7C2AEF1C0B8A53157A973D4B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvX-wVcb4YEfCdDUqW6eCYnZvwuhi5PdfxMfyR_D39uEM_NkbG8huqmFYl2MnEaNeD3XQpWwkKHdPLh0FDDaqP9ikHJ_VWvJud84rOS2aSqNoPJsm1AsbY0yIMl0JZjUumMiCttX0ZySH7ik_lf5I2qRZX2wiwSQFvi1Wsy-u_WkW1_M17lNIH9DSnDco1SUB8FajCVUkPcHzeHHdYGA-VZ5mu7A2JQhbhH6GO_WyMdWBiyzwtug3EjSRLoTZWF77w5z05KlrD5cTeM8k-1pHw8xBhqiuv2DoWXy7apXqX7cpAZYuupsCVXFMFbVa1UlnfuC24ra8FwhGEbbSxZmsI_b6W-Mg5KxQQmHwu6iEjmkcJ_SoFdpu-KyDir2bx_oP0zca86GvBqRipzOGHa_3Y_gM&sai=AMfl-YQ8MdHdlKxST24DFTAOWBSoKcevF1FOAked28C4R-fjbju5-t5IOMd-bMxc3wuXjgkXZP1RFhsRmXsQ2JxKGchb1NsCxlL214-seJSkKB7nVYHv3RICR9e7bSQJ7A&sig=Cg0ArKJSzDQgwUv79tOEEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E0EDEC997AFBC2E005DA0F1410E96E82
Requests: 3 HTTP requests in this frame

Frame: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Frame ID: EB999BB3EF6F00129F8BC92DCF85FCE1
Requests: 24 HTTP requests in this frame

Frame: https://static.adbutter.net/libjs/third-party-pixel.js
Frame ID: 0FD9DC553A5C372233289E1E2EE22D16
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809
Frame ID: D2091D87FDD2EF84A468723B9EEB5553
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPqKRa6AkOKyLqiiclJueObFqFJ-wIWM0FNZ1hUEcUe1D_m6vpaWzUk0xuYptv64Lyzi7ByPGXFWl_6xkWxb7PxBpg0mEQmlmKrcgZ7pRVgjj03KHlJe4AdR6dFjGtc4Xb7EcrsV2F0rxxRD-6hBGtK-PNZ_xDWcqSjiQZGCvx0CVPc2iNGNITrD_vyetUPRn6MCV-3h1BMkMt4AWGY3ni3bgfFFY-xo-cbMIAfw-7T9vkuL8u1Bxdez3N6L5iTwDttaF4ixzRwshPoXECvHLO5w5EjMBG-NSatL6GNKI1Oyfxss56t-T-dxb2xNhws0QUkwXoAbfpagmvGM4dWqRW4nobnLN9sY2hJrN4NwzrpZe6rB8vGtZUPB_WXC-T3ZC4PG4t7vQuxyHPhfzqqO4YFno&sai=AMfl-YQ_75MMKYTj55ouqXVEt9MGteZ6HHD1DEIgw5r57Qp0jeavP4b2m3K3kNnigbvHur98obkqxZquK1z-p_LiP5FfbwjCOOMBibbqsUKNahFXT1hzZpbNQp5Qb_cnhw&sig=Cg0ArKJSzFG8k6xwlDOnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 89A2BC6E83AE7F948D45631BD77CD60C
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssErM4FssrQcOybIHR5b5wuKqvj7Sfr9KYxFQL1qvHMXy4S02SOGomXNk27_QR9vq3pbEb7yXT7dC4FXrLH-JmMKonc2iCg11L1_FmgXQKidI5PdR4wNLR9AJvGbe1ekSEz6JQFRoytz_UQKSaG2ChKJGMal5KmYSjyHhqWeusmzUIDvfqTG7j3aSZ8N0DsrS7tgZqcJdVUymd27P8h4uWGvi1UtTIHMnNxShRZy78RqkgeeHeOkG0GxY-8FdkUGwj3kMmFuD_1OchNY830dlCKCTwzJ6871sH51uF-qsCoVKXLxxXbwmmkzJtfZMtuqK-2FdvYL31pJyrh4UEVfXf4ZatoV3BTSbaTD1_pQWqhbjpmAXvepBNEnKRUBUbNIRgM-EZlhQYpqklq0Pieg3J1FHc&sai=AMfl-YSmlZR4DosMa5Vk7h96qJeF1u1oK9K6w_756eA5tNmG2k8qdzCqIW14EbO8lxgelSSKGC9FxqgVuLUbYfsF6MbRvXwf6ZKz2FTag8dDyEJfF8ks29clw_JZsg6Hew&sig=Cg0ArKJSzIdQm1W-YT0hEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 929ABD50A6C7F94AC969BFF8E836EDA5
Requests: 3 HTTP requests in this frame

Frame: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Frame ID: 2E80FA567117F0026F962756E26D01CE
Requests: 16 HTTP requests in this frame

Frame: https://static.adbutter.net/libjs/third-party-pixel.js
Frame ID: 04737693C0ABAD9FCE4643E386CA6321
Requests: 10 HTTP requests in this frame

Frame: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBbH84xtXt0z-xASmkCrChus8_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=0004ece94418718036f6f1b1d8813aebe91b1728/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Frame ID: 5B3B1D25B51B5D42C804A8A34F0F7D7E
Requests: 16 HTTP requests in this frame

Frame: https://static.adbutter.net/libjs/third-party-pixel.js
Frame ID: 02684EDD97FD7BFAB527386DE2498036
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809
Frame ID: 29740FB2A39D254D36AACE601A859D84
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809
Frame ID: 5CAECF24819C29CA644016534FF4F38F
Requests: 3 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4903351558&rd=1
Frame ID: 7FA9C96473464CF01BEE5284B42FFD47
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 13AD592EE64A3FA85A9DEF4F0FE3F8C4
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6C6295B9C23D3D6A8AD6FD349DDB447C
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 6564C3C6BD6610EF9B0937F08D0124C1
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9A7D44ACC3592BDB335BA59EE020F4F2
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9A226BB75C4A8AD2BEAA69DE6443317C
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: C415637787399C43637832712B9BA661
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 9CA47359F68B57E3BA071B199AB1B6CA
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Frame ID: C5B9D0E5C853926D33CFA2E347009883
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

User grassbear8 - Minecraft Command Science

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

299
Requests

82 %
HTTPS

39 %
IPv6

75
Domains

111
Subdomains

76
IPs

10
Countries

3204 kB
Transfer

8668 kB
Size

71
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tumblr.com/gibsonnolan58/737488982738337792/the-unlikely-success-story-decoding-the-cultural
Title: Skibidi Toilet

Search URL Search Domain Scan URL

URL: http://twitter.com/MCScienceDB
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Minecraft-Command-Science/1421928798102912
Title: Facebook

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&google_tc= HTTP 302
https://s.cpx.to/sync?dsp_uid=CAESEOhD4h6aqGxS9upZq4Q6vGQ&dsp=dbm&google_cver=1

Request Chain 60

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D13058%26url%3Dhttps%253A%252F%252Fminecraftcommand.science%252Fprofile%252Fgrassbear8%26hn_ver%3D72%26fid%3Dfa85791e-4c79-4896-b122-2623384bbcd2%26dsp%3Dpub_common%26dsp_uid%3Dcc031eff-bd72-46d7-9173-3ad0808b4605 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Ffire.js%253Fdsp%253Dapp_nexus%2526dsp_uid%253D%2524UID%2526pid%253D13058%2526url%253Dhttps%25253A%25252F%25252Fminecraftcommand.science%25252Fprofile%25252Fgrassbear8%2526hn_ver%253D72%2526fid%253Dfa85791e-4c79-4896-b122-2623384bbcd2%2526dsp%253Dpub_common%2526dsp_uid%253Dcc031eff-bd72-46d7-9173-3ad0808b4605 HTTP 302
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=4851895891337406080&pid=13058&url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&hn_ver=72&fid=fa85791e-4c79-4896-b122-2623384bbcd2&dsp=pub_common&dsp_uid=cc031eff-bd72-46d7-9173-3ad0808b4605

Request Chain 61

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DB9744F6-1B7C-47CA-9FBB-A07FE9AE6F32

Request Chain 91

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&dcc=t

Request Chain 97

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=7bcbab5ccc

Request Chain 98

https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=92fbde9e-ccbc-4d42-8ddf-e0739d387b9b

Request Chain 99

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1703328209694 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=2117470966 HTTP 302
https://sync.1rx.io/usersync/turn/3755470427053245605?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-23598752-d827-4f93-872b-49c9950ab8b6-003?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-23598752-d827-4f93-872b-49c9950ab8b6-003 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rhythmone.com&id=RX-23598752-d827-4f93-872b-49c9950ab8b6-003

Request Chain 100

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3463298097934907000V10

Request Chain 101

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Request Chain 104

https://ssbsync.smartadserver.com/api/sync?callerId=2 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4124010633033810789&gdpr=0&gdpr_consent=

Request Chain 105

https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?id=4851895891337406080&ex=appnexus.com

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ1zoRVBKbIV1cD5X9BrlIY&google_cver=1

Request Chain 110

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYa50ZTOfjrXwVGAkSTSWAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP6oI1pzoXfGBMw1-UyLRys&google_cver=1

Request Chain 114

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4851895891337406080

Request Chain 115

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6832972239379080536&expiration=1704537809

Request Chain 116

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1719139409&external_user_id=42325e98-559d-4fd1-9138-9530be474f24

Request Chain 119

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&khaos=LQHXMX5Q-20-801M HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LQHXMX5Q-20-801M&ex=d-rubiconproject.com&status=ok

Request Chain 123

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFIWE1YNVEtMjAtODAxTQ== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHnsMzIjMmhYLFldUXrwm4U&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFIWE1YNVEtMjAtODAxTQ==&google_push=

Request Chain 124

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DPsjaCDKQTm6s4h0hDw0xg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DPsjaCDKQTm6s4h0hDw0xg

Request Chain 125

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SXU1HvSNSMONMsJB51h6ZA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=SXU1HvSNSMONMsJB51h6ZA

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECo_oP5sFMsorZDm_hiSRSg&google_cver=1

Request Chain 128

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQHXMX5Q-20-801M

Request Chain 129

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTNmOWJmNGFjYTU5NmFhZTFlZTc0MDU4MGI4YWRlNmM3OGM2NGE4OQ

Request Chain 130

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LQHXMX5Q-20-801M&ex=d-rubiconproject.com&status=ok

Request Chain 131

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/EbCxm5neLLdkQWDM1DVww8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-W5zyee1E2oJ3Gc7rRRw_W5i6EddjNbLRspRiSQ--~A

Request Chain 132

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEMNU7LDXQAABP3FA4Kzw&expires=30

Request Chain 133

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQHXMX5Q-20-801M&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQHXMX5Q-20-801M&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQHXMX5Q-20-801M&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS05cFY4UGpSRTJ1SFo3STVtSDk2OTlLeXdoSWNKZDlmb35B&ovsid=LQHXMX5Q-20-801M&dpid=58160

Request Chain 134

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LQHXMX5Q-20-801M

Request Chain 135

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQHXMX5Q-20-801M

Request Chain 136

https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQHXMX5Q-20-801M

Request Chain 137

https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
https://capi.connatix.com/us/pixel?puid=LQHXMX5Q-20-801M&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://capi.connatix.com/us/pixel?puid=LQHXMX5Q-20-801M&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

Request Chain 138

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LQHXMX5Q-20-801M

Request Chain 139

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REI5NzQ0RjYtMUI3Qy00N0NBLTlGQkItQTA3RkU5QUU2RjMy&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFfqKG2MSrsrrrl7HFihSWs&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=DB9744F6-1B7C-47CA-9FBB-A07FE9AE6F32

Request Chain 140

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
https://cs.yellowblue.io/cs?aid=11601&id=cd75154bdec58b69d47124989925039&gdpr_consent=&gdpr=0

Request Chain 248

https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0 HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0&b=1&g=bCKY85qh1UcyFhmzyRT1%2BPxtF1nhPw3WIuRQxxTLRa0%3D

Request Chain 254

https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4903351558 HTTP 302
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4903351558&rd=1

Request Chain 269

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB

Request Chain 270

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEMNU7LDXQAABP3FA4Kzw&expiration=1704537811

Request Chain 271

https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=cd75154bdec58b69d47124989925039&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1a72_7315743530461216076&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=Y2Q3NTE1NGJkZWM1OGI2OWQ0NzEyNDk4OTkyNTAzOQ==&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEAJ0XELjjhOJf6h8ttF0kAI&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/cd75154bdec58b69d47124989925039?gdpr=0&gdpr_consent=

Request Chain 272

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

Request Chain 273

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4124010633033810789&gdpr=0&gdpr_consent=

Request Chain 274

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=484dcb78-d7f7-4283-b360-1eb9806eb8c4-6586b9d3-494c&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D484dcb78-d7f7-4283-b360-1eb9806eb8c4-6586b9d3-494c%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D484dcb78-d7f7-4283-b360-1eb9806eb8c4-6586b9d3-494c%2526gdpr%253D0%2526gdpr_consent%253D

Request Chain 277

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=EzoAI0c2XCUIPQ4gFGoVJBVuD3cIaltwRz-wL1QJ

Request Chain 278

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://casale-match.dotomi.com/match/bounce/current?DotomiTest=72be102b9fab1934&is_secure=true&networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIP8JZJXvVRQNDKEUKAAAAAAA&expiration=1703414611&is_secure=true

Request Chain 279

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3755470427053245605

Request Chain 281

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3ceb857f-10b5-5dd2-b79b9dfb

Request Chain 282

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=d1db24a3-3858-4ad8-9447-3cc497e8eaf0&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null

Request Chain 288

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D$UID HTTP 302
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?gdpr=0&euconsent=&uid=c2620a61a38d20bd6d77c4bb7db3b0f7

Request Chain 290

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZYa50wAJDBs-TgBU HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZYa50wAJDBs-TgBU&_test=ZYa50wAJDBs-TgBU

Request Chain 292

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=43B3EFE001554AEB8286A515D3A830B7

Request Chain 294

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=tixvD0In1RgZtF5

299 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request grassbear8 Show response
minecraftcommand.science/profile/ 28 KB
29 KB 1176ms
830ms Document
text/html 68.178.206.128
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://minecraftcommand.science/profile/grassbear8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

68.178.206.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

128.206.178.68.host.secureserver.net

Software

nginx/1.20.1 + Phusion Passenger(R) 6.0.18 / Phusion Passenger(R) 6.0.18

Resource Hash

9e03be8c28cc9da25af85189f5954608e9f2321edcbbb57d051140c99888422d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Sat, 23 Dec 2023 10:43:25 GMT
ETag: W/"4223d3bbdbd5f0aa6e80ecf427b8984e"
Server: nginx/1.20.1 + Phusion Passenger(R) 6.0.18
Status: 200 OK
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: Phusion Passenger(R) 6.0.18
X-Request-Id: 5d1248b1-9aec-4c5d-b855-eb5469024b2d
X-Runtime: 0.494310
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK application-73699e5533d189f34a09c47c1808a3117a833c07bc3abec85deae400a8a7f7d5.css
minecraftcommand.science/assets/ 1 MB
92 KB 168ms
167ms Stylesheet
text/css 68.178.206.128
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://minecraftcommand.science/assets/application-73699e5533d189f34a09c47c1808a3117a833c07bc3abec85deae400a8a7f7d5.css
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.178.206.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 128.206.178.68.host.secureserver.net
Software: nginx/1.20.1 /
Resource Hash: 73699e5533d189f34a09c47c1808a3117a833c07bc3abec85deae400a8a7f7d5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/profile/grassbear8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 10:43:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Oct 2017 15:07:51 GMT
Server: nginx/1.20.1
ETag: "59db90c7-16dce"
Content-Type: text/css
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 93646
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 21
minotar.net/avatar/char/ 196 B
900 B 196ms
138ms Image
image/png 2606:4700:3038::6815:ea0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minotar.net/avatar/char/21
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3f19a1ade6474b8661f810e930f94e8f4c4fd26f21cd03eaa0ac648dcaa3131

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend: ingress-ingress-nginx-controller-8m9xz, ingress-ingress-nginx-controller-w8sqr
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 196
server: cloudflare
etag: 441da14551f196fba45710419f07e292778f54cfb85bcf3fad2735b9b856715a
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJCe4%2B0mA5f5V7qKuTPYEE7P5SIFIlEL3HBVuWszSrpXpHIw1ClbhxpCr%2FSTDnk5YBGSq318whodKgijK2lnPCitUvhB7a4CB6xD1d%2FIqCouyu7F2uqKYuykZoreDkDcviW8WuOlOGCGMw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=21600
accept-ranges: bytes
cf-ray: 83a000e54e4b5aa1-VIE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
x-req-url: /avatar/char/21

GET
H/1.1 200
OK application-bc3a01e9fcf80054708c94f3c48595ef7171cc11b64d741ca3e6c034c9b9b8f1.js Show response
minecraftcommand.science/assets/ 1 MB
262 KB 668ms
334ms Script
application/javascript 68.178.206.128
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://minecraftcommand.science/assets/application-bc3a01e9fcf80054708c94f3c48595ef7171cc11b64d741ca3e6c034c9b9b8f1.js
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.178.206.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 128.206.178.68.host.secureserver.net
Software: nginx/1.20.1 /
Resource Hash: bc3a01e9fcf80054708c94f3c48595ef7171cc11b64d741ca3e6c034c9b9b8f1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/profile/grassbear8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 10:43:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Jan 2018 16:09:22 GMT
Server: nginx/1.20.1
ETag: "5a5397b2-415a9"
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 267689
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 40.png
minotar.net/avatar/grassbear8/ 402 B
752 B 376ms
318ms Image
image/png 2606:4700:3038::6815:ea0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minotar.net/avatar/grassbear8/40.png
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a96570884248680f13fcb764449d55a74fccc7bfbf81478f79e88e87d0466bd4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:25 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend: ingress-ingress-nginx-controller-8m9xz, ingress-ingress-nginx-controller-w8sqr
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 402
server: cloudflare
etag: 98903c1609352e11552dca79eb1ce3d6
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FE2%2BxGze89%2BwUvlOUzQ309dClunGLrsDJXKUhmaeC%2BQQwsveOGNso%2FwQsRav69FgHB9CUxvIpNdv6lKjZMWjwTE7GDOsPgNXT25lpEBZ4Fg3q1qD4icJ5aQ3eGXMMlDypG9lqJqstU%2FlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=21600
accept-ranges: bytes
cf-ray: 83a000e54e4a5aa1-VIE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
x-req-url: /avatar/grassbear8/40.png

GET
H2 200 Skibidi-Toilet-Coloring-Sheet-for-Kids.png
coloringpagesonly.com/wp-content/uploads/2023/07/ 83 KB
84 KB 110ms
41ms Image
image/png 2a05:d014:776:a63f:551c:5660:31da:fe01
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coloringpagesonly.com/wp-content/uploads/2023/07/Skibidi-Toilet-Coloring-Sheet-for-Kids.png
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63f:551c:5660:31da:fe01 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 1737f99e7919b27a7f574cab5602e3d2ef74cda4b5364721de2249be78961387

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:26 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;25d1dd77c98790dec8cde92ba70dc694;2-301535-1439;1da124d3-d72a-418a-6d5f-7994dfb2f42d
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-ezoic-excludewebp: true
response: 200
last-modified: Thu, 20 Jul 2023 17:03:26 GMT
server: LiteSpeed
etag: "14d1b-64b968de-464d;;;-gzip"
x-origin-cache-control: public, max-age=604800
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
content-type: image/png
cache-control: public, max-age=31536000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 75ms
22ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 09:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3308
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 23 Dec 2023 11:48:17 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 81ms
31ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 3709353
cdn-cachedat: 2021-06-08 21:08:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 83a000e778543a3e-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 90ms
36ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700

Requested by

Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5813242b4b35a236d4ef477d0bcc41e47f2d195703dc95f928852381be4c509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Dec 2023 10:43:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 10:43:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Dec 2023 10:43:26 GMT

GET
H/1.1 200
OK MCS-logo.png
minecraftcommand.science/images/ 3 KB
4 KB 167ms
167ms Image
image/png 68.178.206.128
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://minecraftcommand.science/images/MCS-logo.png
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.178.206.128 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 128.206.178.68.host.secureserver.net
Software: nginx/1.20.1 /
Resource Hash: 29e052c25b24f6d8f7df3f31422cdbd4c66e6d25316576e896b2cd616f710cd9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/profile/grassbear8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 10:43:26 GMT
Last-Modified: Mon, 14 Aug 2017 22:41:41 GMT
Server: nginx/1.20.1
ETag: "59922725-d98"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3480

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
227 B 30ms
30ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=140489236&t=pageview&_s=1&dl=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&ul=en-us&de=UTF-8&dt=User%20grassbear8%20-%20Minecraft%20Command%20Science&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=325021239&gjid=931218009&cid=234020873.1703328206&tid=UA-100359114-1&_gid=207305699.1703328206&_r=1&_slc=1&z=1419072243

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

943b93d375f7d0df4fdb35c444ddcf42e764b2ea9075492645871be142c76d08

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 77ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minecraftcommand.science
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:01:29 GMT
x-content-type-options: nosniff
age: 189717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 06:01:29 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
351 B 100ms
34ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-100359114-1&cid=234020873.1703328206&jid=325021239&gjid=931218009&_gid=207305699.1703328206&_u=IEBAAEAAAAAAACAAI~&z=1744066950

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 23 Dec 2023 10:43:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
79 KB 92ms
38ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MTB0WFGVZX&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

847bcf23a159c238226a6722a45b6d76454658cd19260a514fd52ceb8cfdce0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80906
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Dec 2023 10:43:26 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 96ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MTB0WFGVZX&gtm=45je3bt0v9119136280&_p=1703328206064&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=234020873.1703328206&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&dt=User%20grassbear8%20-%20Minecraft%20Command%20Science&sid=1703328206&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1833
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MTB0WFGVZX&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad-manager.min.js Show response
hb.vntsm.com/v3/live/ Frame E27C 1015 KB
300 KB 109ms
27ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: eba8f0299ba7901370cbc32973297a0e8f7009283ae12799f8a203d43a66f76a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:26 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-amz-server-side-encryption: AES256
cdn-cachedat: 12/22/2023 14:32:26
cdn-pullzone: 131999
last-modified: Tue, 19 Dec 2023 12:06:49 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"633e20086e1be366d4d9563cb9344900"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control: public, max-age=86400
x-bl: 0
cdn-requestid: 907d560a7fbcc552b7aa29405e5f5b16
cdn-requestcountrycode: CH
access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
49 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minecraftcommand.science
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:36:28 GMT
x-content-type-options: nosniff
age: 187618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50296
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 06:36:28 GMT

GET
H2 200 content.html Show response
hb.vntsm.io/ Frame E27C 32 B
662 B 509ms
436ms Fetch
text/html 2606:4700:10::6816:2f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.io/content.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:27 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: DDM788KB4W48K3CE
content-length: 32
x-amz-id-2: xGAoyo75rC/we8SkiY1Wk3Kz+c17jOWu/BIcge6T9o526/B4GAJR7s7HM8clXEVy9YprNsOxaJs=
geo: CH
geo-subdivision: CH-ZH
last-modified: Thu, 14 Oct 2021 10:47:47 GMT
server: cloudflare
etag: "2f58b9ff601fd509249a9e7628a21c33"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83a000ee7e799022-FRA

GET
H2 200 59b1012e46e0fb00016a7b73.enc Show response
hb.vntsm.com/v2/live/ Frame E27C 46 KB
7 KB 73ms
35ms XHR
text/plain 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v2/live/59b1012e46e0fb00016a7b73.enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 65b10d43bc68bbcc8ce8c539376422177785089220b216a273a75f868b3a3629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:27 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-amz-server-side-encryption: AES256
cdn-cachedat: 12/22/2023 14:46:59
cdn-pullzone: 131999
last-modified: Thu, 16 Nov 2023 12:17:01 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"2e065aec27e717a658b07171ccf44de1"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
access-control-allow-credentials: true
x-bl: 0
cache-control: public, max-age=86400
cdn-requestid: b98bef65aab1849e12a4d45cc2a3a84c
cdn-requestcountrycode: CH
access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cookieTest.html Show response
hb.vntsm.com/ab/live/3pcookie/ Frame A9DC 967 B
1 KB 20ms
19ms Document
text/html 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 5963155991ef6cccaa5ccde93b269c06161b4e36b2784be6028b78c954a3c569

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
access-control-allow-methods: GET, OPTIONS
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control: public, max-age=86400
cdn-cache: HIT
cdn-cachedat: 12/22/2023 14:32:27
cdn-edgestorageid: 1080
cdn-proxyver: 1.04
cdn-pullzone: 131999
cdn-requestcountrycode: CH
cdn-requestid: 649fa4324019c002a1b26f2362beb9fd
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-encoding: br
content-type: text/html
date: Sat, 23 Dec 2023 10:43:27 GMT
etag: W/"d80b9831e6e7896aa97e84d70f49e545"
last-modified: Sun, 10 Sep 2023 14:04:21 GMT
server: BunnyCDN-DE1-1080
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-bl: 0

GET
H2 200 content.html Show response
hb.vntsm.io/ Frame E27C 32 B
289 B 440ms
439ms Fetch
text/html 2606:4700:10::6816:2f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.io/content.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:27 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: DDM788KB4W48K3CE
content-length: 32
x-amz-id-2: xGAoyo75rC/we8SkiY1Wk3Kz+c17jOWu/BIcge6T9o526/B4GAJR7s7HM8clXEVy9YprNsOxaJs=
geo: CH
geo-subdivision: CH-ZH
last-modified: Thu, 14 Oct 2021 10:47:47 GMT
server: cloudflare
etag: "2f58b9ff601fd509249a9e7628a21c33"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83a000ee8e819022-FRA

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 110 KB
37 KB 87ms
22ms Script
text/javascript 143.204.98.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-16.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: x5VtTe.o38AhKNl9GXJ.IeIaII4uy0GZ
content-encoding: gzip
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
date: Sat, 23 Dec 2023 08:56:23 GMT
last-modified: Thu, 19 Oct 2023 08:25:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 19798
x-amz-server-side-encryption: AES256
etag: W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: RNUr8IhtEnnANocDxFXJl1TSiWOs2UdYbcYGUyivGaxlTyTHO9It0w==

GET
H2 200 px.gif Show response
ad-delivery.net/ Frame E27C 43 B
922 B 96ms
30ms Fetch
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 195745
x-guploader-uploadid: ABPtcPp_ohU8e5uWQz4Y3R6TrEyLXk78hJHRqPFlx_G_gph52LqaD1-BJ4fF3t-vw7D4t8ZwGdoYQYZyBA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQCDPx%2F9bAWmbW0Q5hmENJguRdVu9iUtDf%2Fu%2BUQplBaNC1ItUm5CFIcNQ5%2BF40k6Jdu6ni1%2B8WY6wz5fsJXp3dL1gpsv7ArqdsXV16iAnW7NUfsP%2BT7cU60dM28caB6SPOzflY5nW%2BAgDjiIwA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 83a000f1cf3e2c23-FRA
expires: Thu, 21 Dec 2023 04:49:29 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 174ms
121ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2eaf4dc45a609e38e96b891f54eb6e467c16d7da0572940eee07896b72ed6ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29153
x-xss-protection: 0
server: cafe
etag: 589 / 19714 / 31080056 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 10:43:27 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/d1oykxszdrgjgl/ 129 KB
45 KB 84ms
25ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c63cc618de0f54dfc0a0af374aba9dc4e4e4d67d43a02162ea4e5fab90a3c3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:27 GMT
content-encoding: gzip
last-modified: Wed, 20 Dec 2023 16:21:21 GMT
server: cloudflare
age: 0
etag: W/"dc70fe6d240944175a1cc70996f1d2176dea2ac6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 83a000f38a4192b1-FRA

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 78ms
24ms Script
application/javascript 108.156.255.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-65.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:25:57 GMT
content-encoding: gzip
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, DUS51-P2
age: 1051
x-amz-server-side-encryption: AES256
etag: W/"bab82e5d8801f394c1ef53a45dc29542"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 8eDFyP3b0jgDXUiGZ5-JcMeyOPHLsOIVzsrbuGHScktmFCfeOWlxvg==

GET
H2 200 px.js Show response
p.cpx.to/p/13058/ 4 KB
4 KB 192ms
47ms Script
application/javascript 34.243.27.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/13058/px.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.27.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-27-157.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 961813c2cc407cc2f799d1d4b17e1bb11730d890608625f8b74513143614f9b2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
cache-control: public, max-age=2419200
content-length: 4396
content-type: application/javascript; charset=UTF-8

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 107ms
23ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:27 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 30 Dec 2023 10:43:27 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 164ms
120ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://minecraftcommand.science
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 23 Dec 2023 10:43:28 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 122ms
122ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 70247b00-ff8f-4016-b3ab-8344daf96e09 Show response
config.aps.amazon-adsystem.com/configs/ 564 B
829 B 68ms
19ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 2c8b244b4300678ea5f33b2995b64c23d184bdb8c718592f81e01d2bdb4b4071

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:48:22 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 3306
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: EzHqkO0BaVNlphgqz43PDigROdrKnoVpp1YG1dBxYOgpo2PtlG_nqw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
3 KB 27ms
27ms XHR
application/json 108.156.255.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fminecraftcommand.science&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-65.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 08:07:49 GMT
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P2
age: 9338
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2353
x-amz-cf-id: xb6AlWiQ1n96L4DF3jF5V272vaYrdTNxHi19Dv7U8kQ2e48f9tqOiQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 64ms
21ms XHR
application/javascript 108.156.255.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-255-65.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront)
date: Sat, 23 Dec 2023 06:00:08 GMT
x-amz-cf-pop: DUS51-P2
age: 17001
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: Gu5HMrnAWUuzxlPgrqIvhGYYXt__UgiYD2Tz19UtXaC7RHghycex_A==

GET
H2 200 rules-p-Hwnr8j7tWA3Nu.js Show response
rules.quantcount.com/ 2 KB
1 KB 80ms
22ms Script
application/javascript 2600:9000:223c:3200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Hwnr8j7tWA3Nu.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:3200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:20:17 GMT
content-encoding: gzip
via: 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1392
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 23:45:13 GMT
server: AmazonS3
etag: W/"25e2d4f54b5bb37c6c82b554454ef41a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: Q_64LaPLCNTahM1ey8OLCE9wUmy6LemOjOD-2BjbIdsqhUi5C3Bqqg==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 02:18:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30270
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 22 Dec 2024 02:18:58 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 107ms
24ms Script
application/javascript 23.57.19.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-19-78.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Sat, 23 Dec 2023 10:58:28 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 101ms
33ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&ref=&_it=amazon&partner_id=288
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CC8G5F16RM7B26
age: 4003
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 83a000f49bbfbb56-FRA
x-amz-id-2: HXRUR8HjAo6USwQLdtHY+PYQf8tGuqDCh/+7XnINsX6lV9HyCEeo0/fdHmm/D8O2xprGCoT8y84=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 91ms
31ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: V2D9XB0XB3MM1KEZ
age: 1101
etag: W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 83a000f49fab2c43-FRA
x-amz-id-2: QTZuy3bTvATH36yOIaPePZ5jKiWZkjKFZoTe9u6nYiUx98/jHeBML4suwUbj8Uf1dzWdMS/LrVM=

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 105ms
23ms Script
application/javascript 23.57.19.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-19-78.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Sat, 23 Dec 2023 10:58:28 GMT

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
578 B 99ms
38ms Fetch
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:28 GMT
an-x-request-uuid: 8d2034f2-f541-4844-b88b-3e9d0184b985
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
427 B 152ms
49ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 9d410c6d3ca72bb320c277848abf2dfce4b6b47c3062dff6a67b6856b082d41f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Mon, 22 Jan 2024 10:43:28 GMT

GET
H2 200 pixel;r=208369011;labels=All.Title.User%20grassbear8%2CAll.Type.website%20tool%2CAll.Site.MinecraftCommand%20Science%2CAll.Url.https%3A%2F%2Fminecraftcommand%20science%2Fprofile%2Fgrassbear8;rf=0;a...
pixel.quantserve.com/ 35 B
371 B 91ms
25ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=208369011;labels=All.Title.User%20grassbear8%2CAll.Type.website%20tool%2CAll.Site.MinecraftCommand%20Science%2CAll.Url.https%3A%2F%2Fminecraftcommand%20science%2Fprofile%2Fgrassbear8;rf=0;a=p-Hwnr8j7tWA3Nu;url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8;uht=2;fpan=1;fpa=P0-1393117277-1703328207998;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=minecraftcommand.science;dst=1;et=1703328208082;tzo=-60;ogl=title.User%20grassbear8%2Cimage.%2F%2Fminecraftcommand%252Escience%2Fimages%2Fmc-social%252Epng%2Ctype.website%252Etool%2Curl.https%3A%2F%2Fminecraftcommand%252Escience%2Fprofile%2Fgrassbear8%2Clocale.en_US%2Clocale%3Aalternate.de_DE%2Clocale%3Aalternate.de_CH%2Csite_name.MinecraftCommand%252EScience;ses=0918d5e3-3e87-4074-b725-6c533ac62a87;mdl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 747 B
399 B 286ms
285ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3ea6acd185f41daf2a04ce650603eeaab189d03b5347f550b0efaf06f44fb2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 368
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 127ms
72ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0f084d1464f239038780fd3b7007fd8a6d178d87545bd66391d443d25bcba13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12178
x-xss-protection: 0

GET
H2 200 container.html Show response
a0795d2bff8cd0b1579ff9e100f446df.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AF11 6 KB
3 KB 120ms
31ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0795d2bff8cd0b1579ff9e100f446df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 10:43:28 GMT
expires: Sun, 22 Dec 2024 10:43:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 109 B
296 B 128ms
128ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=minecraftcommand.science&url=https://minecraftcommand.science/profile/grassbear8
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&ref=&_it=amazon&partner_id=288
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17cc6244a8240a2c9ca81be66553b24c0afa17173b9ba070513db31a56e15aba

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 83a000f61de64d82-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 187ms
130ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=minecraftcommand.science&url=https://minecraftcommand.science/profile/grassbear8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://minecraftcommand.science
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 83a000f54d2d4d82-FRA
content-length: 0
content-type: application/json
date: Sat, 23 Dec 2023 10:43:28 GMT
debug: OPTIONS block
expires: Sun, 22 Dec 2024 10:43:28 GMT
server: cloudflare

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 24ms
23ms Script
application/javascript 23.57.19.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-19-78.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Sat, 23 Dec 2023 10:58:28 GMT

GET
H2 200 edgekit.min.js Show response
cdn.edkt.io/rNn9xk/ Frame E27C 23 KB
8 KB 85ms
26ms Script
text/javascript 34.120.111.33
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.edkt.io/rNn9xk/edgekit.min.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 33.111.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 52edb8a053b824a4bf919e8489aadd1420d86f20b6d622d7188ee5aa5e955d91

Request headers

Referer: https://minecraftcommand.science/
Origin: https://minecraftcommand.science
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 00:18:30 GMT
content-encoding: gzip
age: 37498
x-guploader-uploadid: ABPtcPp7d6hgFmgo2CguTIpyltE-kdbNwpBPmlxJGZRhG1z1ekar35D1GM_QkIZLr0x6osFH6xXQQ2W-E4DzOk8c6nWrmg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7874
last-modified: Wed, 20 Dec 2023 18:07:58 GMT
server: UploadServer
etag: "ca3331c8da5854fb047074298f911730"
x-goog-generation: 1703095678379268
x-goog-hash: crc32c=/eqo/g==, md5=yjMxyNpYVPsEcHQpj5EXMA==
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 7874
accept-ranges: bytes
expires: Sun, 24 Dec 2023 00:18:30 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ Frame E27C 483 B
1021 B 82ms
35ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 10:43:28 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 2104629
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lesMSfF%2BCDo8UeoZZVEgqV0BII81E3D8rgeSTjmppIch75CiWXYifTeFyXIpVJdMeepRQWB8GQfMwxL82hL5Or3%2FKVbOoVXd8nSsazpnASjOI0%2BwZyw6fg6Q5FuhoxQn%2FKInPQf6SHv3KkE0"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 83a000f548b49b86-FRA

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
468 B 121ms
30ms XHR
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Sat, 23 Dec 2023 11:13:28 GMT

POST
H2 200 fire.js Show response
s.cpx.to/ 43 B
333 B 192ms
50ms Fetch 52.17.199.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=13058&url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&hn_ver=72&fid=fa85791e-4c79-4896-b122-2623384bbcd2&dsp=pub_common&dsp_uid=cc031eff-bd72-46d7-9173-3ad0808b4605
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.199.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-199-113.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5b4122cd2abb1fe4a6f9de82ccf1d4cb111c294a9c66e20546615a1f8609713a

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Sat, 23 Dec 2023 10:43:28 GMT
access-control-allow-credentials: true
expires: Sat, 23 Dec 2023 10:43:28 GMT
content-length: 43
vary: Origin
p3p: CP="NOI DEV ADM"

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ Frame E27C 75 KB
24 KB 66ms
28ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 10:43:28 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 679258
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L25RCgyz2NrL%2FfXvvDdhTvy43TOi83xMmPROnMMIPcSZjvXnNPJOZtAE4q%2FMmWmcpAXha6586JExuKozTHKHZvwDxygbitVY8lJuhPAuDr5fXocJRERrd5hSkct52ZaIDa6%2BYFWZZC7hpLYp"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 83a000f5b99030e8-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 92ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 10:43:28 GMT

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ Frame E27C 16 B
170 B 173ms
49ms XHR
application/json 34.254.47.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.47.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-47-73.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Sat, 23 Dec 2023 10:43:28 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 25ms
25ms Script
application/javascript 23.57.19.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.57.19.78 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-57-19-78.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Sat, 23 Dec 2023 10:58:28 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3CC4 13 KB
5 KB 24ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 50489
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 20:41:59 GMT
expires: Sat, 21 Dec 2024 20:41:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 131E 829 B
1 KB 86ms
32ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a921b4ca0ade43496083038183a345ab915c82926b374d0bf8ce050a2ca2ee9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f64XnCTIkcwJc4U7JzDZ9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-f64XnCTIkcwJc4U7JzDZ9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 10:43:28 GMT
expires: Sat, 23 Dec 2023 10:43:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3CC4 39 KB
15 KB 69ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 163967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:10:41 GMT

GET
H/1.1 204
No Content token
pixel.rubiconproject.com/ 0
656 B 95ms
24ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/token?pid=34010&customParamenters
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

sync
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&google_tc=
https://s.cpx.to/sync?dsp_uid=CAESEOhD4h6aqGxS9upZq4Q6vGQ&dsp=dbm&google_cver=1

0
304 B

49ms
49ms

Image
text/plain

52.17.199.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp_uid=CAESEOhD4h6aqGxS9upZq4Q6vGQ&dsp=dbm&google_cver=1
Protocol: H2
Server: 52.17.199.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-199-113.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 23 Dec 2023 10:43:28 GMT
date: Sat, 23 Dec 2023 10:43:28 GMT
p3p: CP="NOI DEV ADM"

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.cpx.to/sync?dsp_uid=CAESEOhD4h6aqGxS9upZq4Q6vGQ&dsp=dbm&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 284
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

fire.js
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D13058%26url%3Dhttps%253A%252F%252Fminecraftcommand.science%252Fprofile%252Fgrassbear8%2...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Ffire.js%253Fdsp%253Dapp_nexus%2526dsp_uid%253D%2524UID%2526pid%253D13058%2526url%253Dhttps%25253A%25252F%25252Fminecraft...
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=4851895891337406080&pid=13058&url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&hn_ver=72&fid=fa85791e-4c79-4896-b122-2623384bbcd2&dsp...

33 B
33 B

52ms
52ms

Image
text/plain

52.17.199.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=4851895891337406080&pid=13058&url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&hn_ver=72&fid=fa85791e-4c79-4896-b122-2623384bbcd2&dsp=pub_common&dsp_uid=cc031eff-bd72-46d7-9173-3ad0808b4605
Protocol: H2
Server: 52.17.199.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-199-113.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DEV ADM"
date: Sat, 23 Dec 2023 10:43:28 GMT
content-length: 33
expires: Sat, 23 Dec 2023 10:43:28 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:28 GMT
an-x-request-uuid: e7ef38f4-cbf7-47d9-85c5-2cae3c232eb4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=4851895891337406080&pid=13058&url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&hn_ver=72&fid=fa85791e-4c79-4896-b122-2623384bbcd2&dsp=pub_common&dsp_uid=cc031eff-bd72-46d7-9173-3ad0808b4605
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DB9744F6-1B7C-47CA-9FBB-A07FE9AE6F32

0
313 B

50ms
50ms

Image
text/plain

52.17.199.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DB9744F6-1B7C-47CA-9FBB-A07FE9AE6F32
Protocol: H2
Server: 52.17.199.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-199-113.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sat, 23 Dec 2023 10:43:28 GMT
date: Sat, 23 Dec 2023 10:43:28 GMT
p3p: CP="NOI DEV ADM"

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DB9744F6-1B7C-47CA-9FBB-A07FE9AE6F32
date: Sat, 23 Dec 2023 10:43:28 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 131E 0
0 56ms
56ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=803854573008351&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 / Show response
shb.richaudience.com/hb/ Frame E27C 1 B
253 B 109ms
43ms XHR
text/html 195.201.193.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.201.193.117 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.193.201.195.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
access-control-allow-credentials: true

GET
H2 200 288 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 91ms
35ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/288?_it=amazon
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c71bda16c20aae753920eabadd0803343edafc1e32d5fa55b645ed8dca76551c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 23 Dec 2023 10:42:34 GMT
server: cloudflare
age: 54
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 83a000f7396e9b21-FRA

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3CC4 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?STEBRA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 188 B
632 B 339ms
271ms XHR
text/javascript 18.239.81.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&pid=C0Yv0hxva0xYO&cb=0&ws=1600x1200&v=23.1211.1645&t=3500&slots=%5B%7B%22sd%22%3A%2259b1026d46e0fb00016a7b79-1010%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22327028904%2FVM_59b1012e46e0fb00016a7b73%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!venatus.com%2C59b100dc46e0fb00012e46aa%2C1%2C%2C%2C&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A5100%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22cc031eff-bd72-46d7-9173-3ad0808b4605%22%2C%22audigent%22%3A%2206067chgl686bgb9l6g69b9b6a6ecfibjl902isq0040gqg600q06g6g0e0miougw%22%7D%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.81.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-81-30.ams58.r.cloudfront.net

Software

Server /

Resource Hash

5441d52a66181d7671072f20100b5b46237875b81ec3d188510c63664a673464

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 a44309111e5e1050ff485adaa4681ad0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P5
x-amz-rid: QYEJNYE6SW9TB3JNMJ8N
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 188
x-amz-cf-id: A-O2RdO2aU2kxeYGNQNcYgWDpCl78nU8PI7c6RtWJZ5BGeNBplFQ9A==

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ Frame E27C 134 B
913 B 631ms
132ms XHR
application/json 2607:f350:3:2569:0:10:0:a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22687393d818d303%22%3A%22ad0a968e0332cebbaf19%7C728x90%2C970x250%2C970x90%7Cc%3Dd%2C%22%2C%227f3e707e7795fd%22%3A%2237f6f047861e9ebaa291%7C728x90%2C970x250%2C970x90%7Cc%3Dd%2C%22%2C%22848645a7974b49%22%3A%22f3c076631eb036cabb3d%7C728x90%2C970x250%2C970x90%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&s=7c0cbec7-51c3-427a-9cda-ec81835477ed&pv=df529c0a-6fc4-4a96-8ac1-c0dbb75f6455&vp=mobile&lib_name=prebid&lib_v=7.35.0&us=8&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8%22%2C%22domain%22%3A%22minecraftcommand.science%22%2C%22keywords%22%3A%22Minecraft1.9%22%2C%22publisher%22%3A%7B%22domain%22%3A%22minecraftcommand.science%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2259b100dc46e0fb00012e46aa%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%228bd9c9f7-dffd-44ba-9eda-36c70af2ffcf%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228bd9c9f7-dffd-44ba-9eda-36c70af2ffcf%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

782ad017f48f5261f9f6b8f996d181816ad88334c846cb69a2f1d5affaa9f90e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-151
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 130
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 bid Show response
ap.lijit.com/rtb/ Frame E27C 24 B
282 B 189ms
51ms XHR
application/json 63.32.232.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.35.0
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.232.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-232-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: eed14dd88d72e4baf617a66a1c30927d169b8be98eb0ab32347560057e00e379

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E27C 362 B
576 B 200ms
138ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!venatus.com,59b100dc46e0fb00012e46aa,1,,,&eid_pubcid.org=8bd9c9f7-dffd-44ba-9eda-36c70af2ffcf%5E1&rf=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&kw=Minecraft1.9&tg_i.page=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&tg_i.domain=minecraftcommand.science&tk_flint=pbjs_lite_v7.35.0&x_source.tid=956e0baa-1592-4ab4-b46d-7bde8db11148&l_pb_bid_id=131d289b65656c6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2FVM_59b1026d46e0fb00016a7b79%2F1010&slots=1&rand=0.5570968053327006
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7a444b8e70b2ea56c79ccd7db876ce23d10439ded6e541fb7dfc2ce6c73faac7

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 362
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame E27C 0
203 B 191ms
131ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=5136149604&lsavail=1

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Sat, 23 Dec 2023 10:43:28 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame E27C 37 B
676 B 197ms
151ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=171882
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95bd6be5f36470a9d1c0f9f2f369e0d892c091d03f12624565b9f16c682835d7

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7%2FhECrEpPs6Wx45LsSyhDnNRh4vssrg7XPGZ07Dmo5Q6tx8NduJ3VsrmCSjLBwlB2g2KtsWyqZF7OAi6kJA%2BjwqJ0lj%2Ft3gZ9xyzxr2FQM%2BXpm3Frsq8ZPR8%2FLFjdXQVmbJdiXW"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 83a000f86dca18f1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E27C 902 B
2 KB 357ms
115ms XHR
application/json 89.149.192.65
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 584fc184a9bab58f58dfe75c96469c2ddc95d55f497b987ed88d59792f1ad6ef

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame E27C 0
254 B 106ms
28ms XHR
text/plain 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 7a
date: Sat, 23 Dec 2023 10:43:28 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://minecraftcommand.science
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 204 prebid Show response
mp.4dex.io/ Frame E27C 0
273 B 93ms
48ms XHR
text/plain 2606:4700:4400::6812:22b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:28 GMT
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83a000f86fc83a6d-FRA
expires: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame E27C 14 KB
7 KB 247ms
247ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e0b7f0409024f888d2cacd720dc30b8eb5803bb763d87a47c0781b388363eae1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: gzip
an-x-request-uuid: a3e61358-bb71-4772-aa28-25e20c9ce43e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 188 B
635 B 218ms
218ms XHR
text/javascript 18.239.81.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&pid=C0Yv0hxva0xYO&cb=1&ws=1600x1200&v=23.1211.1645&t=3500&slots=%5B%7B%22sd%22%3A%225a33dd5b46e0fb0001950103-1002%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22327028904%2FVM_59b1012e46e0fb00016a7b73%22%7D%2C%7B%22sd%22%3A%225a33dd5b46e0fb0001950103-1006%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22327028904%2FVM_59b1012e46e0fb00016a7b73%22%7D%2C%7B%22sd%22%3A%22616edee55310b2196c628475-1001%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22327028904%2FVM_59b1012e46e0fb00016a7b73%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!venatus.com%2C59b100dc46e0fb00012e46aa%2C1%2C%2C%2C&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A5100%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22cc031eff-bd72-46d7-9173-3ad0808b4605%22%2C%22audigent%22%3A%2206067chgl686bgb9l6g69b9b6a6ecfibjl902isq0040gqg600q06g6g0e0miougw%22%7D%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.81.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-81-30.ams58.r.cloudfront.net

Software

Server /

Resource Hash

6dea0984852ec19849e66076dff1d55214caa98c1cabc8e94288357655ba8b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 a44309111e5e1050ff485adaa4681ad0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P5
x-amz-rid: 3A95CCFKK6T1A9MMQZAN
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 188
x-amz-cf-id: vbcxmzIfpAyCd3RXbaLPKbgRRaVBSkIjujdLMHvEX7OESPyz9wGrnQ==

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ Frame E27C 135 B
911 B 533ms
134ms XHR
application/json 2607:f350:3:2569:0:10:0:a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2229d3fdb7c4abe2a%22%3A%2202ab3655a0ef67a517df%7C160x600%7Cc%3Dd%2C%22%2C%22301f7112d2189d9%22%3A%2202ab3655a0ef67a517df%7C160x600%7Cc%3Dd%2C%22%2C%2231653f4b53671%22%3A%228e95c2151bcd41d7c724%7C728x90%2C970x90%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&s=5db5c3b9-d2d3-476c-accd-348c3da72d9d&pv=df529c0a-6fc4-4a96-8ac1-c0dbb75f6455&vp=mobile&lib_name=prebid&lib_v=7.35.0&us=8&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8%22%2C%22domain%22%3A%22minecraftcommand.science%22%2C%22keywords%22%3A%22Minecraft1.9%22%2C%22publisher%22%3A%7B%22domain%22%3A%22minecraftcommand.science%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2259b100dc46e0fb00012e46aa%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%228bd9c9f7-dffd-44ba-9eda-36c70af2ffcf%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%228bd9c9f7-dffd-44ba-9eda-36c70af2ffcf%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

558c1fa84e47754b018598387fec2860d46b85dfca42ef882b5eb9aee39e1dc3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-49
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 131
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E27C 339 B
373 B 171ms
171ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=9&rp_schain=1.0,1!venatus.com,59b100dc46e0fb00012e46aa,1,,,&eid_pubcid.org=8bd9c9f7-dffd-44ba-9eda-36c70af2ffcf%5E1&rf=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&kw=Minecraft1.9&tg_i.page=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&tg_i.domain=minecraftcommand.science&tk_flint=pbjs_lite_v7.35.0&x_source.tid=aea8188a-f69e-4d9c-8730-d20ab7278e84&l_pb_bid_id=3343e11a6372198&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2FVM_5a33dd5b46e0fb0001950103%2F1002&slots=1&rand=0.20794719197818745
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 914356b218dd1d8a022dd82ab31db3a263cf2842eae5630cee6ea2aa61180d01

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 339
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E27C 339 B
373 B 260ms
260ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=9&rp_schain=1.0,1!venatus.com,59b100dc46e0fb00012e46aa,1,,,&eid_pubcid.org=8bd9c9f7-dffd-44ba-9eda-36c70af2ffcf%5E1&rf=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&kw=Minecraft1.9&tg_i.page=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&tg_i.domain=minecraftcommand.science&tk_flint=pbjs_lite_v7.35.0&x_source.tid=c8b22df2-7224-4af6-b0dc-61b67c1feaa6&l_pb_bid_id=348aefc1bcd32aa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2FVM_5a33dd5b46e0fb0001950103%2F1006&slots=1&rand=0.45610192582069353
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0d81ebfaf1154225ec3381dfc495e24235b6723410664fac1fa21dfbc2b872b8

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 339
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E27C 359 B
393 B 142ms
142ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=2&alt_size_ids=55&rp_schain=1.0,1!venatus.com,59b100dc46e0fb00012e46aa,1,,,&eid_pubcid.org=8bd9c9f7-dffd-44ba-9eda-36c70af2ffcf%5E1&rf=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&kw=Minecraft1.9&tg_i.page=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&tg_i.domain=minecraftcommand.science&tk_flint=pbjs_lite_v7.35.0&x_source.tid=91d4e017-865a-4171-b5aa-b038393c2e1c&l_pb_bid_id=35ed948049347e6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2FVM_616edee55310b2196c628475%2F1001&slots=1&rand=0.2573466301515066
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7ac823ff95f36613750dfdc0fd371f9f3d05fc10c5707a707211d24dfaaeae73

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:28 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 359
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame E27C 0
119 B 28ms
28ms XHR
text/plain 145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 7a
date: Sat, 23 Dec 2023 10:43:27 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://minecraftcommand.science
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 204 prebid Show response
mp.4dex.io/ Frame E27C 0
40 B 44ms
43ms XHR
text/plain 2606:4700:4400::6812:22b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:28 GMT
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83a000f8b8243a6d-FRA
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame E27C 0
202 B 243ms
243ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=46555915569&lsavail=1

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Sat, 23 Dec 2023 10:43:28 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 bid Show response
ap.lijit.com/rtb/ Frame E27C 24 B
281 B 88ms
53ms XHR
application/json 63.32.232.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.35.0
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.232.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-232-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 77b7082ba1f97d677dd0d5ab98e8772d9c5d2750615b366988fe501aa1050f87

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 10:43:28 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ Frame E27C 31 KB
8 KB 787ms
786ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4d80a03abfeae73796da7b619b0d34840b818ee7857bf8b8abf2c570d15ab46d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
content-encoding: gzip
an-x-request-uuid: c320d0ce-72e2-48c6-bd1f-7874833fb54e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E27C 22 KB
10 KB 301ms
157ms XHR
application/json 89.149.192.65
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: bb397aa4d1296bec772f1825b56c2c93f46b81bc205088b3ac85889d6681ca82

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E27C 907 B
2 KB 261ms
117ms XHR
application/json 89.149.192.65
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: dfd7386f2dbc3520185c2c3b5ae378555574a1b2e7ca94819ed7864658d4a854

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E27C 1023 B
2 KB 257ms
114ms XHR
application/json 89.149.192.65
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 873bbf8103fb89f4a1a432d4e759c5d0ac130b73e696f914e383d1e6a3794d96

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:28 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame E27C 22 KB
9 KB 278ms
278ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=171882
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c967e8156421273180f4b2dd183633f3e32ce3075907bb062d386c2f47f1076e

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXHXYhTR%2F%2Fzuw7TcX9R6ttEmn7bTtAfIEUQh0nwJ6Nybj7cT4iaRl48sH7jLJqTzYXvHa6d%2BnP9T%2BzhfYsROvaOpVeAdAF6MBlQ3rgJdu841pFiYrCv7Q7A9uKaxi1IwElOuyX6l"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 83a000f8ce3018f1-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ Frame E27C 16 B
169 B 49ms
49ms XHR
application/json 34.254.47.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.47.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-47-73.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Sat, 23 Dec 2023 10:43:28 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H/1.1

200
OK

iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame A359
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&dcc=t

358 B
1 KB

208ms
208ms

Document
text/html

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&dcc=t

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

914f5d7dd1a6c1f8260dfb5e79b2b19d41801b45277d0adcf719ddce9b9e7695

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 358
Content-Type: text/html;charset=ISO-8859-1
Date: Sat, 23 Dec 2023 10:43:29 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: ZZ8KR118DNAC94MBSAAB

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sat, 23 Dec 2023 10:43:29 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 0BYMX7S8531DE16XB55T

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
59ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=803854573008351&bg=!ra6lruHNAAY3kmNgF5I7ADQBe5WfOHAPhjGJJ1XRm1XTDY1KQlDXkwaNhXt4T3ZIaLeh0De7Z11EzHNMposgPdCiPpUiAgAAACxSAAAAAWgBB5kCwSKmkbXDl8_a5q3wNwE-mAbLE3uyCLu6_Gv2L8khoM8Mp0gN8dxBwleyaWggGpKLRLIc_doA5iv2ymXmCAAy-RIE6pXZQBkHTyxUi2qdy-JliCr5jzRR2bYBu6Uqy8wSosG9OdWJewWyObQkXINCcS3xB5pPyNInTE7qN6YC5f3RUHsqqRFP99lCFQ-skobpEwVWcknpozOqgglkJj2zE2CLuygAeKaPG3AmCcfhEOfN-K_HIFUdVexM8lPfEOvoI2kkKyM1x14wpvwngKHDCgAMHHArW816mpKSdbgA1p23tHjGLwAYUqWACXmd9s4lhpNUmJYUcobPeJdai-nLv4xQL7y9S43NRVWsO53ChGbI9t5xPvktxYdshoDxHSlowrFT-dVp15cewFKVEiLnyAbUc8n9FbnmDhwTNhckaxHVVe22RxkeghduGuAuCovIidK8Mg_JZqhRWSD8EOBT8QLqkMNX5RkUe4b-GanEN6soiPeZczy7127vbchgA5V_iHVzqBg91eGHQ1_b3M6rKgYGR0EgmmyXFwc6Bb_6UIv5vfK5_tsT4avAZXDQQbwOWLGF41wMrmev8ekQNuCXdSOD_a003NL3KLwv36yjODbCVNbh5iLfCKRI5mZ3LjvfSLF3OZBcMfllJpXBk5zJogysr5GiviAE4FQMKV5jjvilhvt0D1KC1yv5QmR2TGcaE81unmx1nVXEWJye2iXjoZp-hsh2XRwsNxj-BwYgq2jli-Bn4yAi2J4WzigvfMZ3j1p7Ag9oYzeiIuMTDbZOqwzCILHuTL8cxUYegvl9BhKgFh1C1NKiYsgXUlMeNEExq7iOZUFm2PJfHNsblut7_VKhb3tVYOFbauH3ppunNLtUw91x3-HiDj7vroHwVA5tk29YPhszbppapCb3BmGR9ZH7cFcPd1AgbtvZ_6_2NeqoSw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
284 B 81ms
21ms Fetch
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

4c0e30758250333556a12457a684ebd31bd8f2c4743b3b839d51cc5893480072

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Sat, 23 Dec 2023 10:43:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v3 Show response
id5-sync.com/gm/ 319 B
609 B 70ms
21ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

6caba0cbf5ddfe893058ccc3ecaa2636de1b2af62eb3205115d9848f864b6422

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Sat, 23 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK pr Show response
aax-eu.amazon-adsystem.com/s/v3/ Frame 3EC1 3 KB
3 KB 51ms
51ms Document
text/html 67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Requested by

Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

ba136c082bed7ae764c17121b67f3158ea35714a92633ff967512360b4dfcf6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 2581
Content-Type: text/html;charset=ISO-8859-1
Date: Sat, 23 Dec 2023 10:43:29 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 127407B2KV7AB104NTCG

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 279ms
279ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41f6415f3d5d677a19313f36462f5560fe4d2473c66f065320a4c28d1eaea41d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12136
x-xss-protection: 0
google-lineitem-id: 4753675178
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138238778460
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3EC1
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=7bcbab5ccc

43 B
479 B

117ms
54ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=7bcbab5ccc

Requested by

Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 10:43:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: M2D8R8TPKN8F22HJE54H
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 23 Dec 2023 10:43:06 GMT
via: 1.1 af33674114d993e3d216d91a5599afba.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-P3
age: 23
x-cache: Hit from cloudfront
location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=7bcbab5ccc
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: pqXSTR0RYuHYuJXX-mnjenX0li0oE9qHNI2EQpT9uvpX1ygK6KQ1KA==

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3EC1
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=92fbde9e-ccbc-4d42-8ddf-e0739d387b9b

43 B
479 B

105ms
54ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=92fbde9e-ccbc-4d42-8ddf-e0739d387b9b

Requested by

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 10:43:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J9R7V4B5BSYE1NYJKBTY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=mediagrid.com&id=92fbde9e-ccbc-4d42-8ddf-e0739d387b9b
date: Sat, 23 Dec 2023 10:43:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3EC1
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1703328209694
https://ad.turn.com/r/cs?pid=45&rndcb=2117470966
https://sync.1rx.io/usersync/turn/3755470427053245605?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-23598752-d827-4f93-872b-49c9950ab8b6-003?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-23598752-d827-4f93-...
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rhythmone.com&id=RX-23598752-d827-4f93-872b-49c9950ab8b6-003

43 B
479 B

54ms
54ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rhythmone.com&id=RX-23598752-d827-4f93-872b-49c9950ab8b6-003

Requested by

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 10:43:30 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Y2JNM1AQJ1MX5BZ1C0GC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rhythmone.com&id=RX-23598752-d827-4f93-872b-49c9950ab8b6-003
date: Sat, 23 Dec 2023 10:43:30 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX23598752d8274f93872b49c9950ab8b6003
content-type: text/html

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3EC1
Redirect Chain

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3463298097934907000V10

43 B
479 B

123ms
54ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3463298097934907000V10

Requested by

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 10:43:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GTQF8K5587T5S60R8YJQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 10:43:29 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3463298097934907000V10
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Sat, 23 Dec 2023 10:43:29 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 6CD3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

2 KB
825 B

36ms
36ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65cdaeab573276ae46bc74eabab2388f711337f1c6ebd9de5e195fa1ff8b5495

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83a000fc9a8b18f1-FRA
content-encoding: br
content-type: text/html
date: Sat, 23 Dec 2023 10:43:29 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izJQl4LcOVVSe2o8RNS2TCTDwYm6BayFx8QiJHXg7xgmra%2FZGNILvLusc%2F%2FQJ%2BQr8zh26EWTC%2BKZuZrr81FRlAvWH5nwvKluZQiR%2BJZiGfF6SA8F4UXozG1HxlMKPMhOy%2FZArT5015IfkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83a000fc5a4c18f1-FRA
content-length: 0
date: Sat, 23 Dec 2023 10:43:29 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hcKndqAaiRU0Q0M%2FxtiBSC9gu9RZgTbo1WlGUa1zi5vNK99OxmNOf5l9G6tiAE4SmYI%2BPsmVcsXB6ZL4OCIoZRrgsh8vdbQ6R3mGf%2FfjMTkPEyLsxQ3CU3UHYa%2FuD0cvbTAW%2B9Qe8WRjw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 204 /
match.sharethrough.com/jwumXNuB/v1/ Frame 5CB2 0
0 84ms
21ms Document
text/plain 3.68.18.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.18.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-18-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

date: Sat, 23 Dec 2023 10:43:29 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3308 281 B
555 B 82ms
26ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 23 Dec 2023 10:43:29 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame ECA6
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=2
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4124010633033810789&gdpr=0&gdpr_consent=

43 B
479 B

51ms
51ms

Document
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4124010633033810789&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 23 Dec 2023 10:43:29 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: VXWQ1Z8Q99RH51VZD85E

Redirect headers

content-length: 0
date: Sat, 23 Dec 2023 10:43:28 GMT
location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4124010633033810789&gdpr=0&gdpr_consent=

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame E838
Redirect Chain

https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
https://aax-eu.amazon-adsystem.com/s/ecm3?id=4851895891337406080&ex=appnexus.com

43 B
479 B

54ms
54ms

Document
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?id=4851895891337406080&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 23 Dec 2023 10:43:29 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 4GTM57Q0XW610WNJPJJB

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 49c4ca11-224b-4e3b-92be-d7bf768fdac2
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 10:43:29 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://aax-eu.amazon-adsystem.com/s/ecm3?id=4851895891337406080&ex=appnexus.com
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame 08D3 570 B
1021 B 341ms
107ms Document
text/html 3.233.88.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.233.88.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-88-120.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 2218481de6171c37c749f595b9c55a186afb332f52b37beee8c1aab6063a43f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: cs-server-s2s.yellowblue.io
content-length: 570
content-type: text/html
date: Sat, 23 Dec 2023 10:43:29 GMT
server: istio-envoy
x-envoy-upstream-service-time: 1

GET
H2 200 getuid Show response
eb2.3lift.com/ Frame 2F93 37 B
140 B 76ms
19ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sat, 23 Dec 2023 10:43:29 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3308 45 KB
13 KB 30ms
29ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0365692d8e0d5051941db1f32f5f61d913d45be260b6030f38616703a3a51d4e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 10:43:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Dec 2023 14:29:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13561
Connection: keep-alive
Content-Length: 13201
Expires: Sat, 23 Dec 2023 14:29:30 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 6CD3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ1zoRVBKbIV1cD5X9BrlIY&google_cver=1

43 B
769 B

41ms
41ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ1zoRVBKbIV1cD5X9BrlIY&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZxnNUwgGQdekfQhIv2kVF9TMUxmE4Fcrl7rg7GLiHnDyRyGE9vjjjZjozZJlwfWYUeicG83ZPQrqXN1nda9Zl80UPVYe5vXYCb1i5FTu6teaNkfZn0qBwwCJO%2FnNwQRZbkuPN1bv5A8hA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a000fd0c7d9b40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJ1zoRVBKbIV1cD5X9BrlIY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6CD3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYa50ZTOfjrXwVGAkSTSWAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP6oI1pzoXfGBMw1-UyLRys&google_cver=1

43 B
731 B

36ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP6oI1pzoXfGBMw1-UyLRys&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnuKHAHOcmg7nUao5l43gLrDQ2O5M57cqGR9dg4XvSmyWQce2WfW6sldvMRLvZEzfMdlXjdDt26QKhMO9JDM5yNyh97FL6TEQVWmfUz%2Bv4TKzZjeGnWUWlqJRBGBrW1KUMVsr5OQe0VKKg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a000fd4cad9b40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP6oI1pzoXfGBMw1-UyLRys&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 6CD3 70 B
148 B 48ms
47ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:29 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 6CD3 43 B
479 B 340ms
114ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 10:43:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1NPAXPRTP6WMA325S0YN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 6CD3 0
0 90ms
31ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 6CD3
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4851895891337406080

43 B
338 B

34ms
34ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4851895891337406080
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3BxuthomF0%2BxIAyIw2wkogd0JNNGTpbZ6WN5pYTLqL0NYIxCGRNSQJvh4YXbO2oH52GoTxLbrhHT7IghCKtDECOhNDMmkJmZQ5xf82D2%2F4ZB%2FPJWFoeyQEmjXUK2VBcK8ZVvErMamcxKw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a000fd0b1318f1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
an-x-request-uuid: 827af4ab-2e0c-41eb-bfec-15f0aca99b93
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4851895891337406080
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6CD3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://c1.adform.net/serving/cookie/match?CC=1&party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6832972239379080536&expiration=1704537809

43 B
737 B

39ms
39ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6832972239379080536&expiration=1704537809
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1SYeLmFx%2B1tTpO4zCiPYCIhoTsUDNubzI9P01yD3d6ToTfS6Wt1tfESp4ofLKB%2F6TRUYJrhEIRzPAl%2B36DUPRUPYraX2EkBmZOcGb%2FIFKr2yhQoeee4KQUgU%2B6Bl9MYZNfT1pZDb%2FqoMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a000fddd109b40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6832972239379080536&expiration=1704537809
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 6CD3
Redirect Chain

https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1719139409&external_user_id=42325e98-559d-4fd1-9138-9530be474f24

43 B
737 B

38ms
38ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1719139409&external_user_id=42325e98-559d-4fd1-9138-9530be474f24
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkKwoa7fJTxvL1WFOUM0zM3HK7%2B5YuOmvVjO0CORaFW1a4KtpXo5OGkUUK%2Fk1WaGVIZS%2FJm8BYQsHNaEpmI3wgXmGyPqtlV1p2Es4namG2VCWKtNsfoGFv%2FhTvJIQa%2FiFZJQkuVYW1fPGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a000fe1d439b40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Sat, 23 Dec 2023 10:43:29 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.casalemedia.com
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1719139409&external_user_id=42325e98-559d-4fd1-9138-9530be474f24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 157

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6CD3 43 B
479 B 54ms
54ms Image
image/gif 67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 10:43:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MYGSGJB82Y4PS7RDWVC4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 3308 7 B
822 B 90ms
23ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3308
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&khaos=LQHXMX5Q-20-801M
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LQHXMX5Q-20-801M&ex=d-rubiconproject.com&status=ok

43 B
479 B

50ms
50ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?id=LQHXMX5Q-20-801M&ex=d-rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 10:43:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RYP9ZS1319XY26JQEE5W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?id=LQHXMX5Q-20-801M&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
13 KB 454ms
453ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=803854573008351&correlator=3338225744243198&eid=31079959%2C31080056%2C44777897&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&tfua=0&tfcd=0&iu_parts=21726375739%3A22327028904%2CVM_59b1012e46e0fb00016a7b73&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=160x600%2C160x600%2C728x90%7C970x90&ifi=3&sfv=1-0-40&sc=1&cookie=ID%3D77b04d64e9ad5ed2%3AT%3D1703328208%3ART%3D1703328208%3AS%3DALNI_MaDY4UGszZwlz7h0RrVNK8VS1VUcg&gpic=UID%3D00000d27714f385d%3AT%3D1703328208%3ART%3D1703328208%3AS%3DALNI_MYWrGM79e53-yILuNaGnrSnVV9W2g&abxe=1&dt=1703328209555&lmt=1703328209&adxs=35%2C1405%2C436&adys=60%2C60%2C1156&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&vis=1&psz=160x-1%7C160x-1%7C1600x-1&msz=160x-1%7C160x-1%7C728x-1&fws=516%2C516%2C512&ohw=160%2C160%2C0&ga_vid=234020873.1703328206&ga_sid=1703328208&ga_hid=140489236&ga_fc=true&dlt=1703328205577&idt=2519&prev_scp=hb_pb%3D0.25%26hb_adid%3D5a33dd5b46e0fb0001950103-1002%26hb_iv%3D1%26sv%3D1%26re_ve%3D8e148798-v7.35.0%26pg_ld_id%3D79ae103e-3949-4a27-a485-4e5a232ac8d8%26mo%3Dscan%26ac_id%3D59b100dc46e0fb00012e46aa%26si_id%3D59b1012e46e0fb00016a7b73%26pl_id%3D5a33dd5b46e0fb0001950103%26co%3DCH%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2023-11-16%252012%253A16%253A58%26ta_si%3D160x600%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D1bea05f1-cda5-4e27-809d-0ca92bc2e295%26tpcs%3Denabled%26st_ty%3Dvert%26bf_br%3D31200000%26af_im%3D31200000%26amznbid%3D2%26amzniid%3D%26amznsz%3D0x0%26amznp%3D2%7Chb_pb%3D0.54%26hb_adid%3D5a33dd5b46e0fb0001950103-1006%26hb_iv%3D1%26sv%3D1%26re_ve%3D8e148798-v7.35.0%26pg_ld_id%3D79ae103e-3949-4a27-a485-4e5a232ac8d8%26mo%3Dscan%26ac_id%3D59b100dc46e0fb00012e46aa%26si_id%3D59b1012e46e0fb00016a7b73%26pl_id%3D5a33dd5b46e0fb0001950103%26co%3DCH%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2023-11-16%252012%253A16%253A58%26ta_si%3D160x600%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D1bea05f1-cda5-4e27-809d-0ca92bc2e295%26tpcs%3Denabled%26st_ty%3Dvert%26bf_br%3D31200000%26af_im%3D31200000%26amznbid%3D2%26amzniid%3D%26amznsz%3D0x0%26amznp%3D2%7Chb_pb%3D0.01%26hb_adid%3D616edee55310b2196c628475-1001%26hb_iv%3D1%26sv%3D1%26re_ve%3D8e148798-v7.35.0%26pg_ld_id%3D79ae103e-3949-4a27-a485-4e5a232ac8d8%26mo%3Dscan%26ac_id%3D59b100dc46e0fb00012e46aa%26si_id%3D59b1012e46e0fb00016a7b73%26pl_id%3D616edee55310b2196c628475%26co%3DCH%26co_sd%3D%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dwindows%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2023-11-16%252012%253A16%253A58%26ta_si%3D728x90%26aw_cm%3D-32%26np_md%3Dfalse%26cm_st%3Dnotapply%26cm_es%3Dunknown%26cm_ds%3Dunknown%26ab_md%3Dfalse%26v_c%3D%26ss_id%3D1bea05f1-cda5-4e27-809d-0ca92bc2e295%26tpcs%3Denabled%26st_ty%3Dhorb%26bf_br%3D31200000%26af_im%3D31200000%26amznbid%3D2%26amzniid%3D%26amznsz%3D0x0%26amznp%3D2&adks=3462135008%2C3462135036%2C1414712841&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0a2ef604cec27f249bafff77bfd28b3648c69c3120f7fb342ca8446477178ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13559
x-xss-protection: 0
google-lineitem-id: 4753675184,4753676390,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138238778460,138238778460,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E0ED 0
0 62ms
62ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvX-wVcb4YEfCdDUqW6eCYnZvwuhi5PdfxMfyR_D39uEM_NkbG8huqmFYl2MnEaNeD3XQpWwkKHdPLh0FDDaqP9ikHJ_VWvJud84rOS2aSqNoPJsm1AsbY0yIMl0JZjUumMiCttX0ZySH7ik_lf5I2qRZX2wiwSQFvi1Wsy-u_WkW1_M17lNIH9DSnDco1SUB8FajCVUkPcHzeHHdYGA-VZ5mu7A2JQhbhH6GO_WyMdWBiyzwtug3EjSRLoTZWF77w5z05KlrD5cTeM8k-1pHw8xBhqiuv2DoWXy7apXqX7cpAZYuupsCVXFMFbVa1UlnfuC24ra8FwhGEbbSxZmsI_b6W-Mg5KxQQmHwu6iEjmkcJ_SoFdpu-KyDir2bx_oP0zca86GvBqRipzOGHa_3Y_gM&sai=AMfl-YQ8MdHdlKxST24DFTAOWBSoKcevF1FOAked28C4R-fjbju5-t5IOMd-bMxc3wuXjgkXZP1RFhsRmXsQ2JxKGchb1NsCxlL214-seJSkKB7nVYHv3RICR9e7bSQJ7A&sig=Cg0ArKJSzDQgwUv79tOEEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0ED 203 KB
65 KB 103ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Dec 2023 10:43:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3308
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFIWE1YNVEtMjAtODAxTQ==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHnsMzIjMmhYLFldUXrwm4U&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFIWE1YNVEtMjAtODAxTQ==&google_push=

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFIWE1YNVEtMjAtODAxTQ==&google_push=

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFIWE1YNVEtMjAtODAxTQ==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3308
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DPsjaCDKQTm6s4h0hDw0xg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DPsjaCDKQTm6s4h0hDw0xg

43 B
479 B

116ms
116ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DPsjaCDKQTm6s4h0hDw0xg

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 10:43:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ERZF5BTJQQGVGN31CCJW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DPsjaCDKQTm6s4h0hDw0xg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b71bced807741b20dd93dce6c2d26405
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3308
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SXU1HvSNSMONMsJB51h6ZA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=SXU1HvSNSMONMsJB51h6ZA

43 B
479 B

54ms
54ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=SXU1HvSNSMONMsJB51h6ZA

Requested by

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 10:43:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QGD221K5FJHHPBF15FHQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=SXU1HvSNSMONMsJB51h6ZA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 3308
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECo_oP5sFMsorZDm_hiSRSg&google_cver=1

42 B
888 B

23ms
23ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECo_oP5sFMsorZDm_hiSRSg&google_cver=1
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECo_oP5sFMsorZDm_hiSRSg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 3308 70 B
148 B 49ms
47ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:29 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 3308
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQHXMX5Q-20-801M

0
650 B

176ms
121ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQHXMX5Q-20-801M
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:29 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: FA77DE9A3CFB48D6B1B891FDE948A908 Ref B: FRAEDGE2006 Ref C: 2023-12-23T10:43:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYNKwDha8p4aQQxsBzq6w==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQHXMX5Q-20-801M
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3308
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTNmOWJmNGFjYTU5NmFhZTFlZTc0MDU4MGI4YWRlNmM3OGM2NGE4OQ

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTNmOWJmNGFjYTU5NmFhZTFlZTc0MDU4MGI4YWRlNmM3OGM2NGE4OQ

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTNmOWJmNGFjYTU5NmFhZTFlZTc0MDU4MGI4YWRlNmM3OGM2NGE4OQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 3308
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=LQHXMX5Q-20-801M&ex=d-rubiconproject.com&status=ok

43 B
479 B

301ms
115ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LQHXMX5Q-20-801M&ex=d-rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 10:43:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EZ3SZ2FAXES13TGWB805
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LQHXMX5Q-20-801M&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 3308
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/EbCxm5neLLdkQWDM1DVww8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-W5zyee1E2oJ3Gc7rRRw_W5i6EddjNbLRspRiSQ--~A

42 B
888 B

22ms
22ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-W5zyee1E2oJ3Gc7rRRw_W5i6EddjNbLRspRiSQ--~A
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 23 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-W5zyee1E2oJ3Gc7rRRw_W5i6EddjNbLRspRiSQ--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 3308
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEMNU7LDXQAABP3FA4Kzw&expires=30

42 B
888 B

23ms
23ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEMNU7LDXQAABP3FA4Kzw&expires=30
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 7d6e3b6fefbbeb4d018118d74243a2fc
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEMNU7LDXQAABP3FA4Kzw&expires=30
Date: Sat, 23 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

cksync
hb.yahoo.net/ Frame 3308
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQHXMX5Q-20-801M&redir=true
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQHXMX5Q-20-801M&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQHXMX5Q-20-801M&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS05cFY4UGpSRTJ1SFo3STVtSDk2OTlLeXdoSWNKZDlmb35B&ovsid=LQHXMX5Q-20-801M&dpid=58160

56 B
319 B

138ms
59ms

Image
image/gif

23.48.23.63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS05cFY4UGpSRTJ1SFo3STVtSDk2OTlLeXdoSWNKZDlmb35B&ovsid=LQHXMX5Q-20-801M&dpid=58160

Requested by

Protocol

Server

23.48.23.63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-63.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Sat, 23 Dec 2023 10:43:30 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 56
x-mnet-hl2: E
expires: Sat, 23 Dec 2023 10:43:30 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS05cFY4UGpSRTJ1SFo3STVtSDk2OTlLeXdoSWNKZDlmb35B&ovsid=LQHXMX5Q-20-801M&dpid=58160
date: Sat, 23 Dec 2023 10:43:29 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 3308
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
https://ce.lijit.com/merge?pid=80&3pid=LQHXMX5Q-20-801M

0
311 B

101ms
32ms

Image
text/plain

216.52.2.91
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LQHXMX5Q-20-801M
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Server: 216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Sat, 23 Dec 2023 10:43:29 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ce.lijit.com/merge?pid=80&3pid=LQHXMX5Q-20-801M
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 7d6e3b6fefbbeb4d018118d74243a2fc
Expires: 0

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame 3308
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQHXMX5Q-20-801M

43 B
1 KB

24ms
24ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQHXMX5Q-20-801M

Requested by

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
an-x-request-uuid: 0a7916e5-165b-42d4-a402-3d79660cad39
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQHXMX5Q-20-801M
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H2

204

v1
match.sharethrough.com/sync/ Frame 3308
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQHXMX5Q-20-801M

0
34 B

19ms
19ms

Image
text/plain

3.68.18.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQHXMX5Q-20-801M
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 3.68.18.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-18-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:29 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQHXMX5Q-20-801M
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b71bced807741b20dd93dce6c2d26405
Expires: 0

GET
H2

200

pixel
capi.connatix.com/us/ Frame 3308
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564
https://capi.connatix.com/us/pixel?puid=LQHXMX5Q-20-801M&pId=11&gdpr=&gdpr_consent=&us_privacy=
https://capi.connatix.com/us/pixel?puid=LQHXMX5Q-20-801M&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

82 B
82 B

57ms
56ms

Image
image/gif

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LQHXMX5Q-20-801M&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 83a001004bfd9188-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 23 Dec 2023 10:43:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://capi.connatix.com/us/pixel?puid=LQHXMX5Q-20-801M&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 83a000ffeb9f9188-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 3308
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
https://prebid.a-mo.net/setuid/magnite?uid=LQHXMX5Q-20-801M

0
131 B

27ms
27ms

Image
text/plain

145.40.97.67
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LQHXMX5Q-20-801M
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_rx_n-MediaNet_smrt_an-db5_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:29 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LQHXMX5Q-20-801M
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b71bced807741b20dd93dce6c2d26405
Expires: 0

GET
H2

200

cs
cs-server-s2s.yellowblue.io/ Frame 08D3
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REI5NzQ0RjYtMUI3Qy00N0NBLTlGQkItQTA3RkU5QUU2RjMy&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFfqKG2MSrsrrrl7HFihSWs&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=DB9744F6-1B7C-47CA-9FBB-A07FE9AE6F32

0
329 B

108ms
107ms

Image
application/javascript

3.233.88.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=DB9744F6-1B7C-47CA-9FBB-A07FE9AE6F32
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol: H2
Server: 3.233.88.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-88-120.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:29 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

location: https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=DB9744F6-1B7C-47CA-9FBB-A07FE9AE6F32
date: Sat, 23 Dec 2023 10:43:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 115
content-type: text/html; charset=utf-8

GET
H2

200

cs
cs.yellowblue.io/ Frame 08D3
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
https://cs.yellowblue.io/cs?aid=11601&id=cd75154bdec58b69d47124989925039&gdpr_consent=&gdpr=0

0
330 B

168ms
52ms

Image
application/javascript

3.248.11.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.yellowblue.io/cs?aid=11601&id=cd75154bdec58b69d47124989925039&gdpr_consent=&gdpr=0
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol: H2
Server: 3.248.11.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-11-85.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:29 GMT
server: istio-envoy
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 10:43:29 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cs.yellowblue.io/cs?aid=11601&id=cd75154bdec58b69d47124989925039&gdpr_consent=&gdpr=0
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1703328209758068-596

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 08D3 0
34 B 21ms
20ms Image
text/plain 3.68.18.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by: Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.68.18.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-18-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:29 GMT

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame 08D3 43 B
479 B 53ms
53ms Image
image/gif 67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rise.com&id=TdC71WS-Cp_s

Requested by

Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cs-server-s2s.yellowblue.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 10:43:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7F5MHG99Z09FB6QVKEDA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 index.html Show response
static.adbutter.net/gps/9074151/58397/ Frame EB99 21 KB
4 KB 148ms
63ms Document
text/html 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 360bd85e68b4b46029fbd31d6056aaaf05efb92b6d3d35745cafaec28517459a

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=18000
content-encoding: br
content-type: text/html
date: Sat, 23 Dec 2023 10:43:29 GMT
etag: W/"655ca78c-5369"
last-modified: Tue, 21 Nov 2023 12:50:20 GMT
vary: Accept-Encoding
x-cacheable: Cacheable
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-request-id: 655230826

GET
H2 200 third-party-pixel.js Show response
static.adbutter.net/libjs/ Frame 0FD9 4 KB
2 KB 108ms
22ms Script
application/javascript 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adbutter.net/libjs/third-party-pixel.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a9e2c957b53c8aeaa85cf3fea3ab0389e4d3abfc4414fea76355a3d4051b02c2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:21:11 GMT
content-encoding: br
last-modified: Wed, 29 Nov 2023 11:32:19 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "65672143-ef4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1260
x-request-id: 816514926

GET
H2 200 tfav_adl_314.js Show response
j.adlooxtracking.com/ads/js/ Frame 0FD9 75 KB
26 KB 97ms
30ms Script
application/javascript 2606:4700:10::6816:4092
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://j.adlooxtracking.com/ads/js/tfav_adl_314.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4092 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07057128034b71e631ae913da7665f712b57e7fa3846d114ebc19dab4848e31a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:29 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3288
x-guploader-uploadid: ABPtcPpfjBXJLtjIg_5DnIdWnFevdd-3GN2no5dxa1_byC1qEaN07tJ5yNGgXOL4VM2eXqH6r0qQQs7Mng
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 28 Nov 2023 10:24:31 GMT
server: cloudflare
etag: W/"0412a3099ab5f82205bd195e6b626428"
vary: Accept-Encoding
x-goog-generation: 1701167071130623
content-type: application/javascript
x-goog-hash: crc32c=RRaxGw==, md5=BBKjCZq1+CIFvRlea2JkKA==
cache-control: public, max-age=14400
x-goog-stored-content-length: 76695
cf-ray: 83a000ff79b11e66-FRA
expires: Sat, 23 Dec 2023 10:48:41 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 0FD9 80 KB
27 KB 197ms
94ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 10:43:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Sun, 22 Dec 2024 10:43:29 GMT

GET
H2 200 it
fra1-ib.adnxs.com/ Frame 0FD9 0
645 B 39ms
27ms Image
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fminecraftcommand.science%252Fprofile%252Fgrassbear8&e=wqT_3QK1C-i1BQAAAwDWAAUBCNDzmqwGELH9vfGtlP_fGBiAzd-StbPZqkMqNglkK5t_uc7SPxF_IATmhfHNPxkAAAUC8EZAIb_FWOAK3OE_KR04Z0Rpb-Y_MQAAAEAzM8M_MNT53AU4pgZAmglIAlDvi9jkAVi5lFRgAGiFHXjDhwaAAQGKAQNVU0SSAQEG4JgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDkwNzQxNTEsIDApOwEULGknLCA5Mjk4MDAyLBEULGcnLCAyMzUxMjg3NhUVAHMBFRg5MjMxNDA3GSswcicsIDQ3OTU5Mzk2NwUs9AUBkgLlBCFCbkY5SkFpRGtQY2JFTy1MMk9RQkdBQWd1WlJVTUFBNEFFQUFTSm9KVU5UNTNBVllBR0JRYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFGRnE5QUpiVExqUDhFQmNvbnYzRzV2NWpfSkFRQUFBQUFBQVBBXzJRSDkyWThVa1dIclAtQUIwc0MzQlBVQlk1T1pRSmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYUlERGdqX3NvRXlFQUVZQWkwQUFDQkJvZ01YQ01PMzRESVFBaGdCTAmM8FJ5QjJSbFptRjFiSFNpQXc0SV83S0JNaEFMR0FJdEFBQWdRYm9EQ1VaU1FURTZOalU0Tk9BRG8wV0FCS1M3end5SUJJSGQwQXlRQkFHWUJBSEJCQQHhCQEEeVEJZQUBGE5nRUFQRUUFDAUBRENJQmJnem1BWFl0N0dMQWFrRgUXHEFBQThELXhCHTsId1FVARcBAQhrUU0JKBw0Qk8zM2pfUi4oAAAyFSjARHdQLUFGM3FNRThBV3NqcHNMLUFYbjY2a0VnZ1lEUTBoR2lBWUVrQVlCbUFZQW9RWQFcAQEsY1FLZ0dCTElHSkFrARAJAQBCHbcEQmsJFAEBAEMdGBhMZ0dDb0VJARcBATg5RDgumgKZASFmUlRCbnc6aQIoTG1VVkNBQUtBQXgBLQEBDEhFQTYyaQEkRUNqUlVuOTJZOEklADEdbQBGHYUARx0YAEcdGABIHRgQSGdBaVEREPQqAUR3UHcuLtgCH-AC7pAB6gIzaHR0cHM6Ly9taW5lY3JhZnRjb21tYW5kLnNjaWVuY2UvcHJvZmlsZS9ncmFzc2JlYXI4gAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgD0vt94AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDE0OS44OC4yNy44NagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAE_6K7IsgEANIEDjExNzgjRlJBMTo2NTg02gQCCAHgBAHwBO-L2OQBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF2ZtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChAACTUVAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8OHBtIHDQkRJwEmDNoHBggFCbjgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACB_SCA4IgYKEiJCgwIABEAAYAA..&s=84f3011026a9e06141a9e41ba3e124e6cb282536

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
an-x-request-uuid: 86953089-b2a9-427f-947b-b1c13a48a8c8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E0ED 0
0 103ms
61ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0rhA5JH7SiT_cGaFdBovcftCs60VS6C8DtJFN2u9bpcOIyIENTm_66zAYG-Bug3L3gGhDlwRZsjQxQNcMB6iGTKtJU_GAvcy_ozOXPOmgb-JSRSTGYy-znG3sJG6Cd7uS2SbdW9WapYsE2HKzrH-HqPTn-uiIgDRzMrLiQx_xslAgYjtrByyybFk2B_mS-HEKqCbAzITj4DI76MxYy5ByXf1b_UXXPR1K-1j6xnrOTJDXNeDalASt_eB8Mf1Iraz6SZ66HOCEqW7ieHhi8QYtJrfm_IC27YqjOkMZVog5QfJyU75Y2gIiLUOTAS15VEYLqHMts_STLAf9wavLC8ybHGtaRjTuU8645NEIMOvN1euHsct89v-hnPGJ_VSAZ9R1JOei8kkKxkf1u-Y6-fdasY_KQA&sai=AMfl-YRkbRkysMRG7F6aiVtJA-Vb8QI5_1R7E1NtaJvny_NgkAUwsicmbo6itqTLujB3SabFYedfdF5Vcv2f3NerG7_O2_P-2Wm3z69ph4dKqC9pK0ZuDQ343OFU1v1POg&sig=Cg0ArKJSzNkvlGuCAKrgEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 23 Dec 2023 10:43:29 GMT

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ Frame E27C 16 B
169 B 50ms
50ms XHR
application/json 34.254.47.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.47.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-47-73.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Sat, 23 Dec 2023 10:43:29 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 ad-choices.css
static.adbutter.net/dco/ Frame 0FD9 1 KB
682 B 22ms
22ms Stylesheet
text/css 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adbutter.net/dco/ad-choices.css
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: acec236733d5f9fe383b6f48f287b22277e5a18478976810ce503e7cd7f0a371

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:21:18 GMT
content-encoding: br
last-modified: Wed, 29 Nov 2023 11:32:19 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "65672143-5eb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 357
x-request-id: 799509119

GET
H2 200 adchoices.png
static.adbutter.net/dco/img/ Frame 0FD9 554 B
857 B 23ms
23ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/dco/img/adchoices.png
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 31efeb7bd7ac7560d47cc93debc722a4b1c1925f261151b1ee5601cb3cc8c0c5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:21:22 GMT
last-modified: Wed, 29 Nov 2023 11:32:19 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "65672143-22a"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-request-id: 815434313

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D209 52 KB
17 KB 65ms
17ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 18708
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 23 Dec 2023 10:43:29 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 337, 50784
X-Served-By: cache-lga13626-LGA, cache-mxp6973-MXP
X-Timer: S1703328210.924188,VS0,VE0

GET
H2 200 rd_log Show response
fra1-ib.adnxs.com/ Frame 0FD9 0
645 B 52ms
52ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&e=wqT_3QKlDuglBwAAAwDWAAUBCNDzmqwGELH9vfGtlP_fGBiAzd-StbPZqkMqNglkK5t_uc7SPxF_IATmhfHNPxkAAAUC8EZAIb_FWOAK3OE_KR04Z0Rpb-Y_MQAAAEAzM8M_MNT53AU4pgZAmglIAlDvi9jkAVi5lFRgAGiFHXjDhwaAAQGKAQNVU0SSAQEG4JgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDkwNzQxNTEsIDApOwEULGknLCA5Mjk4MDAyLBEULGcnLCAyMzUxMjg3NhUVAHMBFRg5MjMxNDA3GSswcicsIDQ3OTU5Mzk2NwUs9AUBkgLlBCFCbkY5SkFpRGtQY2JFTy1MMk9RQkdBQWd1WlJVTUFBNEFFQUFTSm9KVU5UNTNBVllBR0JRYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFGRnE5QUpiVExqUDhFQmNvbnYzRzV2NWpfSkFRQUFBQUFBQVBBXzJRSDkyWThVa1dIclAtQUIwc0MzQlBVQlk1T1pRSmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYUlERGdqX3NvRXlFQUVZQWkwQUFDQkJvZ01YQ01PMzRESVFBaGdCTAmM8FJ5QjJSbFptRjFiSFNpQXc0SV83S0JNaEFMR0FJdEFBQWdRYm9EQ1VaU1FURTZOalU0Tk9BRG8wV0FCS1M3end5SUJJSGQwQXlRQkFHWUJBSEJCQQHhCQEEeVEJZQUBGE5nRUFQRUUFDAUBRENJQmJnem1BWFl0N0dMQWFrRgUXHEFBQThELXhCHTsId1FVARcBAQhrUU0JKBw0Qk8zM2pfUi4oAAAyFSjARHdQLUFGM3FNRThBV3NqcHNMLUFYbjY2a0VnZ1lEUTBoR2lBWUVrQVlCbUFZQW9RWQFcAQEsY1FLZ0dCTElHSkFrARAJAQBCHbcEQmsJFAEBAEMdGBhMZ0dDb0VJARcBATg5RDgumgKZASFmUlRCbnc6aQIoTG1VVkNBQUtBQXgBLQEBDEhFQTYyaQEkRUNqUlVuOTJZOEklADEdbQBGHYUARx0YAEcdGABIHRgQSGdBaVEREPBSRHdQdy4u2AIf4ALukAHqAjNodHRwczovL21pbmVjcmFmdGNvbW1hbmQuc2NpZW5jZS9wcm9maWxlL2dyYXNzYmVhcjjyAhEKBkFEVl9JRBIHOTBlsjTyAhIKBkNQR19JRBIIMm2eARUIBUNQARQACXWdPPICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWREPEAsKB0NQFQ4QEAoFSU8BYQAHjScA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8LCAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2APS-33gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMTQ5Ljg4LjI3Ljg1qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAT_orsiyAQA0gQOMTE3OCNGUkExOjY1ODTaBAIIAeAEAfAE74vY5AGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAFDKgAANgFAeAFAeoFEAoLaXMtdmlld2FibGUSATHqBQ8KCmxvb3AtaW5kZXgSARIQDAoHaW4FJQUhHAcKAmhwEgEwAT4EDE1RQ7AxLjkSAOoFDQoIaW4tZm9jdXMSATHwBdmbSvoFBAgAEACQBgCYBgC4BgDBBgAFhijwP9AG4APaBhYKEAUQHQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfDhwbSBw0JESkBJgjaBwYBXaAYAOAHAOoHAggA8AfGgw2KCAIQAJUIAACAP5gIAcAIH9IIBggAEAAYAA..&s=3891db9eb3e31d33b048c6255ec300ceaa17a38c&bdref=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8,https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
an-x-request-uuid: e6245a27-37af-4529-8295-940f29618468
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 b3f8f7284a7c1f44f8511c978dea3483.js Show response
static.adbutter.net/gps/9074151/58397/ Frame EB99 135 KB
37 KB 22ms
22ms Script
application/javascript 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adbutter.net/gps/9074151/58397/b3f8f7284a7c1f44f8511c978dea3483.js
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 7910f6cc7469c03367eeee3b6b2a428379fa3a7c601b51a69b733370256698c3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:26:39 GMT
content-encoding: br
last-modified: Tue, 21 Nov 2023 12:50:20 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78c-21a89"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37309
x-request-id: 790266836

GET
H2 200 ic5.php Show response
data00.adlooxtracking.com/ads/ Frame 0FD9 6 KB
3 KB 135ms
74ms XHR
application/json 35.241.31.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?tagid=498&client=gamned&ts=pg-182~1_fo-182~1_vpw-182~1600_vph-182~1200_scw-182~1600_sch-182~1200_sco-182~1_sca-182~0_srx-182~0_sry-182~0_ev-125~sb.183~rp.183~rvp.183~rap.188~ss&att=0.0.1600~1200&visite_id=45907915779&seq=0&timezone=-60&js=tfav_adl_314.js&date_regen=3c20610&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1091809&id2=292314072&id3=479593967&id4=728x90&id5=12008660&id6=9074151&id7=806&id8=23512876&id9=4851895891337406080&id10=9298002&id11=display&id12=ch&id13=%24ADLOOX_WEBSITE&id14=iab_80_5&id15=1783421753904561841&id16=minecraftcommand.science&p_d=0.064&fai=%40https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&iframe=3&resolution=1600x1200&nav_lang=en-US&url_referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&ao=https%3A%2F%2Fminecraftcommand.science&activetab=1&cf=1
Requested by: Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_314.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: / PHP/7.4.33
Resource Hash: 48c800142a002900895cf3863f1682fa391f6ccf1c88505542ce508c01e1f5fb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:30 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
x-route: ads-prod-f57d574b8-vd9th
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
access-control-allow-methods: POST, OPTIONS
cache-control: no-cache, no-store, must-revalidate
access-control-max-age: 86400
access-control-allow-headers: Content-Type, X-Requested-With
expires: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame D209 0
594 B 25ms
25ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=806&pub_id=1091809&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:29 GMT
an-x-request-uuid: 72adf2c4-e0f9-499d-8b12-2aaab7bdf339
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EB99 1 KB
517 B 36ms
34ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Tenor+Sans:400

Requested by

Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58397/b3f8f7284a7c1f44f8511c978dea3483.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8d4946d60e519fd87d8e22a7677a263e3a9f302fd16442145374ed38b1b6d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Dec 2023 10:43:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 10:43:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Dec 2023 10:43:29 GMT

GET
H2 200 bb188c2c902155988f13b9e16823c45c.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 32 KB
33 KB 24ms
22ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/bb188c2c902155988f13b9e16823c45c.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 8166bebcf619fa9816209843cf2c6c778b19c81902341ae15899b3108955ed66

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:26:40 GMT
last-modified: Tue, 21 Nov 2023 12:50:21 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78d-81ce"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33230
x-request-id: 790266839

GET
H2 200 5f1dc935d1974200fb7aa60cfad1097d.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 4 KB
5 KB 25ms
23ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/5f1dc935d1974200fb7aa60cfad1097d.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 69e6ee2920398b4d84885597e51b536dfb0b57883367fec9d88fef577e6c6229

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:27:04 GMT
last-modified: Tue, 21 Nov 2023 12:50:20 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78c-11bf"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4543
x-request-id: 822379340

GET
H2 200 90992cb264d346c6136c8284d3b8944c.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 3 KB
4 KB 25ms
23ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/90992cb264d346c6136c8284d3b8944c.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a24c5711a77d4208eacc987d40bb9e24629bda0e2feb4862f65d80dffcfd3070

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:27:04 GMT
last-modified: Tue, 21 Nov 2023 12:50:21 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78d-de1"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3553
x-request-id: 822379341

GET
H2 200 ab6ecb122eed5bfed6b05b7057c73a23.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 5 KB
5 KB 27ms
25ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/ab6ecb122eed5bfed6b05b7057c73a23.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 43545571911470b8873417fca34434b1460effa2bcfe1196c0df0b8c261e69c6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:27:04 GMT
last-modified: Tue, 21 Nov 2023 12:50:21 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78d-12ca"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4810
x-request-id: 822379342

GET
H2 200 82a1fe04e7c101dd330615698ec294ae.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 8 KB
9 KB 27ms
25ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/82a1fe04e7c101dd330615698ec294ae.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: b354b3527a89cdd075f7ff5f0f0a41351ef1a7c9a155db60afca8d211c5459bf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:27:04 GMT
last-modified: Tue, 21 Nov 2023 12:50:21 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78d-21c0"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8640
x-request-id: 822379343

GET
H2 200 921be8acd2b3ad17a265f348ab179a92.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 8 KB
9 KB 45ms
43ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/921be8acd2b3ad17a265f348ab179a92.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 35e2cbc7970ef58900fe5c635c2421af503ebb6866855dea5b3c2007442b00d6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:27:04 GMT
last-modified: Tue, 21 Nov 2023 12:50:21 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78d-21c6"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8646
x-request-id: 822379344

GET
H2 200 0a48d55fae81d103b26bf801372319b8.svg
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 4 KB
1 KB 27ms
25ms Image
image/svg+xml 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/0a48d55fae81d103b26bf801372319b8.svg
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3384269ca71b222f0f2b139082af94deec4f4b8f809830008abd5152ebee8419

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:26:40 GMT
content-encoding: br
last-modified: Tue, 21 Nov 2023 12:50:20 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78c-fdd"
content-type: image/svg+xml
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1047
x-request-id: 790266842

GET
H2 200 43f46a951c336c485963818354530e7f.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 3 KB
3 KB 27ms
26ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/43f46a951c336c485963818354530e7f.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2ff883076db3b492ca52a431a8c468bbd2a000fee8b88e8ebba6f5e09be62e39

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:27:04 GMT
last-modified: Tue, 21 Nov 2023 12:50:20 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78c-a65"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2661
x-request-id: 822379346

GET
H2 200 96f08300c0942b3d5fbda423a500b303.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 3 KB
3 KB 47ms
46ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/96f08300c0942b3d5fbda423a500b303.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 162c15c446b596c648c9f158ab159eafc9ae2a5264814a6f06a0efb9073bb53c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:27:04 GMT
last-modified: Tue, 21 Nov 2023 12:50:21 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78d-c27"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3111
x-request-id: 822379347

GET
H2 200 7ff569b79c1e16c84e5440251daa809e.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 2 KB
2 KB 46ms
45ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/7ff569b79c1e16c84e5440251daa809e.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 0fe8ed498beb202767c6730efafc9e95be42c2cadb32e5b0a8260195c169d1b3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:27:04 GMT
last-modified: Tue, 21 Nov 2023 12:50:20 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78c-839"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2105
x-request-id: 822379348

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 0FD9 0
666 B 24ms
24ms Ping
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&e=wqT_3QK1C-i1BQAAAwDWAAUBCNDzmqwGELH9vfGtlP_fGBiAzd-StbPZqkMqNglkK5t_uc7SPxF_IATmhfHNPxkAAAUC8EZAIb_FWOAK3OE_KR04Z0Rpb-Y_MQAAAEAzM8M_MNT53AU4pgZAmglIAlDvi9jkAVi5lFRgAGiFHXjDhwaAAQGKAQNVU0SSAQEG4JgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDkwNzQxNTEsIDApOwEULGknLCA5Mjk4MDAyLBEULGcnLCAyMzUxMjg3NhUVAHMBFRg5MjMxNDA3GSswcicsIDQ3OTU5Mzk2NwUs9AUBkgLlBCFCbkY5SkFpRGtQY2JFTy1MMk9RQkdBQWd1WlJVTUFBNEFFQUFTSm9KVU5UNTNBVllBR0JRYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFGRnE5QUpiVExqUDhFQmNvbnYzRzV2NWpfSkFRQUFBQUFBQVBBXzJRSDkyWThVa1dIclAtQUIwc0MzQlBVQlk1T1pRSmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYUlERGdqX3NvRXlFQUVZQWkwQUFDQkJvZ01YQ01PMzRESVFBaGdCTAmM8FJ5QjJSbFptRjFiSFNpQXc0SV83S0JNaEFMR0FJdEFBQWdRYm9EQ1VaU1FURTZOalU0Tk9BRG8wV0FCS1M3end5SUJJSGQwQXlRQkFHWUJBSEJCQQHhCQEEeVEJZQUBGE5nRUFQRUUFDAUBRENJQmJnem1BWFl0N0dMQWFrRgUXHEFBQThELXhCHTsId1FVARcBAQhrUU0JKBw0Qk8zM2pfUi4oAAAyFSjARHdQLUFGM3FNRThBV3NqcHNMLUFYbjY2a0VnZ1lEUTBoR2lBWUVrQVlCbUFZQW9RWQFcAQEsY1FLZ0dCTElHSkFrARAJAQBCHbcEQmsJFAEBAEMdGBhMZ0dDb0VJARcBATg5RDgumgKZASFmUlRCbnc6aQIoTG1VVkNBQUtBQXgBLQEBDEhFQTYyaQEkRUNqUlVuOTJZOEklADEdbQBGHYUARx0YAEcdGABIHRgQSGdBaVEREPQqAUR3UHcuLtgCH-AC7pAB6gIzaHR0cHM6Ly9taW5lY3JhZnRjb21tYW5kLnNjaWVuY2UvcHJvZmlsZS9ncmFzc2JlYXI4gAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgD0vt94AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDE0OS44OC4yNy44NagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAE_6K7IsgEANIEDjExNzgjRlJBMTo2NTg02gQCCAHgBAHwBO-L2OQBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF2ZtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChAACTUVAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8OHBtIHDQkRJwEmDNoHBggFCbjgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACB_SCA4IgYKEiJCgwIABEAAYAA..&s=84f3011026a9e06141a9e41ba3e124e6cb282536&type=nv&nvt=5&jm=1003&px=437&py=55&bw=728&bh=90&sid=3549650921437523889&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=12008660&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=1607&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:30 GMT
an-x-request-uuid: a6f5dc7b-03a7-4fbd-a85e-860a17499ae0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 bx6ANxqUneKx06UkIXISn3V4Cg.woff2
fonts.gstatic.com/s/tenorsans/v19/ Frame EB99 18 KB
18 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tenorsans/v19/bx6ANxqUneKx06UkIXISn3V4Cg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tenor+Sans:400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0519cf59735526c06d770daf25ccbcfd671b85ccf66a0899a38164547402d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://static.adbutter.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:21:28 GMT
x-content-type-options: nosniff
age: 354122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18588
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:40:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:21:28 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 89A2 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPqKRa6AkOKyLqiiclJueObFqFJ-wIWM0FNZ1hUEcUe1D_m6vpaWzUk0xuYptv64Lyzi7ByPGXFWl_6xkWxb7PxBpg0mEQmlmKrcgZ7pRVgjj03KHlJe4AdR6dFjGtc4Xb7EcrsV2F0rxxRD-6hBGtK-PNZ_xDWcqSjiQZGCvx0CVPc2iNGNITrD_vyetUPRn6MCV-3h1BMkMt4AWGY3ni3bgfFFY-xo-cbMIAfw-7T9vkuL8u1Bxdez3N6L5iTwDttaF4ixzRwshPoXECvHLO5w5EjMBG-NSatL6GNKI1Oyfxss56t-T-dxb2xNhws0QUkwXoAbfpagmvGM4dWqRW4nobnLN9sY2hJrN4NwzrpZe6rB8vGtZUPB_WXC-T3ZC4PG4t7vQuxyHPhfzqqO4YFno&sai=AMfl-YQ_75MMKYTj55ouqXVEt9MGteZ6HHD1DEIgw5r57Qp0jeavP4b2m3K3kNnigbvHur98obkqxZquK1z-p_LiP5FfbwjCOOMBibbqsUKNahFXT1hzZpbNQp5Qb_cnhw&sig=Cg0ArKJSzFG8k6xwlDOnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 89A2 203 KB
64 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Dec 2023 10:43:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 929A 0
0 62ms
62ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssErM4FssrQcOybIHR5b5wuKqvj7Sfr9KYxFQL1qvHMXy4S02SOGomXNk27_QR9vq3pbEb7yXT7dC4FXrLH-JmMKonc2iCg11L1_FmgXQKidI5PdR4wNLR9AJvGbe1ekSEz6JQFRoytz_UQKSaG2ChKJGMal5KmYSjyHhqWeusmzUIDvfqTG7j3aSZ8N0DsrS7tgZqcJdVUymd27P8h4uWGvi1UtTIHMnNxShRZy78RqkgeeHeOkG0GxY-8FdkUGwj3kMmFuD_1OchNY830dlCKCTwzJ6871sH51uF-qsCoVKXLxxXbwmmkzJtfZMtuqK-2FdvYL31pJyrh4UEVfXf4ZatoV3BTSbaTD1_pQWqhbjpmAXvepBNEnKRUBUbNIRgM-EZlhQYpqklq0Pieg3J1FHc&sai=AMfl-YSmlZR4DosMa5Vk7h96qJeF1u1oK9K6w_756eA5tNmG2k8qdzCqIW14EbO8lxgelSSKGC9FxqgVuLUbYfsF6MbRvXwf6ZKz2FTag8dDyEJfF8ks29clw_JZsg6Hew&sig=Cg0ArKJSzIdQm1W-YT0hEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 929A 203 KB
64 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Dec 2023 10:43:30 GMT

GET
H2 200 bb188c2c902155988f13b9e16823c45c.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 32 KB
33 KB 24ms
22ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/bb188c2c902155988f13b9e16823c45c.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 8166bebcf619fa9816209843cf2c6c778b19c81902341ae15899b3108955ed66

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:26:40 GMT
last-modified: Tue, 21 Nov 2023 12:50:21 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78d-81ce"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33230
x-request-id: 790266839

GET
H2 200 5f1dc935d1974200fb7aa60cfad1097d.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 4 KB
5 KB 24ms
23ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/5f1dc935d1974200fb7aa60cfad1097d.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 69e6ee2920398b4d84885597e51b536dfb0b57883367fec9d88fef577e6c6229

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:27:04 GMT
last-modified: Tue, 21 Nov 2023 12:50:20 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78c-11bf"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4543
x-request-id: 822379340

GET
H2 200 90992cb264d346c6136c8284d3b8944c.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 3 KB
4 KB 25ms
23ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/90992cb264d346c6136c8284d3b8944c.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a24c5711a77d4208eacc987d40bb9e24629bda0e2feb4862f65d80dffcfd3070

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:27:04 GMT
last-modified: Tue, 21 Nov 2023 12:50:21 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78d-de1"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3553
x-request-id: 822379341

GET
H2 200 ab6ecb122eed5bfed6b05b7057c73a23.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 5 KB
5 KB 28ms
27ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/ab6ecb122eed5bfed6b05b7057c73a23.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 43545571911470b8873417fca34434b1460effa2bcfe1196c0df0b8c261e69c6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:27:04 GMT
last-modified: Tue, 21 Nov 2023 12:50:21 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78d-12ca"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4810
x-request-id: 822379342

GET
H2 200 82a1fe04e7c101dd330615698ec294ae.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 8 KB
9 KB 29ms
28ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/82a1fe04e7c101dd330615698ec294ae.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: b354b3527a89cdd075f7ff5f0f0a41351ef1a7c9a155db60afca8d211c5459bf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:27:04 GMT
last-modified: Tue, 21 Nov 2023 12:50:21 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78d-21c0"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8640
x-request-id: 822379343

GET
H2 200 921be8acd2b3ad17a265f348ab179a92.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 8 KB
9 KB 29ms
29ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/921be8acd2b3ad17a265f348ab179a92.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 35e2cbc7970ef58900fe5c635c2421af503ebb6866855dea5b3c2007442b00d6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:27:04 GMT
last-modified: Tue, 21 Nov 2023 12:50:21 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78d-21c6"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8646
x-request-id: 822379344

GET
H2 200 43f46a951c336c485963818354530e7f.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 3 KB
3 KB 27ms
26ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/43f46a951c336c485963818354530e7f.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2ff883076db3b492ca52a431a8c468bbd2a000fee8b88e8ebba6f5e09be62e39

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:27:04 GMT
last-modified: Tue, 21 Nov 2023 12:50:20 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78c-a65"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2661
x-request-id: 822379346

GET
H2 200 96f08300c0942b3d5fbda423a500b303.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 3 KB
3 KB 26ms
25ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/96f08300c0942b3d5fbda423a500b303.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 162c15c446b596c648c9f158ab159eafc9ae2a5264814a6f06a0efb9073bb53c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:27:04 GMT
last-modified: Tue, 21 Nov 2023 12:50:21 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78d-c27"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3111
x-request-id: 822379347

GET
H2 200 7ff569b79c1e16c84e5440251daa809e.png
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 2 KB
2 KB 27ms
27ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/7ff569b79c1e16c84e5440251daa809e.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 0fe8ed498beb202767c6730efafc9e95be42c2cadb32e5b0a8260195c169d1b3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:27:04 GMT
last-modified: Tue, 21 Nov 2023 12:50:20 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78c-839"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2105
x-request-id: 822379348

GET
H2 200 a35e85ed252bd7b842fe9f3ed20d298f.svg
static.adbutter.net/gps/9074151/58397/media/ Frame EB99 2 KB
1 KB 29ms
28ms Image
image/svg+xml 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58397/media/a35e85ed252bd7b842fe9f3ed20d298f.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e9f70ad0e3ecd5a0198e980cb478627ece9e5b97c5bef454daff4864739a7c74

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58397/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKYAfCXmAAAAAMAxBkFAQjQ85qsBhCx_b3xrZT_3xgYgM3fkrWz2apDINT53AUopgYwmgk4AkDvi9jkAUi5lFRQAFoDVVNEYgNVU0Ro2AVwWniFHYABw4cGiAEBkAEBmAEFoAECqQFkK5t_uc7SP7EBfyAE5oXxzT-5AQAAAAAAAABAwQG_xVjgCtzhP8kBHThnRGlv5j_YAR_gAQA./s=fd765be11241e67037ebf03f446b791179674dd4/bcr=AAAAAAAA8D8=/cnd=%21fRTBnwiDkPcbEO-L2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjU4NECjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjY1ODQ=/bn=99267/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:26:40 GMT
content-encoding: br
last-modified: Tue, 21 Nov 2023 12:50:21 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca78d-8d4"
content-type: image/svg+xml
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 978
x-request-id: 790266867

GET
H2 200 index.html Show response
static.adbutter.net/gps/9074151/58398/ Frame 2E80 16 KB
4 KB 51ms
51ms Document
text/html 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: b7902c523882d409b8c1ba82be92608cbdca1635d017b37ddb22616e43c0e0e6

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=18000
content-encoding: br
content-type: text/html
date: Sat, 23 Dec 2023 10:43:30 GMT
etag: W/"655ca7ed-4131"
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
vary: Accept-Encoding
x-cacheable: Cacheable
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-request-id: 655230852

GET
H2 200 third-party-pixel.js Show response
static.adbutter.net/libjs/ Frame 0473 4 KB
2 KB 22ms
21ms Script
application/javascript 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adbutter.net/libjs/third-party-pixel.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a9e2c957b53c8aeaa85cf3fea3ab0389e4d3abfc4414fea76355a3d4051b02c2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:21:11 GMT
content-encoding: br
last-modified: Wed, 29 Nov 2023 11:32:19 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "65672143-ef4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1260
x-request-id: 816514926

GET
H2 200 tfav_adl_314.js Show response
j.adlooxtracking.com/ads/js/ Frame 0473 75 KB
26 KB 31ms
30ms Script
application/javascript 2606:4700:10::6816:4092
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://j.adlooxtracking.com/ads/js/tfav_adl_314.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4092 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07057128034b71e631ae913da7665f712b57e7fa3846d114ebc19dab4848e31a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:30 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3289
x-guploader-uploadid: ABPtcPpfjBXJLtjIg_5DnIdWnFevdd-3GN2no5dxa1_byC1qEaN07tJ5yNGgXOL4VM2eXqH6r0qQQs7Mng
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 28 Nov 2023 10:24:31 GMT
server: cloudflare
etag: W/"0412a3099ab5f82205bd195e6b626428"
vary: Accept-Encoding
x-goog-generation: 1701167071130623
content-type: application/javascript
x-goog-hash: crc32c=RRaxGw==, md5=BBKjCZq1+CIFvRlea2JkKA==
cache-control: public, max-age=14400
x-goog-stored-content-length: 76695
cf-ray: 83a00100eb951e66-FRA
expires: Sat, 23 Dec 2023 10:48:41 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 0473 80 KB
27 KB 55ms
54ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 10:43:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Sun, 22 Dec 2024 10:43:30 GMT

GET
H2 200 it
fra1-ib.adnxs.com/ Frame 0473 0
645 B 25ms
24ms Image
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fminecraftcommand.science%252Fprofile%252Fgrassbear8&e=wqT_3QK3C_DttwUAAAMA1gAFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDKjYJDTmgS8eJ5T8RTBezTT4l4T8ZAAAAQOF6AkAheDNeS6za4T8pdv2C3bBt5j8xAAAAgOtRyD8wu--ABjimBkCaCUgCULyN2OQBWLmUVGAAaIUdeLqEBoABAYoBA1VTRJIBA1VTRJgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA5MDc0MTUxLCAwKTt1ZignaScsIDkyOTgwMDIsIDApO3VmKCdnJywgMjM1MTI4NzYsIDApOwE9PHMnLCAyOTIzMTQwNzIsIDAJPyhyJywgNDc5NTk0MQ0W9AUBkgLlBCE3bkR0X0FpRGtQY2JFTHlOMk9RQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUx2dmdBWllBR0JRYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFIVGxzVGQ5RERqUDhFQkhaOHRQTGR0NWpfSkFRQUFBQUFBQVBBXzJRSDkyWThVa1dIclAtQUIwc0MzQlBVQm9vZVpRSmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYUlERGdqX3NvRXlFQUVZQWkwQUFDQkJvZ01YQ01PMzRESVFBaGdCTAmM8FJ5QjJSbFptRjFiSFNpQXc0SV83S0JNaEFMR0FJdEFBQWdRYm9EQ1VaU1FURTZOak01T2VBRG8wV0FCS1M3end5SUJJSGQwQXlRQkFHWUJBSEJCQQHhCQEEeVEJZQUBGE5nRUFQRUUFDAUBRENJQmY4eG1BWFl0N0dMQWFrRgUXHEFBQThELXhCHTsId1FVARcBAQhrUU0NKBhMcTAzal9SLigAADIVKMBEd1AtQUZ5YU1FOEFXc2pwc0wtQVhuNjZrRWdnWURRMGhHaUFZRWtBWUJtQVlBb1FZAVwBASxjUUtnR0JMSUdKQWsBEAkBAEIdtwRCawkUAQEAQx0YGExnR0NvRUkBFwEBODlEOC6aApkBIVVCUk9qUTppAihMbVVWQ0FBS0FBeAEtAQEMSEVBNjJpASRVQ2pSVW45Mlk4SSUAMR1tAEYdhQBHHRgARx0YAEgdGBBIZ0FpUREQ9CoBRHdQdy4u2AIf4ALukAHqAjNodHRwczovL21pbmVjcmFmdGNvbW1hbmQuc2NpZW5jZS9wcm9maWxlL2dyYXNzYmVhcjiAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2APS-33gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMTQ5Ljg4LjI3Ljg1qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAE_6K7IsgEANIEDjExNzgjRlJBMTo2Mzk52gQCCAHgBAHwBLyN2OQBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF2ZtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChANNRUBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHuoQG0gcNCREnASYM2gcGCAUJuOAHAOoHAggA8AfGgw2KCAIQAJUIAACAP5gIAcAIH9IIDgiBgoSIkKDAgAEQABgA&s=cf8099c6b9f762482366674eacb3bda6cee78f55

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:30 GMT
an-x-request-uuid: cf9d586f-d28c-486c-9bc7-df3236062632
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 index.html Show response
static.adbutter.net/gps/9074151/58398/ Frame 5B3B 16 KB
4 KB 57ms
49ms Document
text/html 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBbH84xtXt0z-xASmkCrChus8_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=0004ece94418718036f6f1b1d8813aebe91b1728/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: b7902c523882d409b8c1ba82be92608cbdca1635d017b37ddb22616e43c0e0e6

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=18000
content-encoding: br
content-type: text/html
date: Sat, 23 Dec 2023 10:43:30 GMT
etag: W/"655ca7ed-4131"
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
vary: Accept-Encoding
x-cacheable: Cacheable
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-request-id: 655230853

GET
H2 200 third-party-pixel.js Show response
static.adbutter.net/libjs/ Frame 0268 4 KB
2 KB 30ms
22ms Script
application/javascript 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adbutter.net/libjs/third-party-pixel.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: a9e2c957b53c8aeaa85cf3fea3ab0389e4d3abfc4414fea76355a3d4051b02c2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:21:11 GMT
content-encoding: br
last-modified: Wed, 29 Nov 2023 11:32:19 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "65672143-ef4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1260
x-request-id: 816514926

GET
H2 200 tfav_adl_314.js Show response
j.adlooxtracking.com/ads/js/ Frame 0268 75 KB
26 KB 38ms
30ms Script
application/javascript 2606:4700:10::6816:4092
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://j.adlooxtracking.com/ads/js/tfav_adl_314.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4092 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07057128034b71e631ae913da7665f712b57e7fa3846d114ebc19dab4848e31a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:30 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3289
x-guploader-uploadid: ABPtcPpfjBXJLtjIg_5DnIdWnFevdd-3GN2no5dxa1_byC1qEaN07tJ5yNGgXOL4VM2eXqH6r0qQQs7Mng
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 28 Nov 2023 10:24:31 GMT
server: cloudflare
etag: W/"0412a3099ab5f82205bd195e6b626428"
vary: Accept-Encoding
x-goog-generation: 1701167071130623
content-type: application/javascript
x-goog-hash: crc32c=RRaxGw==, md5=BBKjCZq1+CIFvRlea2JkKA==
cache-control: public, max-age=14400
x-goog-stored-content-length: 76695
cf-ray: 83a001010bb41e66-FRA
expires: Sat, 23 Dec 2023 10:48:41 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 0268 80 KB
27 KB 68ms
28ms Script
application/x-javascript 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 10:43:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Sun, 22 Dec 2024 10:43:30 GMT

GET
H2 200 it
fra1-ib.adnxs.com/ Frame 0268 0
645 B 32ms
24ms Image
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fminecraftcommand.science%252Fprofile%252Fgrassbear8&e=wqT_3QKrFfDtqwoAAAMA1gAFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDKjYJbH84xtXt0z8RKaQKsKG6zz8ZAAAAQOF6AkAheDNeS6za4T8pdv2C3bBt5j8xAAAAgOtRyD8wu--ABjimBkCaCUgCULyN2OQBWLmUVGAAaIUdeLqEBoABAYoBA1VTRJIBA1VTRJgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA5MDc0MTUxLCAwKTt1ZignaScsIDkyOTgwMDIsIDApO3VmKCdnJywgMjM1MTI4NzYsIDApOwE9PHMnLCAyOTIzMTQwNzIsIDAJPyhyJywgNDc5NTk0MQ0W9AUBkgLZDiFGVzlOc3dpRGtQY2JFTHlOMk9RQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUx2dmdBWllBR0JRYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFIVGxzVGQ5RERqUDhFQkhaOHRQTGR0NWpfSkFRQUFBQUFBQVBBXzJRSDkyWThVa1dIclAtQUIwc0MzQlBVQm9vZVpRSmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYUlERGdqX3NvRXlFQUVZQWkwQUFDQkJvZ01YQ01PMzRESVFBaGdCTAmM8Ft5QjJSbFptRjFiSFNpQXc0SV83S0JNaEFMR0FJdEFBQWdRYm9EQ1VaU1FURTZOak01T2VBRG8wV0FCS1M3end5SUJJSGQwQXlRQkFHWUJBR3FCTFFIQ1BfX19fXwkDCHdFUQkJCQEIQVJqCQkFAQg4Qkk2LAAAbwUXDQEIQVREDQoBAQg4Qk8yLAAERkEBFhEBBEFVNlgADFVDNVkRHAEBBEFXNkwAAGE2TAAAdwEkEQEYQVhnQmdBSBEPFF9fXzhCaToQAABrOhAAAG06EAAQb0FFR3E6FAAAczoQAAB1OhAAAHc6EAAAeToQACAwQUc3NzRBRzI6GAAANDoQAAA2OhAAADg6EAAALToQAAhnQUwB5Q0BAew2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLg0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAAR3UalNBQEITWtFBQgFARhEWUJBRHhCBQwJAUBpQVhfTVpnRjJMZXhpd0dwQhE7FFBBX3NRVQklAQEITUVGAQcBAQxKRURKCSgYQzZ0TjRfMC4oAAROaxUowDhEX2dCY21qQlBBRnJJNmJDX2dGNS11cEJJSUdBME5JUm9nR0JKQUdBWmdHQUtFR0EBXThBQUFIRUNvQmdTeUJpUUoBEA0BAFINCAEBAFoBBQ0BAGgNCCRBQUFDNEJncUJDAQsBATRQUV-aApkBIVVCUk9qUTpdByhMbVVWQ0FBS0FBeAEsAQEMSEVBNjJdBiRVQ2pSVW45Mlk46RkAMT1MBEZrATMJAQBHHRgARx0YAEgdGBBIZ0FpUREQ9CoBRHdQdy4u2AIf4ALukAHqAjNodHRwczovL21pbmVjcmFmdGNvbW1hbmQuc2NpZW5jZS9wcm9maWxlL2dyYXNzYmVhcjiAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2APS-33gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMTQ5Ljg4LjI3Ljg1qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAE_6K7IsgEANIEDjExNzgjRlJBMTo2Mzk52gQCCAHgBAHwBLyN2OQBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF2ZtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChANNRUBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHuoQG0gcNCREnASYM2gcGCAUJuOAHAOoHAggA8AfGgw2KCAIQAJUIAACAP5gIAcAIH9IIDgiBgoSIkKDAgAEQABgA&s=2b6c63b93247c2a37d76e9a08908768b20ad5652

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:30 GMT
an-x-request-uuid: feed4b6d-ba3d-482c-8c83-10c7a721c5cd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 track_enc Show response
track.venatusmedia.com/dual/ Frame E27C 16 B
169 B 50ms
50ms XHR
application/json 34.254.47.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track_enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.47.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-47-73.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Sat, 23 Dec 2023 10:43:30 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 ad-choices.css
static.adbutter.net/dco/ Frame 0473 1 KB
682 B 22ms
22ms Stylesheet
text/css 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adbutter.net/dco/ad-choices.css
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: acec236733d5f9fe383b6f48f287b22277e5a18478976810ce503e7cd7f0a371

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:21:18 GMT
content-encoding: br
last-modified: Wed, 29 Nov 2023 11:32:19 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "65672143-5eb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 357
x-request-id: 799509119

GET
H2 200 adchoices.png
static.adbutter.net/dco/img/ Frame 0473 554 B
857 B 22ms
22ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/dco/img/adchoices.png
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 31efeb7bd7ac7560d47cc93debc722a4b1c1925f261151b1ee5601cb3cc8c0c5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:21:22 GMT
last-modified: Wed, 29 Nov 2023 11:32:19 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "65672143-22a"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-request-id: 815434313

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 89A2 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfqNiKgt1A5wQ5_Oadbt_ISdOEgc6HlQp1tY7-G3wG7K_6SDm_B9x00krbd7C63TwJxSs6H6_zXQHehI6L7qxIfxHGTNSE1L4d_xnC5XI4z2men_xSc7_cg1Q1UXZT627s6Pvr2c9SJOXMnm7KLLmfi3AHp9h-x4bDzU4TuhhViRFeRNRYQozZ77MfjeKU0QgiH7SebSlHHF3YeVoyzl4vxw0Kp9mGbrYX-LR40JKjyEFNUEDo3SROejyBHHWh9ndd6mxxCHvqk-p1qdosMSg7hXRNTh4f5UKQNlaiTnx4-Br42GR0Fw_2gjbu2JMxy1YfJ3a_6H0sTlgyOGGZDb7tU7LzxMVkUG4uziFEeB3JYXRO6-6WhHyqSZxPuEWmw9vlTQW0CZy03O9A1vVLnaju6oK1UQ&sai=AMfl-YSlaM6Kx-YOBvrQX_KnK_31E78ek00zWXFqSzHfEWXxQKwcu5gmGTegxiTjXCXrYvgHyr76rkBXfiyijpe15S-irqYgaI7BJUMEvXapp2jow40zE4zQjVT7YT0CYw&sig=Cg0ArKJSzA2ltiK0tTEhEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 23 Dec 2023 10:43:30 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2974 52 KB
17 KB 17ms
17ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 18708
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 23 Dec 2023 10:43:30 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 337, 50785
X-Served-By: cache-lga13626-LGA, cache-mxp6973-MXP
X-Timer: S1703328210.131822,VS0,VE0

GET
H2 200 rd_log Show response
fra1-ib.adnxs.com/ Frame 0473 0
815 B 55ms
55ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&e=wqT_3QKbGPDtGwwAAAMA1gAFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDKjYJbH84xtXt0z8RKaQKsKG6zz8ZAAAAQOF6AkAheDNeS6za4T8pdv2C3bBt5j8xAAAAgOtRyD8wu--ABjimBkCaCUgCULyN2OQBWLmUVGAAaIUdeLqEBoABAYoBA1VTRJIBA1VTRJgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA5MDc0MTUxLCAwKTt1ZignaScsIDkyOTgwMDIsIDApO3VmKCdnJywgMjM1MTI4NzYsIDApOwE9PHMnLCAyOTIzMTQwNzIsIDAJPyhyJywgNDc5NTk0MQ0W9AUBkgLZDiFGVzlOc3dpRGtQY2JFTHlOMk9RQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUx2dmdBWllBR0JRYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFIVGxzVGQ5RERqUDhFQkhaOHRQTGR0NWpfSkFRQUFBQUFBQVBBXzJRSDkyWThVa1dIclAtQUIwc0MzQlBVQm9vZVpRSmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYUlERGdqX3NvRXlFQUVZQWkwQUFDQkJvZ01YQ01PMzRESVFBaGdCTAmM8Ft5QjJSbFptRjFiSFNpQXc0SV83S0JNaEFMR0FJdEFBQWdRYm9EQ1VaU1FURTZOak01T2VBRG8wV0FCS1M3end5SUJJSGQwQXlRQkFHWUJBR3FCTFFIQ1BfX19fXwkDCHdFUQkJCQEIQVJqCQkFAQg4Qkk2LAAAbwUXDQEIQVREDQoBAQg4Qk8yLAAERkEBFhEBBEFVNlgADFVDNVkRHAEBBEFXNkwAAGE2TAAAdwEkEQEYQVhnQmdBSBEPFF9fXzhCaToQAABrOhAAAG06EAAQb0FFR3E6FAAAczoQAAB1OhAAAHc6EAAAeToQACAwQUc3NzRBRzI6GAAANDoQAAA2OhAAADg6EAAALToQAAhnQUwB5Q0BAew2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLg0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAAR3UalNBQEITWtFBQgFARhEWUJBRHhCBQwJAUBpQVhfTVpnRjJMZXhpd0dwQhE7FFBBX3NRVQklAQEITUVGAQcBAQxKRURKCSgYQzZ0TjRfMC4oAAROaxUowDhEX2dCY21qQlBBRnJJNmJDX2dGNS11cEJJSUdBME5JUm9nR0JKQUdBWmdHQUtFR0EBXThBQUFIRUNvQmdTeUJpUUoBEA0BAFINCAEBAFoBBQ0BAGgNCCRBQUFDNEJncUJDAQsBATRQUV-aApkBIVVCUk9qUTpdByhMbVVWQ0FBS0FBeAEsAQEMSEVBNjJdBiRVQ2pSVW45Mlk46RkAMT1MBEZrATMJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8HlEd1B3Li7YAh_gAu6QAeoCM2h0dHBzOi8vbWluZWNyYWZ0Y29tbWFuZC5zY2llbmNlL3Byb2ZpbGUvZ3Jhc3NiZWFyOPICEQoGQURWX0lEEgc5MDc0MTUx8gISCgZDUEdfSUQSCDIzNTEyODc28gISCgVDUF9JRBIJMh6RCDzyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4UEAoFSU9fBYkYMjk4MDAy8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTQAJImoJ8JqAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2APS-33gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMTQ5Ljg4LjI3Ljg1qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAE_6K7IsgEANIEDjExNzgjRlJBMTo2Mzk52gQCCAHgBAHwBLyN2OQBiAUBmAUAoAX______wEFGAHABQDJBQAFARTwP9IFCQkFC6gAAADYBQHgBQHqBQ8KCmxvb3AtaW5kZXgSATHqBQcKAmhwEgEw6gUQCgxNUSJEMS45EgDqBQ0KCGluLWZvY3VzBS00EAoLaXMtdmlld2FibGUFExAMCgdpbgUTZBIBMfAF2ZtK-gUECAAQAJAGAJgGALgGAMEGAYIwAADwP9AG4APaBhYKEAkRGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAe6hAbSBw0VxQEmCNoHBgFdoBgA4AcA6gcCCADwB8aDDYoIAhAAlQgAAIA_mAgBwAgf0ggGCAAQABgA&s=f9478d9f5f7d377c71472a2954b8807b10b75ed3&bdref=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8,https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:30 GMT
an-x-request-uuid: 759dc468-8e73-4dbf-bfcf-8c05d33a3198
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 929A 0
0 62ms
62ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsue-h4W9yl8z4j1wRlwCnSKUbp7xNvqroWWejSzWVjbhwpiMmjhaV0yxkTXj1cPTDqCykzweCUUKOh0ZNLx7Y9C9tRBxGO0ifbqBhZjM8fZHo6Cis-Vbd_RaoQy0IKmKwS3SJ7Q6NnA-1B6MHbrFpwj71jY1BxGbPWAjdOKH7ZU67Jq1H53MJTBwk3hti86W9OFoQaTjpQhcF7cdx-AqFsYix8oycLJUqbxwPc1sj02LuxCnwyR8m0ikhmNdcQiZtEkE_atO0Xz53NMuD9g8ydz8j3Y6ZWSP7sUAtrZFKlMYkVXN3SIdkKx0bUasgf_odS4Eh4WCZ3i07tuMllF9JLKgK0SFlscUsf8vpYm7dzAAhBByrdh7fZXOjeH8VzKDnj1vxL2E0sgDKSHpM5F6MFTOI92ZA&sai=AMfl-YQ-aUo8dTyTQAVqirpCxxLLAepZAGNQCC5fJFuqcVvvoy6FchDMfFBCEJiA44BIPpq3ZAyMyDBijuGoztMx79v8vGG2sFlUHnFLJYhWHQ1PQmuw9N9P_GTFY-i4aw&sig=Cg0ArKJSzJvV532o4XClEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 23 Dec 2023 10:43:30 GMT

GET
H2 200 3981092bfdcef1137812a3ccbabe194b.js Show response
static.adbutter.net/gps/9074151/58398/ Frame 2E80 135 KB
37 KB 22ms
22ms Script
application/javascript 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adbutter.net/gps/9074151/58398/3981092bfdcef1137812a3ccbabe194b.js
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: c1c901ff492f80f83c3d7680459c34801f573e9cb1e860c33dae1750395436bd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:00 GMT
content-encoding: br
last-modified: Tue, 21 Nov 2023 12:51:56 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ec-21ab9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37316
x-request-id: 316709244

GET
H2 200 ad-choices.css
static.adbutter.net/dco/ Frame 0268 1 KB
682 B 22ms
22ms Stylesheet
text/css 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adbutter.net/dco/ad-choices.css
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: acec236733d5f9fe383b6f48f287b22277e5a18478976810ce503e7cd7f0a371

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:21:18 GMT
content-encoding: br
last-modified: Wed, 29 Nov 2023 11:32:19 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "65672143-5eb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 357
x-request-id: 799509119

GET
H2 200 adchoices.png
static.adbutter.net/dco/img/ Frame 0268 554 B
857 B 23ms
23ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/dco/img/adchoices.png
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 31efeb7bd7ac7560d47cc93debc722a4b1c1925f261151b1ee5601cb3cc8c0c5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:21:22 GMT
last-modified: Wed, 29 Nov 2023 11:32:19 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "65672143-22a"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-request-id: 815434313

GET
H2 200 3981092bfdcef1137812a3ccbabe194b.js Show response
static.adbutter.net/gps/9074151/58398/ Frame 5B3B 135 KB
37 KB 23ms
22ms Script
application/javascript 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adbutter.net/gps/9074151/58398/3981092bfdcef1137812a3ccbabe194b.js
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBbH84xtXt0z-xASmkCrChus8_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=0004ece94418718036f6f1b1d8813aebe91b1728/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: c1c901ff492f80f83c3d7680459c34801f573e9cb1e860c33dae1750395436bd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBbH84xtXt0z-xASmkCrChus8_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=0004ece94418718036f6f1b1d8813aebe91b1728/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:00 GMT
content-encoding: br
last-modified: Tue, 21 Nov 2023 12:51:56 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ec-21ab9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37316
x-request-id: 316709244

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5CAE 52 KB
17 KB 18ms
17ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809
Requested by: Host: minecraftcommand.science
URL: https://minecraftcommand.science/profile/grassbear8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 18708
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 23 Dec 2023 10:43:30 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 337, 50786
X-Served-By: cache-lga13626-LGA, cache-mxp6973-MXP
X-Timer: S1703328210.159290,VS0,VE0

GET
H2 200 rd_log Show response
fra1-ib.adnxs.com/ Frame 0268 0
645 B 26ms
26ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:30 GMT
an-x-request-uuid: d81126a1-9383-43ef-b644-9975a711e6a0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 2974 0
594 B 24ms
24ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=806&pub_id=1091809&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:30 GMT
an-x-request-uuid: 9b37d5de-abd2-4b94-970b-a734032e9929
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2E80 1 KB
421 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Tenor+Sans:400

Requested by

Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58398/3981092bfdcef1137812a3ccbabe194b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8d4946d60e519fd87d8e22a7677a263e3a9f302fd16442145374ed38b1b6d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Dec 2023 10:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 10:43:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Dec 2023 10:43:30 GMT

GET
H2 200 b3a92553fe19b0a8a4234a676e749d55.png
static.adbutter.net/gps/9074151/58398/media/ Frame 2E80 139 KB
139 KB 25ms
22ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/b3a92553fe19b0a8a4234a676e749d55.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 9aba5ea11be7cb5947c3705c2e44b9f46ab060766aeda86848132d752c059ca1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:00 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-22a06"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141830
x-request-id: 316709245

GET
H2 200 b0d58545e92ec88cedd8d5f4550e188d.png
static.adbutter.net/gps/9074151/58398/media/ Frame 2E80 16 KB
16 KB 26ms
24ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/b0d58545e92ec88cedd8d5f4550e188d.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ec3bba10c6f69f6c16fa13f547eb3e27242835dbe1779fac42a055e9aae42638

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:00 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-3ff8"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16376
x-request-id: 316709246

GET
H2 200 de801a0d29f1116826c7d2d427f833ee.svg
static.adbutter.net/gps/9074151/58398/media/ Frame 2E80 4 KB
1 KB 27ms
24ms Image
image/svg+xml 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/de801a0d29f1116826c7d2d427f833ee.svg
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: edc634a0c3ad5c1523dac76892c0092d2032497d92301431594b334ebe4b3855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:00 GMT
content-encoding: br
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-10a2"
content-type: image/svg+xml
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1212
x-request-id: 316709247

GET
H2 200 6444ccc8e5e0b9dbb427136fc6cadffc.png
static.adbutter.net/gps/9074151/58398/media/ Frame 2E80 4 KB
4 KB 26ms
24ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/6444ccc8e5e0b9dbb427136fc6cadffc.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: c468d8fc05d04e36fde21bf0c9c485c9e725cec381572fd0235a25e49b039b05

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:00 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-1087"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4231
x-request-id: 316709248

GET
H2 200 9b1157a4cfed8ac4f314e1897bd8a226.png
static.adbutter.net/gps/9074151/58398/media/ Frame 2E80 13 KB
13 KB 26ms
24ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/9b1157a4cfed8ac4f314e1897bd8a226.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 8d01982f0473d8e8555db897c2b241bf74563dce2d2e7408c1c06e9f39db4fc5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:02 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-33d5"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13269
x-request-id: 316709249

GET
H2 200 41d9e864b21c141ac3bdfabd715372bd.png
static.adbutter.net/gps/9074151/58398/media/ Frame 2E80 3 KB
3 KB 26ms
24ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/41d9e864b21c141ac3bdfabd715372bd.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3679ed08258055af7983e61fb23aa3d32c1bc47714d1f6655bc7442bfc711b5e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:02 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-c11"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3089
x-request-id: 316709250

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 5CAE 0
595 B 27ms
27ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=806&pub_id=1091809&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:30 GMT
an-x-request-uuid: bedd6a0b-b5c8-47de-8475-f84f0fd77bdb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 0268 0
666 B 24ms
24ms Ping
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&e=wqT_3QKrFfDtqwoAAAMA1gAFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDKjYJbH84xtXt0z8RKaQKsKG6zz8ZAAAAQOF6AkAheDNeS6za4T8pdv2C3bBt5j8xAAAAgOtRyD8wu--ABjimBkCaCUgCULyN2OQBWLmUVGAAaIUdeLqEBoABAYoBA1VTRJIBA1VTRJgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA5MDc0MTUxLCAwKTt1ZignaScsIDkyOTgwMDIsIDApO3VmKCdnJywgMjM1MTI4NzYsIDApOwE9PHMnLCAyOTIzMTQwNzIsIDAJPyhyJywgNDc5NTk0MQ0W9AUBkgLZDiFGVzlOc3dpRGtQY2JFTHlOMk9RQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUx2dmdBWllBR0JRYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFIVGxzVGQ5RERqUDhFQkhaOHRQTGR0NWpfSkFRQUFBQUFBQVBBXzJRSDkyWThVa1dIclAtQUIwc0MzQlBVQm9vZVpRSmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYUlERGdqX3NvRXlFQUVZQWkwQUFDQkJvZ01YQ01PMzRESVFBaGdCTAmM8Ft5QjJSbFptRjFiSFNpQXc0SV83S0JNaEFMR0FJdEFBQWdRYm9EQ1VaU1FURTZOak01T2VBRG8wV0FCS1M3end5SUJJSGQwQXlRQkFHWUJBR3FCTFFIQ1BfX19fXwkDCHdFUQkJCQEIQVJqCQkFAQg4Qkk2LAAAbwUXDQEIQVREDQoBAQg4Qk8yLAAERkEBFhEBBEFVNlgADFVDNVkRHAEBBEFXNkwAAGE2TAAAdwEkEQEYQVhnQmdBSBEPFF9fXzhCaToQAABrOhAAAG06EAAQb0FFR3E6FAAAczoQAAB1OhAAAHc6EAAAeToQACAwQUc3NzRBRzI6GAAANDoQAAA2OhAAADg6EAAALToQAAhnQUwB5Q0BAew2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLg0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAAR3UalNBQEITWtFBQgFARhEWUJBRHhCBQwJAUBpQVhfTVpnRjJMZXhpd0dwQhE7FFBBX3NRVQklAQEITUVGAQcBAQxKRURKCSgYQzZ0TjRfMC4oAAROaxUowDhEX2dCY21qQlBBRnJJNmJDX2dGNS11cEJJSUdBME5JUm9nR0JKQUdBWmdHQUtFR0EBXThBQUFIRUNvQmdTeUJpUUoBEA0BAFINCAEBAFoBBQ0BAGgNCCRBQUFDNEJncUJDAQsBATRQUV-aApkBIVVCUk9qUTpdByhMbVVWQ0FBS0FBeAEsAQEMSEVBNjJdBiRVQ2pSVW45Mlk46RkAMT1MBEZrATMJAQBHHRgARx0YAEgdGBBIZ0FpUREQ9CoBRHdQdy4u2AIf4ALukAHqAjNodHRwczovL21pbmVjcmFmdGNvbW1hbmQuc2NpZW5jZS9wcm9maWxlL2dyYXNzYmVhcjiAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2APS-33gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMTQ5Ljg4LjI3Ljg1qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAE_6K7IsgEANIEDjExNzgjRlJBMTo2Mzk52gQCCAHgBAHwBLyN2OQBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF2ZtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChANNRUBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHuoQG0gcNCREnASYM2gcGCAUJuOAHAOoHAggA8AfGgw2KCAIQAJUIAACAP5gIAcAIH9IIDgiBgoSIkKDAgAEQABgA&s=2b6c63b93247c2a37d76e9a08908768b20ad5652&type=nv&nvt=5&jm=1003&px=35&py=60&bw=160&bh=600&sid=3549650921437523889&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=12597179&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=1563&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:30 GMT
an-x-request-uuid: 4c84f5e2-7fda-4255-9b48-e02e6e83bb31
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ic5.php Show response
data00.adlooxtracking.com/ads/ Frame 0268 6 KB
2 KB 108ms
107ms XHR
application/json 35.241.31.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?tagid=498&client=gamned&ts=pg-126~1_fo-126~1_vpw-126~1600_vph-126~1200_scw-126~1600_sch-126~1200_sco-126~1_sca-126~0_srx-126~0_sry-126~0_ev-90~sb.126~rp.126~rvp.126~rap.131~ss&att=0.0.1600~1200&visite_id=23576749207&seq=0&timezone=-60&js=tfav_adl_314.js&date_regen=3c20610&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1091809&id2=292314072&id3=479594172&id4=160x600&id5=12597179&id6=9074151&id7=806&id8=23512876&id9=4851895891337406080&id10=9298002&id11=display&id12=ch&id13=%24ADLOOX_WEBSITE&id14=iab_80_5&id15=8341011946148893979&id16=minecraftcommand.science&p_d=0.041&fai=%40https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&iframe=3&resolution=1600x1200&nav_lang=en-US&url_referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&ao=https%3A%2F%2Fminecraftcommand.science&activetab=1&cf=1
Requested by: Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_314.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: / PHP/7.4.33
Resource Hash: 48c800142a002900895cf3863f1682fa391f6ccf1c88505542ce508c01e1f5fb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:30 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
x-route: ads-prod-f57d574b8-6qwkr
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
access-control-allow-methods: POST, OPTIONS
cache-control: no-cache, no-store, must-revalidate
access-control-max-age: 86400
access-control-allow-headers: Content-Type, X-Requested-With
expires: 0

GET
H2 200 b3a92553fe19b0a8a4234a676e749d55.png
static.adbutter.net/gps/9074151/58398/media/ Frame 5B3B 139 KB
139 KB 27ms
26ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/b3a92553fe19b0a8a4234a676e749d55.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58398/3981092bfdcef1137812a3ccbabe194b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 9aba5ea11be7cb5947c3705c2e44b9f46ab060766aeda86848132d752c059ca1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBbH84xtXt0z-xASmkCrChus8_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=0004ece94418718036f6f1b1d8813aebe91b1728/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:00 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-22a06"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141830
x-request-id: 316709245

GET
H2 200 b0d58545e92ec88cedd8d5f4550e188d.png
static.adbutter.net/gps/9074151/58398/media/ Frame 5B3B 16 KB
16 KB 29ms
28ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/b0d58545e92ec88cedd8d5f4550e188d.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58398/3981092bfdcef1137812a3ccbabe194b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ec3bba10c6f69f6c16fa13f547eb3e27242835dbe1779fac42a055e9aae42638

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBbH84xtXt0z-xASmkCrChus8_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=0004ece94418718036f6f1b1d8813aebe91b1728/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:00 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-3ff8"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16376
x-request-id: 316709246

GET
H2 200 de801a0d29f1116826c7d2d427f833ee.svg
static.adbutter.net/gps/9074151/58398/media/ Frame 5B3B 4 KB
1 KB 29ms
28ms Image
image/svg+xml 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/de801a0d29f1116826c7d2d427f833ee.svg
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58398/3981092bfdcef1137812a3ccbabe194b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: edc634a0c3ad5c1523dac76892c0092d2032497d92301431594b334ebe4b3855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBbH84xtXt0z-xASmkCrChus8_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=0004ece94418718036f6f1b1d8813aebe91b1728/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:00 GMT
content-encoding: br
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-10a2"
content-type: image/svg+xml
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1212
x-request-id: 316709247

GET
H2 200 6444ccc8e5e0b9dbb427136fc6cadffc.png
static.adbutter.net/gps/9074151/58398/media/ Frame 5B3B 4 KB
4 KB 29ms
29ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/6444ccc8e5e0b9dbb427136fc6cadffc.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58398/3981092bfdcef1137812a3ccbabe194b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: c468d8fc05d04e36fde21bf0c9c485c9e725cec381572fd0235a25e49b039b05

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBbH84xtXt0z-xASmkCrChus8_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=0004ece94418718036f6f1b1d8813aebe91b1728/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:00 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-1087"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4231
x-request-id: 316709248

GET
H2 200 9b1157a4cfed8ac4f314e1897bd8a226.png
static.adbutter.net/gps/9074151/58398/media/ Frame 5B3B 13 KB
13 KB 29ms
29ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/9b1157a4cfed8ac4f314e1897bd8a226.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58398/3981092bfdcef1137812a3ccbabe194b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 8d01982f0473d8e8555db897c2b241bf74563dce2d2e7408c1c06e9f39db4fc5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBbH84xtXt0z-xASmkCrChus8_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=0004ece94418718036f6f1b1d8813aebe91b1728/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:02 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-33d5"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13269
x-request-id: 316709249

GET
H2 200 41d9e864b21c141ac3bdfabd715372bd.png
static.adbutter.net/gps/9074151/58398/media/ Frame 5B3B 3 KB
3 KB 30ms
29ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/41d9e864b21c141ac3bdfabd715372bd.png
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58398/3981092bfdcef1137812a3ccbabe194b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3679ed08258055af7983e61fb23aa3d32c1bc47714d1f6655bc7442bfc711b5e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBbH84xtXt0z-xASmkCrChus8_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=0004ece94418718036f6f1b1d8813aebe91b1728/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:02 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-c11"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3089
x-request-id: 316709250

GET
H3 200 css
fonts.googleapis.com/ Frame 5B3B 1 KB
421 B 33ms
33ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Tenor+Sans:400

Requested by

Host: static.adbutter.net
URL: https://static.adbutter.net/gps/9074151/58398/3981092bfdcef1137812a3ccbabe194b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8d4946d60e519fd87d8e22a7677a263e3a9f302fd16442145374ed38b1b6d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Dec 2023 10:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 10:43:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Dec 2023 10:43:30 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 0473 0
666 B 25ms
25ms Ping
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&e=wqT_3QK3C_DttwUAAAMA1gAFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDKjYJDTmgS8eJ5T8RTBezTT4l4T8ZAAAAQOF6AkAheDNeS6za4T8pdv2C3bBt5j8xAAAAgOtRyD8wu--ABjimBkCaCUgCULyN2OQBWLmUVGAAaIUdeLqEBoABAYoBA1VTRJIBA1VTRJgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA5MDc0MTUxLCAwKTt1ZignaScsIDkyOTgwMDIsIDApO3VmKCdnJywgMjM1MTI4NzYsIDApOwE9PHMnLCAyOTIzMTQwNzIsIDAJPyhyJywgNDc5NTk0MQ0W9AUBkgLlBCE3bkR0X0FpRGtQY2JFTHlOMk9RQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUx2dmdBWllBR0JRYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFIVGxzVGQ5RERqUDhFQkhaOHRQTGR0NWpfSkFRQUFBQUFBQVBBXzJRSDkyWThVa1dIclAtQUIwc0MzQlBVQm9vZVpRSmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYUlERGdqX3NvRXlFQUVZQWkwQUFDQkJvZ01YQ01PMzRESVFBaGdCTAmM8FJ5QjJSbFptRjFiSFNpQXc0SV83S0JNaEFMR0FJdEFBQWdRYm9EQ1VaU1FURTZOak01T2VBRG8wV0FCS1M3end5SUJJSGQwQXlRQkFHWUJBSEJCQQHhCQEEeVEJZQUBGE5nRUFQRUUFDAUBRENJQmY4eG1BWFl0N0dMQWFrRgUXHEFBQThELXhCHTsId1FVARcBAQhrUU0NKBhMcTAzal9SLigAADIVKMBEd1AtQUZ5YU1FOEFXc2pwc0wtQVhuNjZrRWdnWURRMGhHaUFZRWtBWUJtQVlBb1FZAVwBASxjUUtnR0JMSUdKQWsBEAkBAEIdtwRCawkUAQEAQx0YGExnR0NvRUkBFwEBODlEOC6aApkBIVVCUk9qUTppAihMbVVWQ0FBS0FBeAEtAQEMSEVBNjJpASRVQ2pSVW45Mlk4SSUAMR1tAEYdhQBHHRgARx0YAEgdGBBIZ0FpUREQ9CoBRHdQdy4u2AIf4ALukAHqAjNodHRwczovL21pbmVjcmFmdGNvbW1hbmQuc2NpZW5jZS9wcm9maWxlL2dyYXNzYmVhcjiAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2APS-33gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMTQ5Ljg4LjI3Ljg1qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAE_6K7IsgEANIEDjExNzgjRlJBMTo2Mzk52gQCCAHgBAHwBLyN2OQBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF2ZtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChANNRUBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHuoQG0gcNCREnASYM2gcGCAUJuOAHAOoHAggA8AfGgw2KCAIQAJUIAACAP5gIAcAIH9IIDgiBgoSIkKDAgAEQABgA&s=cf8099c6b9f762482366674eacb3bda6cee78f55&type=nv&nvt=5&jm=1003&px=1405&py=60&bw=160&bh=600&sid=3549650921437523889&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=12597179&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=1563&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:30 GMT
an-x-request-uuid: 4bf09d31-2b4b-4f09-ab5c-5cad4b115370
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ic5.php Show response
data00.adlooxtracking.com/ads/ Frame 0473 6 KB
2 KB 113ms
113ms XHR
application/json 35.241.31.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?tagid=498&client=gamned&ts=pg-197~1_fo-197~1_vpw-197~1600_vph-197~1200_scw-197~1600_sch-197~1200_sco-197~1_sca-197~0_srx-197~0_sry-197~0_ev-74~sb.197~rp.197~rvp.197~rap.210~ss&att=0.0.1600~1200&visite_id=58480485575&seq=0&timezone=-60&js=tfav_adl_314.js&date_regen=3c20610&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=1091809&id2=292314072&id3=479594172&id4=160x600&id5=12597179&id6=9074151&id7=806&id8=23512876&id9=4851895891337406080&id10=9298002&id11=display&id12=ch&id13=%24ADLOOX_WEBSITE&id14=iab_80_5&id15=5253274467871160554&id16=minecraftcommand.science&p_d=0.136&fai=%40https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&iframe=3&resolution=1600x1200&nav_lang=en-US&url_referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&ao=https%3A%2F%2Fminecraftcommand.science&activetab=1&cf=1
Requested by: Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_314.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: / PHP/7.4.33
Resource Hash: 48c800142a002900895cf3863f1682fa391f6ccf1c88505542ce508c01e1f5fb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:30 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
x-route: ads-prod-f57d574b8-6wnsj
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
access-control-allow-methods: POST, OPTIONS
cache-control: no-cache, no-store, must-revalidate
access-control-max-age: 86400
access-control-allow-headers: Content-Type, X-Requested-With
expires: 0

GET
H3 200 bx6ANxqUneKx06UkIXISn3V4Cg.woff2
fonts.gstatic.com/s/tenorsans/v19/ Frame 2E80 18 KB
18 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tenorsans/v19/bx6ANxqUneKx06UkIXISn3V4Cg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tenor+Sans:400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0519cf59735526c06d770daf25ccbcfd671b85ccf66a0899a38164547402d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://static.adbutter.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:21:28 GMT
x-content-type-options: nosniff
age: 354122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18588
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:40:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:21:28 GMT

GET
H3 200 bx6ANxqUneKx06UkIXISn3V4Cg.woff2
fonts.gstatic.com/s/tenorsans/v19/ Frame 5B3B 18 KB
18 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tenorsans/v19/bx6ANxqUneKx06UkIXISn3V4Cg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tenor+Sans:400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0519cf59735526c06d770daf25ccbcfd671b85ccf66a0899a38164547402d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://static.adbutter.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:21:28 GMT
x-content-type-options: nosniff
age: 354122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18588
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:40:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:21:28 GMT

GET
H2 200 b3a92553fe19b0a8a4234a676e749d55.png
static.adbutter.net/gps/9074151/58398/media/ Frame 2E80 139 KB
139 KB 23ms
22ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/b3a92553fe19b0a8a4234a676e749d55.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 9aba5ea11be7cb5947c3705c2e44b9f46ab060766aeda86848132d752c059ca1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:00 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-22a06"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141830
x-request-id: 316709245

GET
H2 200 b0d58545e92ec88cedd8d5f4550e188d.png
static.adbutter.net/gps/9074151/58398/media/ Frame 2E80 16 KB
16 KB 24ms
23ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/b0d58545e92ec88cedd8d5f4550e188d.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ec3bba10c6f69f6c16fa13f547eb3e27242835dbe1779fac42a055e9aae42638

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:00 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-3ff8"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16376
x-request-id: 316709246

GET
H2 200 6444ccc8e5e0b9dbb427136fc6cadffc.png
static.adbutter.net/gps/9074151/58398/media/ Frame 2E80 4 KB
4 KB 24ms
24ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/6444ccc8e5e0b9dbb427136fc6cadffc.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: c468d8fc05d04e36fde21bf0c9c485c9e725cec381572fd0235a25e49b039b05

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:00 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-1087"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4231
x-request-id: 316709248

GET
H2 200 9b1157a4cfed8ac4f314e1897bd8a226.png
static.adbutter.net/gps/9074151/58398/media/ Frame 2E80 13 KB
13 KB 24ms
24ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/9b1157a4cfed8ac4f314e1897bd8a226.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 8d01982f0473d8e8555db897c2b241bf74563dce2d2e7408c1c06e9f39db4fc5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:02 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-33d5"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13269
x-request-id: 316709249

GET
H2 200 41d9e864b21c141ac3bdfabd715372bd.png
static.adbutter.net/gps/9074151/58398/media/ Frame 2E80 3 KB
3 KB 25ms
24ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/41d9e864b21c141ac3bdfabd715372bd.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3679ed08258055af7983e61fb23aa3d32c1bc47714d1f6655bc7442bfc711b5e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:02 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-c11"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3089
x-request-id: 316709250

GET
H2 200 f2af37f417b18a5e56882497bbb4afe3.svg
static.adbutter.net/gps/9074151/58398/media/ Frame 2E80 2 KB
1 KB 25ms
24ms Image
image/svg+xml 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/f2af37f417b18a5e56882497bbb4afe3.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 0ddd6da2b1ea3652207007e20e75c26d05b7f708cb5dbb61f5af7b839e254401

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBDTmgS8eJ5T-xAUwXs00-JeE_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=5735305049a0512a622ccabe50fc93341929d33d/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:02 GMT
content-encoding: br
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-75f"
content-type: image/svg+xml
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 801
x-request-id: 316709251

GET
H2 200 b3a92553fe19b0a8a4234a676e749d55.png
static.adbutter.net/gps/9074151/58398/media/ Frame 5B3B 139 KB
139 KB 24ms
23ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/b3a92553fe19b0a8a4234a676e749d55.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 9aba5ea11be7cb5947c3705c2e44b9f46ab060766aeda86848132d752c059ca1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBbH84xtXt0z-xASmkCrChus8_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=0004ece94418718036f6f1b1d8813aebe91b1728/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:00 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-22a06"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141830
x-request-id: 316709245

GET
H2 200 b0d58545e92ec88cedd8d5f4550e188d.png
static.adbutter.net/gps/9074151/58398/media/ Frame 5B3B 16 KB
16 KB 25ms
24ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/b0d58545e92ec88cedd8d5f4550e188d.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: ec3bba10c6f69f6c16fa13f547eb3e27242835dbe1779fac42a055e9aae42638

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBbH84xtXt0z-xASmkCrChus8_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=0004ece94418718036f6f1b1d8813aebe91b1728/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:00 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-3ff8"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16376
x-request-id: 316709246

GET
H2 200 6444ccc8e5e0b9dbb427136fc6cadffc.png
static.adbutter.net/gps/9074151/58398/media/ Frame 5B3B 4 KB
4 KB 25ms
25ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/6444ccc8e5e0b9dbb427136fc6cadffc.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: c468d8fc05d04e36fde21bf0c9c485c9e725cec381572fd0235a25e49b039b05

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBbH84xtXt0z-xASmkCrChus8_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=0004ece94418718036f6f1b1d8813aebe91b1728/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:00 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-1087"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4231
x-request-id: 316709248

GET
H2 200 9b1157a4cfed8ac4f314e1897bd8a226.png
static.adbutter.net/gps/9074151/58398/media/ Frame 5B3B 13 KB
13 KB 25ms
25ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/9b1157a4cfed8ac4f314e1897bd8a226.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 8d01982f0473d8e8555db897c2b241bf74563dce2d2e7408c1c06e9f39db4fc5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBbH84xtXt0z-xASmkCrChus8_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=0004ece94418718036f6f1b1d8813aebe91b1728/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:02 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-33d5"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13269
x-request-id: 316709249

GET
H2 200 41d9e864b21c141ac3bdfabd715372bd.png
static.adbutter.net/gps/9074151/58398/media/ Frame 5B3B 3 KB
3 KB 25ms
25ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/41d9e864b21c141ac3bdfabd715372bd.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 3679ed08258055af7983e61fb23aa3d32c1bc47714d1f6655bc7442bfc711b5e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBbH84xtXt0z-xASmkCrChus8_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=0004ece94418718036f6f1b1d8813aebe91b1728/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:02 GMT
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-c11"
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3089
x-request-id: 316709250

GET
H2 200 f2af37f417b18a5e56882497bbb4afe3.svg
static.adbutter.net/gps/9074151/58398/media/ Frame 5B3B 2 KB
1 KB 25ms
25ms Image
image/svg+xml 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/gps/9074151/58398/media/f2af37f417b18a5e56882497bbb4afe3.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 0ddd6da2b1ea3652207007e20e75c26d05b7f708cb5dbb61f5af7b839e254401

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://static.adbutter.net/gps/9074151/58398/index.html?clickTag=https://fra1-ib.adnxs.com/click2?e=wqT_3QKZAfCYmQAAAAMAxBkFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDILvvgAYopgYwmgk4AkC8jdjkAUi5lFRQAFoDVVNEYgNVU0RooAFw2AR4hR2AAbqEBogBAZABAZgBBaABAqkBbH84xtXt0z-xASmkCrChus8_uQEAAABA4XoCQMEBeDNeS6za4T_JAXb9gt2wbeY_2AEf4AEA/s=0004ece94418718036f6f1b1d8813aebe91b1728/bcr=AAAAAAAA8D8=/cnd=%21UBROjQiDkPcbELyN2OQBGLmUVCAAKAAxAAAAAAAAHEA6CUZSQTE6NjM5OUCjRUn92Y8UkWHrP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=MTE3OCNGUkExOjYzOTk=/bn=98874/clickenc=https%3A%2F%2Fpromo.goldengrand.ch%3Futm_medium%3Dcpm%26utm_source%3Dprogrammatic%26utm_campaign%3D%28de%29_%5Eprospecting%5E_%7Bthink%7D_%3Fdisplay%3F_%21bonusknacker%21_%2Adez-2023%2A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 09:32:02 GMT
content-encoding: br
last-modified: Tue, 21 Nov 2023 12:51:57 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "655ca7ed-75f"
content-type: image/svg+xml
cache-control: max-age=18000
x-cdn-pop: sbg
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 801
x-request-id: 316709251

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame D209 0
594 B 35ms
35ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=806&pub_id=1091809&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:30 GMT
an-x-request-uuid: 6ee87aa9-014c-4d42-bcfe-92b7366df7dc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 0FD9 0
666 B 25ms
24ms Ping
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&e=wqT_3QK1C-i1BQAAAwDWAAUBCNDzmqwGELH9vfGtlP_fGBiAzd-StbPZqkMqNglkK5t_uc7SPxF_IATmhfHNPxkAAAUC8EZAIb_FWOAK3OE_KR04Z0Rpb-Y_MQAAAEAzM8M_MNT53AU4pgZAmglIAlDvi9jkAVi5lFRgAGiFHXjDhwaAAQGKAQNVU0SSAQEG4JgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDkwNzQxNTEsIDApOwEULGknLCA5Mjk4MDAyLBEULGcnLCAyMzUxMjg3NhUVAHMBFRg5MjMxNDA3GSswcicsIDQ3OTU5Mzk2NwUs9AUBkgLlBCFCbkY5SkFpRGtQY2JFTy1MMk9RQkdBQWd1WlJVTUFBNEFFQUFTSm9KVU5UNTNBVllBR0JRYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFGRnE5QUpiVExqUDhFQmNvbnYzRzV2NWpfSkFRQUFBQUFBQVBBXzJRSDkyWThVa1dIclAtQUIwc0MzQlBVQlk1T1pRSmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYUlERGdqX3NvRXlFQUVZQWkwQUFDQkJvZ01YQ01PMzRESVFBaGdCTAmM8FJ5QjJSbFptRjFiSFNpQXc0SV83S0JNaEFMR0FJdEFBQWdRYm9EQ1VaU1FURTZOalU0Tk9BRG8wV0FCS1M3end5SUJJSGQwQXlRQkFHWUJBSEJCQQHhCQEEeVEJZQUBGE5nRUFQRUUFDAUBRENJQmJnem1BWFl0N0dMQWFrRgUXHEFBQThELXhCHTsId1FVARcBAQhrUU0JKBw0Qk8zM2pfUi4oAAAyFSjARHdQLUFGM3FNRThBV3NqcHNMLUFYbjY2a0VnZ1lEUTBoR2lBWUVrQVlCbUFZQW9RWQFcAQEsY1FLZ0dCTElHSkFrARAJAQBCHbcEQmsJFAEBAEMdGBhMZ0dDb0VJARcBATg5RDgumgKZASFmUlRCbnc6aQIoTG1VVkNBQUtBQXgBLQEBDEhFQTYyaQEkRUNqUlVuOTJZOEklADEdbQBGHYUARx0YAEcdGABIHRgQSGdBaVEREPQqAUR3UHcuLtgCH-AC7pAB6gIzaHR0cHM6Ly9taW5lY3JhZnRjb21tYW5kLnNjaWVuY2UvcHJvZmlsZS9ncmFzc2JlYXI4gAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgD0vt94AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDE0OS44OC4yNy44NagEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAE_6K7IsgEANIEDjExNzgjRlJBMTo2NTg02gQCCAHgBAHwBO-L2OQBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF2ZtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChAACTUVAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB8OHBtIHDQkRJwEmDNoHBggFCbjgBwDqBwIIAPAHxoMNiggCEACVCAAAgD-YCAHACB_SCA4IgYKEiJCgwIABEAAYAA..&s=84f3011026a9e06141a9e41ba3e124e6cb282536&type=pv&jm=1003&px=437&py=55&bw=728&bh=90&sf=1&sid=3549650921437523889&vd=ct~0|rr~6&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=12008660&cid=3&cr=pv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
an-x-request-uuid: fbab06a8-3b11-41e4-80a1-4f59818c2de1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 2974 0
594 B 26ms
26ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=806&pub_id=1091809&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
an-x-request-uuid: 9293c180-945b-404f-82d8-b569e42dcc49
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 5CAE 0
594 B 52ms
52ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=806&pub_id=1091809&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=806&pub_id=1091809

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
an-x-request-uuid: f050b5e2-4453-49a7-b6b3-33c15e9ff100
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 0473 0
666 B 27ms
27ms Ping
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&e=wqT_3QK3C_DttwUAAAMA1gAFAQjQ85qsBhDq8duouqnY80gYgM3fkrWz2apDKjYJDTmgS8eJ5T8RTBezTT4l4T8ZAAAAQOF6AkAheDNeS6za4T8pdv2C3bBt5j8xAAAAgOtRyD8wu--ABjimBkCaCUgCULyN2OQBWLmUVGAAaIUdeLqEBoABAYoBA1VTRJIBA1VTRJgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA5MDc0MTUxLCAwKTt1ZignaScsIDkyOTgwMDIsIDApO3VmKCdnJywgMjM1MTI4NzYsIDApOwE9PHMnLCAyOTIzMTQwNzIsIDAJPyhyJywgNDc5NTk0MQ0W9AUBkgLlBCE3bkR0X0FpRGtQY2JFTHlOMk9RQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUx2dmdBWllBR0JRYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFIVGxzVGQ5RERqUDhFQkhaOHRQTGR0NWpfSkFRQUFBQUFBQVBBXzJRSDkyWThVa1dIclAtQUIwc0MzQlBVQm9vZVpRSmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYUlERGdqX3NvRXlFQUVZQWkwQUFDQkJvZ01YQ01PMzRESVFBaGdCTAmM8FJ5QjJSbFptRjFiSFNpQXc0SV83S0JNaEFMR0FJdEFBQWdRYm9EQ1VaU1FURTZOak01T2VBRG8wV0FCS1M3end5SUJJSGQwQXlRQkFHWUJBSEJCQQHhCQEEeVEJZQUBGE5nRUFQRUUFDAUBRENJQmY4eG1BWFl0N0dMQWFrRgUXHEFBQThELXhCHTsId1FVARcBAQhrUU0NKBhMcTAzal9SLigAADIVKMBEd1AtQUZ5YU1FOEFXc2pwc0wtQVhuNjZrRWdnWURRMGhHaUFZRWtBWUJtQVlBb1FZAVwBASxjUUtnR0JMSUdKQWsBEAkBAEIdtwRCawkUAQEAQx0YGExnR0NvRUkBFwEBODlEOC6aApkBIVVCUk9qUTppAihMbVVWQ0FBS0FBeAEtAQEMSEVBNjJpASRVQ2pSVW45Mlk4SSUAMR1tAEYdhQBHHRgARx0YAEgdGBBIZ0FpUREQ9CoBRHdQdy4u2AIf4ALukAHqAjNodHRwczovL21pbmVjcmFmdGNvbW1hbmQuc2NpZW5jZS9wcm9maWxlL2dyYXNzYmVhcjiAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2APS-33gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMTQ5Ljg4LjI3Ljg1qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAE_6K7IsgEANIEDjExNzgjRlJBMTo2Mzk52gQCCAHgBAHwBLyN2OQBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF2ZtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChANNRUBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHuoQG0gcNCREnASYM2gcGCAUJuOAHAOoHAggA8AfGgw2KCAIQAJUIAACAP5gIAcAIH9IIDgiBgoSIkKDAgAEQABgA&s=cf8099c6b9f762482366674eacb3bda6cee78f55&type=pv&jm=1003&px=1405&py=60&bw=160&bh=600&sf=1&sid=3549650921437523889&vd=ct~0|rr~6&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=12597179&cid=3&cr=pv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
an-x-request-uuid: 3c3a8155-ce77-49e0-9e9d-bc3fc32497fc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 0268 0
666 B 138ms
138ms Ping
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fminecraftcommand.science%2Fprofile%2Fgrassbear8&e=wqT_3QKrFfDtqwoAAAMA1gAFAQjQ85qsBhCbqvqrwsXO4HMYgM3fkrWz2apDKjYJbH84xtXt0z8RKaQKsKG6zz8ZAAAAQOF6AkAheDNeS6za4T8pdv2C3bBt5j8xAAAAgOtRyD8wu--ABjimBkCaCUgCULyN2OQBWLmUVGAAaIUdeLqEBoABAYoBA1VTRJIBA1VTRJgBoAGgAdgEqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJpdWYoJ2EnLCA5MDc0MTUxLCAwKTt1ZignaScsIDkyOTgwMDIsIDApO3VmKCdnJywgMjM1MTI4NzYsIDApOwE9PHMnLCAyOTIzMTQwNzIsIDAJPyhyJywgNDc5NTk0MQ0W9AUBkgLZDiFGVzlOc3dpRGtQY2JFTHlOMk9RQkdBQWd1WlJVTUFBNEFFQUFTSm9KVUx2dmdBWllBR0JRYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFIVGxzVGQ5RERqUDhFQkhaOHRQTGR0NWpfSkFRQUFBQUFBQVBBXzJRSDkyWThVa1dIclAtQUIwc0MzQlBVQm9vZVpRSmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYUlERGdqX3NvRXlFQUVZQWkwQUFDQkJvZ01YQ01PMzRESVFBaGdCTAmM8Ft5QjJSbFptRjFiSFNpQXc0SV83S0JNaEFMR0FJdEFBQWdRYm9EQ1VaU1FURTZOak01T2VBRG8wV0FCS1M3end5SUJJSGQwQXlRQkFHWUJBR3FCTFFIQ1BfX19fXwkDCHdFUQkJCQEIQVJqCQkFAQg4Qkk2LAAAbwUXDQEIQVREDQoBAQg4Qk8yLAAERkEBFhEBBEFVNlgADFVDNVkRHAEBBEFXNkwAAGE2TAAAdwEkEQEYQVhnQmdBSBEPFF9fXzhCaToQAABrOhAAAG06EAAQb0FFR3E6FAAAczoQAAB1OhAAAHc6EAAAeToQACAwQUc3NzRBRzI6GAAANDoQAAA2OhAAADg6EAAALToQAAhnQUwB5Q0BAew2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAABGdBLg0CIQA2EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAAADA6EAAAMjoQAAA0OhAAADY6EAAAODoQAAAtOhAACGdBVC38AQEhADYQAABrOhAAAG06EAAAbzoQAABxOhAAAHM6EAAAdToQAAB3OhAAAHk6EAAAMDoQAAAyOhAAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FYAfkNASEANhAAAGs6EAAAbToQAAR3UalNBQEITWtFBQgFARhEWUJBRHhCBQwJAUBpQVhfTVpnRjJMZXhpd0dwQhE7FFBBX3NRVQklAQEITUVGAQcBAQxKRURKCSgYQzZ0TjRfMC4oAAROaxUowDhEX2dCY21qQlBBRnJJNmJDX2dGNS11cEJJSUdBME5JUm9nR0JKQUdBWmdHQUtFR0EBXThBQUFIRUNvQmdTeUJpUUoBEA0BAFINCAEBAFoBBQ0BAGgNCCRBQUFDNEJncUJDAQsBATRQUV-aApkBIVVCUk9qUTpdByhMbVVWQ0FBS0FBeAEsAQEMSEVBNjJdBiRVQ2pSVW45Mlk46RkAMT1MBEZrATMJAQBHHRgARx0YAEgdGBBIZ0FpUREQ9CoBRHdQdy4u2AIf4ALukAHqAjNodHRwczovL21pbmVjcmFmdGNvbW1hbmQuc2NpZW5jZS9wcm9maWxlL2dyYXNzYmVhcjiAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2APS-33gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMTQ5Ljg4LjI3Ljg1qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAE_6K7IsgEANIEDjExNzgjRlJBMTo2Mzk52gQCCAHgBAHwBLyN2OQBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF2ZtK-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBuAD2gYWChANNRUBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHuoQG0gcNCREnASYM2gcGCAUJuOAHAOoHAggA8AfGgw2KCAIQAJUIAACAP5gIAcAIH9IIDgiBgoSIkKDAgAEQABgA&s=2b6c63b93247c2a37d76e9a08908768b20ad5652&type=pv&jm=1003&px=35&py=60&bw=160&bh=600&sf=1&sid=3549650921437523889&vd=ct~0|rr~6&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=12597179&cid=3&cr=pv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
an-x-request-uuid: 5ac544ea-0d03-41f9-8edb-dc236e93d66a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 91ms
30ms Preflight
application/json 2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fminecraftcommand.science%2F&domain=minecraftcommand.science&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://minecraftcommand.science
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 23 Dec 2023 10:43:30 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 246551
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

envelope Show response
lexicon.33across.com/v1/ Frame E27C
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0
https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0&b=1&g=bCKY85qh1UcyFhmzyRT1%2BPxtF1nhPw3WIuRQxxTLRa0%3D

42 B
138 B

133ms
132ms

XHR
application/json

35.244.193.51

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0&b=1&g=bCKY85qh1UcyFhmzyRT1%2BPxtF1nhPw3WIuRQxxTLRa0%3D
Protocol: H2
Server: 35.244.193.51 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://minecraftcommand.science/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:31 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Sat, 23 Dec 2023 10:43:31 GMT
via: 1.1 google
referrer-policy: unsafe-url
vary: origin
access-control-allow-origin: https://minecraftcommand.science
location: https://lexicon.33across.com/v1/envelope?pid=0010b00001rrIFkAAM&gdpr=0&src=pbjs&ver=7.35.0&b=1&g=bCKY85qh1UcyFhmzyRT1%2BPxtF1nhPw3WIuRQxxTLRa0%3D
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame E27C 2 B
383 B 88ms
30ms XHR
application/json 2a02:2638:3::c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fminecraftcommand.science%2F&domain=minecraftcommand.science&cw=1&lsw=1

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:30 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://minecraftcommand.science
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 223498
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ Frame E27C 135 B
425 B 62ms
21ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Sat, 23 Dec 2023 10:43:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame E27C 63 B
426 B 48ms
48ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8bb26cd6d730f82af45b90cf7f46b6749020a9b19d0de886aa06445c9a722f8e

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 10:43:31 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://minecraftcommand.science
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Mon, 22 Jan 2024 10:43:31 GMT

GET envelope
api.rlcdn.com/api/identity/ Frame E27C 0
0

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ Frame E27C 227 B
231 B 28ms
28ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=288&_it=prebid
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49b5cdc7b91a5cfe2a1173202a00f3160487eb78d4a92f68eadeaabbacb9dae8

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 10:43:31 GMT
content-encoding: gzip
server: cloudflare
allow: POST, OPTIONS, GET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 83a0010a5d6a4d82-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2

200

/ Show response
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 7FA9
Redirect Chain

https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4903351558
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4903351558&rd=1

2 KB
1 KB

27ms
27ms

Document
text/html

157.90.211.246

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4903351558&rd=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.211.246 -, , ASN (),
Reverse DNS
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 72cf44968ad429ac0b5819c2eb01bd5db9a703905d8e959c0f8be11532a0e954

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 23 Dec 2023 10:43:20 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

Redirect headers

content-type: text/html; charset=UTF-8
date: Sat, 23 Dec 2023 10:43:20 GMT
location: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4903351558&rd=1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 13AD 281 B
555 B 23ms
23ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 23 Dec 2023 10:43:31 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6C62 52 KB
17 KB 17ms
16ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 18710
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 23 Dec 2023 10:43:31 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 337, 50790
X-Served-By: cache-lga13626-LGA, cache-mxp6973-MXP
X-Timer: S1703328212.574333,VS0,VE0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 6564 3 KB
2 KB 74ms
28ms Document
text/html 172.64.149.180

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 59
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 83a0010aade03660-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 23 Dec 2023 10:43:31 GMT
expires: Sat, 23 Dec 2023 14:43:31 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 9A7D 3 KB
1 KB 74ms
29ms Document
text/html 172.64.149.180

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 59
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 83a0010aade13660-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 23 Dec 2023 10:43:31 GMT
expires: Sat, 23 Dec 2023 14:43:31 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9A22 52 KB
17 KB 37ms
16ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://minecraftcommand.science/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 18710
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 23 Dec 2023 10:43:31 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 337, 50791
X-Served-By: cache-lga13626-LGA, cache-mxp6973-MXP
X-Timer: S1703328212.595888,VS0,VE0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 6C62 0
594 B 41ms
40ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
an-x-request-uuid: 6e4c9d0e-cf42-44cc-8bc4-f0c74a4c479d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 13AD 45 KB
13 KB 25ms
24ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0365692d8e0d5051941db1f32f5f61d913d45be260b6030f38616703a3a51d4e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 10:43:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Dec 2023 14:29:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13559
Connection: keep-alive
Content-Length: 13201
Expires: Sat, 23 Dec 2023 14:29:30 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 9A22 0
594 B 25ms
25ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
an-x-request-uuid: 733780b2-8c79-4ba7-a70d-56f9c4f5ebed
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 149.88.27.85; 149.88.27.85; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame E27C 33 B
283 B 21ms
20ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

bd7c0e8d35b08d06bf91830677991e00479fdf5d05a6119f479ed450bbb78050

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Sat, 23 Dec 2023 10:43:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame C415 2 KB
1 KB 45ms
45ms Document
text/html 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 006e39efa45926fc21e3a9dc76e50b20fc32ac022525c4cf3f2495f4a3b53471

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83a0010adff89b40-FRA
content-encoding: br
content-type: text/html
date: Sat, 23 Dec 2023 10:43:31 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOtr8tyfhW9R5jyLDJDauCxNDkOyAga8wcTL8Hw%2FJxbqpJQj5brdYhZNlJsUhs%2BS1TF%2FcIsds1tdwVFigHY1aOnkl81IGJ266W19cqTBDadraiyDfasKEjCTSk9rELhg4BSzRJ1O3ygirw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 258.json Show response
id5-sync.com/g/v2/ Frame E27C 251 B
540 B 21ms
21ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/258.json

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

afd927118c657a2c597c1164442ddf57e79a4129a3b76acf4b6953ba52a0f151

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://minecraftcommand.science/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://minecraftcommand.science
date: Sat, 23 Dec 2023 10:43:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 9CA4 1 KB
1 KB 40ms
40ms Document
text/html 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c2b4ea72273f3fe3ee2912a763961461bbba65a33188b82098e0fa491fee73

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83a0010ae8109b40-FRA
content-encoding: br
content-type: text/html
date: Sat, 23 Dec 2023 10:43:31 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WGFnAGlSNXOyri1HER0N4vuyPClsY8QRhnSouSGYhPP%2FJzNnlIkB2cSo730fQ240bFQHFgVCXdt0zc5Cgm4KSjiU1AdU1fnxvRGTNnqLCpSWXOV6WpKTMvXu57C8wuq94FhLADCnkbSGw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET 31327
i.liadm.com/s/ Frame C415 0
0

GET
H2 200 ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C415 43 B
602 B 50ms
50ms Image
image/gif 2a05:d018:d29:3605:b002:f48e:598f:4792
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:b002:f48e:598f:4792 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame C415
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://pr-bh.ybp.yahoo.com/sync/casale/ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB

43 B
602 B

50ms
49ms

Image
image/gif

2a05:d018:d29:3605:b002:f48e:598f:4792
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Server

2a05:d018:d29:3605:b002:f48e:598f:4792 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/casale/ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB
date: Sat, 23 Dec 2023 10:43:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame C415
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEMNU7LDXQAABP3FA4Kzw&expiration=1704537811

43 B
734 B

37ms
37ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEMNU7LDXQAABP3FA4Kzw&expiration=1704537811
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFInA9sZf97%2BaydzvZfmEV5r5zW9yxD0wEYKvDmbhx%2FCKRcPbZhl4E0FfLB9FxmCaPEQ078cfvLZIW7bNbIiEdmVdcTK%2FrsVcgyoCcuSPuxQAePLzZTi03IrmqdXWt%2FwiubOSeLFZNDf6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a0010b78a09b40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEMNU7LDXQAABP3FA4Kzw&expiration=1704537811
Date: Sat, 23 Dec 2023 10:43:31 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET

cd75154bdec58b69d47124989925039
pr-bh.ybp.yahoo.com/sync/stickyads/ Frame C415
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=cd75154bdec58b69d47124989925039&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1a72_7315743530461216076&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=Y2Q3NTE1NGJkZWM1OGI2OWQ0NzEyNDk4OTkyNTAzOQ==&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEAJ0XELjjhOJf6h8ttF0kAI&google_cver=1&gdpr=0&gdpr_consent=
https://pr-bh.ybp.yahoo.com/sync/stickyads/cd75154bdec58b69d47124989925039?gdpr=0&gdpr_consent=

0
0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame C415
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=

43 B
731 B

40ms
40ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzRPifAwg8jd%2F8q8KJ5vdRWJ2FhcZUMoSRjGAWYx7%2BU0LvHCu7tTCOwhNvaPgcMALGrn41alA98AK8iQnZIKfA9dhOnFOrveL0h5Ijhjam0hOjrSytOW1Tj3ezBPmD3iguIJC44TxIzgeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a0010bd8f79b40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date: Sat, 23 Dec 2023 10:43:31 GMT
access-control-allow-credentials: true
x-powered-by: Express
keep-alive: timeout=5
vary: Origin
content-length: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame C415
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4124010633033810789&gdpr=0&gdpr_consent=

43 B
733 B

39ms
39ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4124010633033810789&gdpr=0&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ALv%2BuBya16d5Ih49hN1ofBxzb0Ith8OYSEgs0S55piCYCY7RV%2Bx1sYaio1Zq%2BZphe1nUiMF7%2BdkOmxdsiaz2cApU4jx2mHap5UKlVbwPS12%2BtQpH%2FbxnIF0NabfL4es5YZl97mHFloXaw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a0010b588f9b40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4124010633033810789&gdpr=0&gdpr_consent=
date: Sat, 23 Dec 2023 10:43:31 GMT
content-length: 0

GET

qmap
sync.crwdcntrl.net/ Frame C415
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=484dcb78-d7f7-4283-b360-1eb9806eb8c4-6586b9d3-494c&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...

0
0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame C415 43 B
228 B 31ms
26ms Image
image/gif 172.64.149.180

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZYa50ZTOfjrXwVGAkSTSWAAA%263171
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:31 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 1482
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 83a0010b2e693660-FRA
content-length: 43
expires: Sun, 24 Dec 2023 10:43:31 GMT

GET 31327
i.liadm.com/s/ Frame 9CA4 0
0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9CA4
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=EzoAI0c2XCUIPQ4gFGoVJBVuD3cIaltwRz-wL1QJ

43 B
737 B

39ms
39ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=EzoAI0c2XCUIPQ4gFGoVJBVuD3cIaltwRz-wL1QJ
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A6AT8x8X%2FR5Pj8UwpRKJyX2wIeimspQgLALsV69y227yqzC75O9u%2BQPox8uiVY1zBAN%2BEBXF1Q6ApGs4eN9lZ%2F6qdPyQFXh5osIntTn068HR%2F7yY3eJKNqZY5oRUpORl6%2FWBArA9DjtT9A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a0010b588c9b40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=EzoAI0c2XCUIPQ4gFGoVJBVuD3cIaltwRz-wL1QJ
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET

rum
dsum.casalemedia.com/ Frame 9CA4
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://casale-match.dotomi.com/match/bounce/current?DotomiTest=72be102b9fab1934&is_secure=true&networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIP8JZJXvVRQNDKEUKAAAAAAA&expiration=1703414611&is_secure=true

0
0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9CA4
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3755470427053245605

43 B
730 B

39ms
38ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3755470427053245605
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mq4tY74u3QGuJoD5eJq0dqGN%2FmH6XcN6rRptHnccLUCXDGprWa5FTzGT47vwuxJqzPWsEHUjKYB4la7D7re804a0MlqrS2neouP2v%2BcUm1cqmkdJ1lreAx8f0GfJo8JD9no2EKz5KA98%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a0010bb8d49b40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3755470427053245605
pragma: no-cache
date: Sat, 23 Dec 2023 10:43:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9CA4 70 B
148 B 49ms
48ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:31 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9CA4
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3ceb857f-10b5-5dd2-b79b9dfb

43 B
732 B

38ms
37ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3ceb857f-10b5-5dd2-b79b9dfb
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Be28dSeO7y97D99A6zW1CWEFLSLTcbvfBCO7jsjgfm9%2BC6RwuxbLhUUp2obIo85a43%2Bxgru%2FlUSPuz6jEC9ASyZNOi1jE96l8riY0654tZFgwGagmWkYltWlR3BmuCOvv5hc8kzS7yEbew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a0010c59569b40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Sat, 23 Dec 2023 10:43:31 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=3ceb857f-10b5-5dd2-b79b9dfb
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9CA4
Redirect Chain

https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=d1db24a3-3858-4ad8-9447-3cc497e8eaf0&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null

43 B
736 B

32ms
32ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=d1db24a3-3858-4ad8-9447-3cc497e8eaf0&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FyYc%2FRALeEVheufk8QyOPXEvvAT3YCuxLj9SAelo3aiaNO8kSFjG8TcNT7GxniZ54BSwLRpwMtH8hILncRNc2zyy4djtvnpxiUFwuEWM8F3sP%2ByPH4iv8OqVyFJI%2FDVOl4tZEvTFDxfLg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a0010bd8e99b40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=d1db24a3-3858-4ad8-9447-3cc497e8eaf0&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date: Sat, 23 Dec 2023 10:43:31 GMT
server: _
content-length: 0

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 9CA4 0
0 32ms
31ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 9CA4 43 B
103 B 29ms
27ms Image
image/gif 172.64.149.180

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZYa50ZTOfjrXwVGAkSTSWAAA%263171
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fminecraftcommand.science%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 10:43:31 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 1482
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 83a0010b2e683660-FRA
content-length: 43
expires: Sun, 24 Dec 2023 10:43:31 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame C5B9 2 KB
1 KB 47ms
46ms Document
text/html 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Requested by: Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4903351558&rd=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bde3f9121bb9fca7e60c919e1401d0c0c380ad46d6f7a6e250f34881012006d1

Request headers

Referer: https://sync.richaudience.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83a0010b38769b40-FRA
content-encoding: br
content-type: text/html
date: Sat, 23 Dec 2023 10:43:31 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teXTpruoLCNdXfh3xZTgY3dixFPLntyk4Al7Idefic%2BEvDCClLmqGFDIkksIsGjvb38mWh6LxVgjcgebXlB8yoWy%2BmWaNMzS2vSbHsgppDpRoEG1sc2v4IL4cOuTLA%2BCfgLKCYHaX5NTyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 204 pixel
ap.lijit.com/ Frame 7FA9 0
174 B 50ms
49ms Image
text/plain 63.32.232.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D$UID
Requested by: Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4903351558&rd=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.232.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-232-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.richaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 23 Dec 2023 10:43:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2 200 9.gif
id5-sync.com/s/286/ Frame 7FA9 43 B
920 B 21ms
20ms Image
image/gif 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/286/9.gif?puid=0067eb1d-feb4-410f-b4a8-1zz1703328200&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BID5UID%7D

Requested by

Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4903351558&rd=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.richaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 23 Dec 2023 10:43:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

/
sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/ Frame 7FA9
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fgdpr%3D0%26euconsent%...
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?gdpr=0&euconsent=&uid=c2620a61a38d20bd6d77c4bb7db3b0f7

95 B
375 B

32ms
32ms

Image
image/png

157.90.211.246

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?gdpr=0&euconsent=&uid=c2620a61a38d20bd6d77c4bb7db3b0f7
Requested by: Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4903351558&rd=1
Protocol: H2
Server: 157.90.211.246 -, , ASN (),
Reverse DNS
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://sync.richaudience.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
date: Sat, 23 Dec 2023 10:43:20 GMT
server: nginx/1.14.1
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

date: Sat, 23 Dec 2023 10:43:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
location: https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?gdpr=0&euconsent=&uid=c2620a61a38d20bd6d77c4bb7db3b0f7
access-control-allow-credentials: true
cf-ray: 83a0010b98952bcd-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET 31327
i.liadm.com/s/ Frame C5B9 0
0

GET

rum
dsum-sec.casalemedia.com/ Frame C5B9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZYa50wAJDBs-TgBU
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZYa50wAJDBs-TgBU&_test=ZYa50wAJDBs-TgBU

0
0

GET sync
sync.srv.stackadapt.com/ Frame C5B9 0
0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame C5B9
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=43B3EFE001554AEB8286A515D3A830B7

43 B
740 B

37ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=43B3EFE001554AEB8286A515D3A830B7
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FX%2BoBYDY2El1C57Ho%2ForlLLB3QHvxeIqLKHkimk6qXGrILwpWe9Pr%2FZwdP%2BdTRDqobs%2FTz70%2By3vqLTgjhqAmN3zs1lQATWQXfGmv%2Fga5QlhqTMoJonHpJJruC49d4otvGRSKh56QraQxw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a0010c39309b40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Sat, 23 Dec 2023 10:43:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=43B3EFE001554AEB8286A515D3A830B7
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 22 Dec 2023 10:43:31 GMT

GET /
b1sync.zemanta.com/usersync/index/ Frame C5B9 0
0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame C5B9
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=tixvD0In1RgZtF5

43 B
736 B

34ms
33ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=tixvD0In1RgZtF5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 10:43:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLBMrZwqTrB49tt6ZynTUWEjE3BqZj%2BXkcg0xT3ff97PREgGE8VMeiPM0efSw4V9atN2T1ENYWqD6ao3kq1%2Bcg%2BiewTXQqqgmFn0F5mgijGSQMO0nzOQO6%2Bj%2B3YDkOx4x5jflrOQQ5GWcg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83a0010c49439b40-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 10:43:31 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=tixvD0In1RgZtF5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ibs:dpid=23728&dpuuid=ZYa50ZTOfjrXwVGAkSTSWAAA%263171
dpm.demdex.net/ Frame C5B9 0
0

GET
H3 200 ix
ad4m.at/ad/sim/ Frame C5B9 0
0 32ms
30ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 /
sync.richaudience.com/2066127a3f7c6635eb4f6cac536feb5a/ Frame C5B9 95 B
379 B 34ms
29ms Image
image/png 157.90.211.246

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/2066127a3f7c6635eb4f6cac536feb5a/?gdpr=0&euconsent=&uid=ZYa50ZTOfjrXwVGAkSTSWAAADGMAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=201092&cb=https%3A%2F%2Fsync.richaudience.com%2F2066127a3f7c6635eb4f6cac536feb5a%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.211.246 -, , ASN (),
Reverse DNS
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
date: Sat, 23 Dec 2023 10:43:20 GMT
server: nginx/1.14.1
x-powered-by: PHP/8.2.4
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=2173

Domain: i.liadm.com
URL: https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYa50ZTOfjrXwVGAkSTSWAAA%263171&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/stickyads/cd75154bdec58b69d47124989925039?gdpr=0&gdpr_consent=

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=484dcb78-d7f7-4283-b360-1eb9806eb8c4-6586b9d3-494c&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D484dcb78-d7f7-4283-b360-1eb9806eb8c4-6586b9d3-494c%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D484dcb78-d7f7-4283-b360-1eb9806eb8c4-6586b9d3-494c%2526gdpr%253D0%2526gdpr_consent%253D

Domain: i.liadm.com
URL: https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYa50ZTOfjrXwVGAkSTSWAAA%263171&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=

Domain: dsum.casalemedia.com
URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIP8JZJXvVRQNDKEUKAAAAAAA&expiration=1703414611&is_secure=true

Domain: i.liadm.com
URL: https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYa50ZTOfjrXwVGAkSTSWAAA%263171&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZYa50wAJDBs-TgBU&_test=ZYa50wAJDBs-TgBU

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=68

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=

Domain: dpm.demdex.net
URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZYa50ZTOfjrXwVGAkSTSWAAA%263171?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
minecraftcommand.science/	1969-12-31 23:59:59	Name: _McTool_session Value: eG16ZlNacWtIN01zZFdkS1I0TDYrbEptQzg5QlBVbFBmbndwUllsVWtvZ3FqOEFHbjFSS3pMZ0Yyb0xaOFBlNTJPVDZza3EvYWsxR0ZQSEVYUTlGSXVmM0dabzJrTUtsK0dObG9EektFT2F4LzJaVEZwcG9lVitHQWtJRUtPK1A1dHlFN1lkbnFObjhEZGJUQnc0anBLTHRqVndYMEdqak83L3lJZXM1M2pZPS0tRmNDYjJmTkQzOUk1RWI2MCt4cG1pZz09--106c8b5980fdbd7d7847075547bad5c0f4bdab67
.minecraftcommand.science/	1970-01-21 02:44:48	Name: _ga Value: GA1.2.234020873.1703328206
.minecraftcommand.science/	1970-01-20 17:10:14	Name: _gid Value: GA1.2.207305699.1703328206
.minecraftcommand.science/	1970-01-20 17:08:48	Name: _gat Value: 1
.minecraftcommand.science/	1970-01-21 02:44:48	Name: _ga_MTB0WFGVZX Value: GS1.2.1703328206.1.0.1703328206.0.0.0
minecraftcommand.science/	1970-01-20 17:52:00	Name: _pbjs_userid_consent_data Value: 3524755945110770
.quantserve.com/	1970-01-21 02:39:02	Name: mc Value: 6586b9d0-2651e-10a7b-eceb0
.minecraftcommand.science/	1970-01-21 02:33:17	Name: __qca Value: P0-1393117277-1703328207998
.cpx.to/	1970-01-21 01:54:24	Name: cpSess Value: 7b424040b73ca2cb
.minecraftcommand.science/	1970-01-21 02:30:24	Name: __gads Value: ID=77b04d64e9ad5ed2:T=1703328208:RT=1703328208:S=ALNI_MaDY4UGszZwlz7h0RrVNK8VS1VUcg
.minecraftcommand.science/	1970-01-21 02:30:24	Name: __gpi Value: UID=00000d27714f385d:T=1703328208:RT=1703328208:S=ALNI_MYWrGM79e53-yILuNaGnrSnVV9W2g
.adnxs.com/	1970-01-20 19:18:24	Name: uuid2 Value: 4851895891337406080
.rubiconproject.com/	1970-01-21 01:54:24	Name: khaos Value: LQHXMX5Q-20-801M
.pubmatic.com/	1970-01-20 19:18:24	Name: KTPCACOOKIE Value: true
.doubleclick.net/	1970-01-21 02:44:48	Name: IDE Value: AHWqTUlZcfxt_aaWEAnUdZ5-Ss7W41J66Fuq23Ax2J_tM1y8VBktSaRoKv6PtRJJ_iE
.cpx.to/	1970-01-21 01:54:24	Name: dsp_app_nexus Value: 4851895891337406080#1703328208511
.cpx.to/	1970-01-21 01:54:24	Name: dsp_pub_common Value: cc031eff-bd72-46d7-9173-3ad0808b4605#1703328208511
.pubmatic.com/	1970-01-21 01:54:24	Name: KADUSERCOOKIE Value: DB9744F6-1B7C-47CA-9FBB-A07FE9AE6F32
.cpx.to/	1970-01-21 01:54:24	Name: dsp_dbm Value: CAESEOhD4h6aqGxS9upZq4Q6vGQ#1703328208551
.cpx.to/	1970-01-21 01:54:24	Name: dsp_pubmatic Value: DB9744F6-1B7C-47CA-9FBB-A07FE9AE6F32#1703328208562
prebid.a-mo.net/	1970-01-20 17:08:48	Name: _Amc_b Value: 0
.casalemedia.com/	1970-01-21 01:54:24	Name: receive-cookie-deprecation Value: 1
.smartadserver.com/	1970-01-21 01:55:50	Name: pbw Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 320796=5772163
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-21 01:55:50	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 17:10:14	Name: sasd Value: %24qc%3D1312892624%3B%24ql%3DHigh%3B%24qpc%3D8043%3B%24qt%3D73_4138_118110t%3B%24dma%3D0
.smartadserver.com/	1970-01-21 01:55:50	Name: pid Value: 4124010633033810789
.smartadserver.com/	1970-01-20 17:10:14	Name: sasd2 Value: q=%24qc%3D1312892624%3B%24ql%3DHigh%3B%24qpc%3D8043%3B%24qt%3D73_4138_118110t%3B%24dma%3D0&c=1&l=635210033&lo=90626159&lt=638389250089087800&o=1
.amazon-adsystem.com/	1970-01-20 21:43:50	Name: ad-id Value: AzMMTIZPEkDFoAEOexqzELw
.amazon-adsystem.com/	1970-01-21 02:44:48	Name: ad-privacy Value: 0
.go.sonobi.com/	1970-01-20 17:10:14	Name: _usd_minecraftcommand.science Value: df529c0a-6fc4-4a96-8ac1-c0dbb75f6455
.go.sonobi.com/	1970-01-20 17:52:00	Name: __uis Value: 92c902bd-c1f6-4a96-82b5-989ebf4bf105
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8549\|ZYa51
.casalemedia.com/	1970-01-21 01:54:24	Name: CMID Value: ZYa50ZTOfjrXwVGAkSTSWAAA
.casalemedia.com/	1970-01-20 19:18:24	Name: CMPS Value: 3171
.casalemedia.com/	1970-01-20 19:18:24	Name: CMPRO Value: 3171
.bidswitch.net/	1970-01-21 01:54:24	Name: tuuid Value: 92fbde9e-ccbc-4d42-8ddf-e0739d387b9b
.bidswitch.net/	1970-01-21 01:54:24	Name: c Value: 1703328209
.bidswitch.net/	1970-01-21 01:54:24	Name: tuuid_lu Value: 1703328209
.smaato.net/	1970-01-20 17:39:02	Name: SCM Value: 7bcbab5ccc
.smaato.net/	1970-01-20 17:39:02	Name: SCMaps Value: 7bcbab5ccc
.media.net/	1970-01-21 01:54:24	Name: visitor-id Value: 3463298097934907000V10
.adform.net/	1970-01-20 17:53:26	Name: C Value: 1
.adnxs.com/	1970-01-20 19:18:24	Name: icu Value: ChgI4dFCEAoYASABKAEw0fOarAY4AUABSAEQ0fOarAYYAA..
.adform.net/	1970-01-20 18:35:12	Name: uid Value: 6832972239379080536
.company-target.com/	1970-01-21 02:44:48	Name: tuuid Value: 42325e98-559d-4fd1-9138-9530be474f24
.company-target.com/	1970-01-21 02:44:48	Name: tuuid_lu Value: 1703328209\|ix:0
.yellowblue.io/	1970-01-20 17:52:00	Name: wrvUserID Value: TdC71WS-Cp_s
pixel.rubiconproject.com/	1970-01-20 19:18:24	Name: receive-cookie-deprecation Value: 1
pixel-eu.rubiconproject.com/	1970-01-20 19:18:24	Name: receive-cookie-deprecation Value: 1
.1rx.io/	1970-01-21 01:54:24	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-23598752-d827-4f93-872b-49c9950ab8b6-003%22%2C%22zdxidn%22%3A%222069.5%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D%22%7D
.pubmatic.com/	1970-01-20 17:10:14	Name: pi Value: 160295:3
.adnxs.com/	1970-01-20 19:18:24	Name: anj Value: dTM7k!M4/YCxrEQF']wIg2GVOv>9OM!]tbP6j2F-.aDabByFnKcfMNVdHkAl>yRhVkBBBQA8e-%Adq^<qF1`b^dU(TI-*
.adnxs.com/	1970-01-20 19:18:24	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxRSFhNWDVRLTIwLTgwMU0iLCJleHBpcmVzIjoiMjAyNC0wMy0yMlQxMDo0MzoyOVoifX0sImJpcnRoZGF5IjoiMjAyMy0xMi0yM1QxMDo0MzoyOVoifQ==
.ads.stickyadstv.com/	1970-01-20 17:52:00	Name: UID Value: cd75154bdec58b69d47124989925039
.pubmatic.com/	1970-01-20 19:18:24	Name: SyncRTB3 Value: 1704499200%3A220_21
.linkedin.com/	1970-01-21 01:54:24	Name: bcookie Value: "v=2&8a98101e-2ee7-4fd9-8841-109510499161"
.linkedin.com/	1970-01-20 21:28:00	Name: li_gc Value: MTswOzE3MDMzMjgyMDk7MjswMjFRuG72P0fMyhOnX54PJH9VCs1sF8ICeRwc6nPJHHzipQ==
.linkedin.com/	1970-01-20 17:10:14	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3098:u=1:x=1:i=1703328209:t=1703414609:v=2:sig=AQF_rLGL55YVHUjyPWxtlfX3WPts97YO"
.yahoo.com/	1970-01-21 01:54:45	Name: A3 Value: d=AQABBNG5hmUCEJhR63_pMwrH-GPhiN9zplEFEgEBAQELiGWQZQAAAAAA_eMAAA&S=AQAAAtbJsg8CBRvpw7EvG5KwdRg
.bidr.io/	1970-01-21 02:37:18	Name: bito Value: AAEMNU7LDXQAABP3FA4Kzw
.bidr.io/	1970-01-21 02:37:18	Name: bitoIsSecure Value: ok
.analytics.yahoo.com/	1970-01-21 01:54:24	Name: IDSYNC Value: "18vk~2frm:19e0~2frm"
.rubiconproject.com/	1970-01-21 01:54:24	Name: audit Value: 1\|4Imm+2XFFrlF6cckA197mbg0XK1kO3y0pYVjqUcr3N8kumglJvU0E+oC0+PdC9J2c/FtgcHoDBpBK03vAHceEBk7ZQ9cU3ySr28MHCvfYU5/SiPiTpsEcWSbCKLG0ZSuiYnlHOouWD0bsm1clVNMrQ==
.pubmatic.com/	1970-01-20 19:18:24	Name: KRTBCOOKIE_80 Value: 22987-CAESEFfqKG2MSrsrrrl7HFihSWs&KRTB&23025-CAESEFfqKG2MSrsrrrl7HFihSWs&KRTB&23386-CAESEFfqKG2MSrsrrrl7HFihSWs
.pubmatic.com/	1970-01-20 17:52:00	Name: PugT Value: 1703328209
.pubmatic.com/	1970-01-20 19:18:24	Name: chkChromeAb67Sec Value: 3
.connatix.com/	1970-01-20 17:52:00	Name: cnx_userId Value: 4db00025e88b4e4abfd6268f2289010f
.adnxs.com/	1970-01-21 02:44:48	Name: XANDR_PANID Value: -C5UXuB5WvaN6F7mYTmr2LmrVbQER4FQvDcoKiyzV47Plky4AZzlP6_Muh2ZPOB_N3XZj5kobyWxd95Uvla2ygH5wLo_CM9NvuXkBrF4owQ.
.turn.com/	1970-01-20 21:28:00	Name: uid Value: 3755470427053245605

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	error	URL: https://minecraftcommand.science/profile/grassbear8 Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=2173' from origin 'https://minecraftcommand.science' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=2173 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a0795d2bff8cd0b1579ff9e100f446df.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.turn.com
ad4m.at
ads.stickyadstv.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
ats.rlcdn.com
b1sync.zemanta.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cadmus.script.ac
capi.connatix.com
cdn.adnxs.com
cdn.edkt.io
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
coloringpagesonly.com
config.aps.amazon-adsystem.com
cs-server-s2s.yellowblue.io
cs.media.net
cs.yellowblue.io
csync.loopme.me
csync.smilewanted.com
data00.adlooxtracking.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
gum.criteo.com
hb.vntsm.com
hb.vntsm.io
hb.yahoo.net
htlb.casalemedia.com
i.clean.gg
i.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
image2.pubmatic.com
image8.pubmatic.com
j.adlooxtracking.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
maxcdn.bootstrapcdn.com
minecraftcommand.science
minotar.net
mp.4dex.io
p.cpx.to
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.cpx.to
script.4dex.io
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
shb.richaudience.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adbutter.net
stats.g.doubleclick.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.richaudience.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
track.venatusmedia.com
um.simpli.fi
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
api.rlcdn.com
b1sync.zemanta.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
i.liadm.com
pr-bh.ybp.yahoo.com
sync.crwdcntrl.net
sync.srv.stackadapt.com
104.18.41.104
104.22.69.131
108.156.255.65
13.248.245.213
141.95.98.65
142.250.185.66
143.204.98.16
145.40.97.67
15.197.193.217
151.101.65.108
157.90.211.246
162.19.138.116
172.64.149.180
172.64.151.101
178.32.210.231
18.239.81.30
184.30.16.183
185.64.191.210
195.201.193.117
198.47.127.18
2.18.160.23
2001:4860:4802:32::36
216.52.2.91
23.48.23.63
23.57.19.78
2400:52e0:1e00::1080:1
2600:9000:223c:3200:6:44e3:f8c0:93a1
2600:9000:25e8:e00:1b:5138:8a40:93a1
2602:803:c003:200::41
2606:4700:10::6816:2f8e
2606:4700:10::6816:34ad
2606:4700:10::6816:4092
2606:4700:10::6816:545
2606:4700:10::ac43:266a
2606:4700:20::681a:346
2606:4700:20::ac43:4a81
2606:4700:20::ac43:4bf1
2606:4700:3038::6815:ea0a
2606:4700:4400::6812:22b2
2606:4700::6812:1791
2606:4700::6812:bcf
2607:ae80:4::25
2607:f350:3:2569:0:10:0:a
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2a00:1450:4001:808::200a
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9d
2a02:2638:3::7
2a02:2638:3::c
2a02:fa8:8806:13::1460
2a05:d014:776:a63f:551c:5660:31da:fe01
2a05:d018:d29:3605:b002:f48e:598f:4792
3.233.88.120
3.248.11.85
3.68.18.56
3.69.41.2
3.75.62.37
34.120.111.33
34.160.19.107
34.243.27.157
34.254.47.73
34.95.69.49
34.96.71.22
35.204.74.118
35.214.184.48
35.241.31.249
35.244.193.51
37.157.6.254
37.252.171.149
45.137.176.88
46.105.201.233
46.228.164.11
46.228.174.117
52.17.199.113
52.214.229.130
52.46.143.56
52.57.12.239
63.32.232.28
67.220.224.144
68.178.206.128
69.173.144.138
69.173.144.139
89.149.192.65
95.101.149.233
99.86.4.39
006e39efa45926fc21e3a9dc76e50b20fc32ac022525c4cf3f2495f4a3b53471
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0365692d8e0d5051941db1f32f5f61d913d45be260b6030f38616703a3a51d4e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07057128034b71e631ae913da7665f712b57e7fa3846d114ebc19dab4848e31a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d81ebfaf1154225ec3381dfc495e24235b6723410664fac1fa21dfbc2b872b8
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
0ddd6da2b1ea3652207007e20e75c26d05b7f708cb5dbb61f5af7b839e254401
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fe8ed498beb202767c6730efafc9e95be42c2cadb32e5b0a8260195c169d1b3
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
162c15c446b596c648c9f158ab159eafc9ae2a5264814a6f06a0efb9073bb53c
1737f99e7919b27a7f574cab5602e3d2ef74cda4b5364721de2249be78961387
17cc6244a8240a2c9ca81be66553b24c0afa17173b9ba070513db31a56e15aba
2218481de6171c37c749f595b9c55a186afb332f52b37beee8c1aab6063a43f1
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
29e052c25b24f6d8f7df3f31422cdbd4c66e6d25316576e896b2cd616f710cd9
2c8b244b4300678ea5f33b2995b64c23d184bdb8c718592f81e01d2bdb4b4071
2eaf4dc45a609e38e96b891f54eb6e467c16d7da0572940eee07896b72ed6ef6
2ff883076db3b492ca52a431a8c468bbd2a000fee8b88e8ebba6f5e09be62e39
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31efeb7bd7ac7560d47cc93debc722a4b1c1925f261151b1ee5601cb3cc8c0c5
3384269ca71b222f0f2b139082af94deec4f4b8f809830008abd5152ebee8419
35e2cbc7970ef58900fe5c635c2421af503ebb6866855dea5b3c2007442b00d6
360bd85e68b4b46029fbd31d6056aaaf05efb92b6d3d35745cafaec28517459a
3679ed08258055af7983e61fb23aa3d32c1bc47714d1f6655bc7442bfc711b5e
3a921b4ca0ade43496083038183a345ab915c82926b374d0bf8ce050a2ca2ee9
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41f6415f3d5d677a19313f36462f5560fe4d2473c66f065320a4c28d1eaea41d
43545571911470b8873417fca34434b1460effa2bcfe1196c0df0b8c261e69c6
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c800142a002900895cf3863f1682fa391f6ccf1c88505542ce508c01e1f5fb
49b5cdc7b91a5cfe2a1173202a00f3160487eb78d4a92f68eadeaabbacb9dae8
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0e30758250333556a12457a684ebd31bd8f2c4743b3b839d51cc5893480072
4d80a03abfeae73796da7b619b0d34840b818ee7857bf8b8abf2c570d15ab46d
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
52edb8a053b824a4bf919e8489aadd1420d86f20b6d622d7188ee5aa5e955d91
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5441d52a66181d7671072f20100b5b46237875b81ec3d188510c63664a673464
558c1fa84e47754b018598387fec2860d46b85dfca42ef882b5eb9aee39e1dc3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c2b4ea72273f3fe3ee2912a763961461bbba65a33188b82098e0fa491fee73
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
584fc184a9bab58f58dfe75c96469c2ddc95d55f497b987ed88d59792f1ad6ef
5963155991ef6cccaa5ccde93b269c06161b4e36b2784be6028b78c954a3c569
5b4122cd2abb1fe4a6f9de82ccf1d4cb111c294a9c66e20546615a1f8609713a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65b10d43bc68bbcc8ce8c539376422177785089220b216a273a75f868b3a3629
65cdaeab573276ae46bc74eabab2388f711337f1c6ebd9de5e195fa1ff8b5495
69e6ee2920398b4d84885597e51b536dfb0b57883367fec9d88fef577e6c6229
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6caba0cbf5ddfe893058ccc3ecaa2636de1b2af62eb3205115d9848f864b6422
6dea0984852ec19849e66076dff1d55214caa98c1cabc8e94288357655ba8b7c
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
72cf44968ad429ac0b5819c2eb01bd5db9a703905d8e959c0f8be11532a0e954
73699e5533d189f34a09c47c1808a3117a833c07bc3abec85deae400a8a7f7d5
77b7082ba1f97d677dd0d5ab98e8772d9c5d2750615b366988fe501aa1050f87
782ad017f48f5261f9f6b8f996d181816ad88334c846cb69a2f1d5affaa9f90e
7910f6cc7469c03367eeee3b6b2a428379fa3a7c601b51a69b733370256698c3
7a444b8e70b2ea56c79ccd7db876ce23d10439ded6e541fb7dfc2ce6c73faac7
7ac823ff95f36613750dfdc0fd371f9f3d05fc10c5707a707211d24dfaaeae73
8166bebcf619fa9816209843cf2c6c778b19c81902341ae15899b3108955ed66
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
847bcf23a159c238226a6722a45b6d76454658cd19260a514fd52ceb8cfdce0b
873bbf8103fb89f4a1a432d4e759c5d0ac130b73e696f914e383d1e6a3794d96
8bb26cd6d730f82af45b90cf7f46b6749020a9b19d0de886aa06445c9a722f8e
8d01982f0473d8e8555db897c2b241bf74563dce2d2e7408c1c06e9f39db4fc5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ef51c3a9a54b187c1cbc44cb7f6788c5e0fb022040e9e0880cd3473c7ee425b
914356b218dd1d8a022dd82ab31db3a263cf2842eae5630cee6ea2aa61180d01
914f5d7dd1a6c1f8260dfb5e79b2b19d41801b45277d0adcf719ddce9b9e7695
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
943b93d375f7d0df4fdb35c444ddcf42e764b2ea9075492645871be142c76d08
95bd6be5f36470a9d1c0f9f2f369e0d892c091d03f12624565b9f16c682835d7
961813c2cc407cc2f799d1d4b17e1bb11730d890608625f8b74513143614f9b2
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9aba5ea11be7cb5947c3705c2e44b9f46ab060766aeda86848132d752c059ca1
9d410c6d3ca72bb320c277848abf2dfce4b6b47c3062dff6a67b6856b082d41f
9e03be8c28cc9da25af85189f5954608e9f2321edcbbb57d051140c99888422d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a24c5711a77d4208eacc987d40bb9e24629bda0e2feb4862f65d80dffcfd3070
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a96570884248680f13fcb764449d55a74fccc7bfbf81478f79e88e87d0466bd4
a9e2c957b53c8aeaa85cf3fea3ab0389e4d3abfc4414fea76355a3d4051b02c2
acec236733d5f9fe383b6f48f287b22277e5a18478976810ce503e7cd7f0a371
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
afd927118c657a2c597c1164442ddf57e79a4129a3b76acf4b6953ba52a0f151
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b354b3527a89cdd075f7ff5f0f0a41351ef1a7c9a155db60afca8d211c5459bf
b3c63cc618de0f54dfc0a0af374aba9dc4e4e4d67d43a02162ea4e5fab90a3c3
b3f19a1ade6474b8661f810e930f94e8f4c4fd26f21cd03eaa0ac648dcaa3131
b7902c523882d409b8c1ba82be92608cbdca1635d017b37ddb22616e43c0e0e6
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408
ba136c082bed7ae764c17121b67f3158ea35714a92633ff967512360b4dfcf6c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb397aa4d1296bec772f1825b56c2c93f46b81bc205088b3ac85889d6681ca82
bc3a01e9fcf80054708c94f3c48595ef7171cc11b64d741ca3e6c034c9b9b8f1
bd7c0e8d35b08d06bf91830677991e00479fdf5d05a6119f479ed450bbb78050
bde3f9121bb9fca7e60c919e1401d0c0c380ad46d6f7a6e250f34881012006d1
c1c901ff492f80f83c3d7680459c34801f573e9cb1e860c33dae1750395436bd
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c468d8fc05d04e36fde21bf0c9c485c9e725cec381572fd0235a25e49b039b05
c5813242b4b35a236d4ef477d0bcc41e47f2d195703dc95f928852381be4c509
c71bda16c20aae753920eabadd0803343edafc1e32d5fa55b645ed8dca76551c
c8d4946d60e519fd87d8e22a7677a263e3a9f302fd16442145374ed38b1b6d1d
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c967e8156421273180f4b2dd183633f3e32ce3075907bb062d386c2f47f1076e
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfd7386f2dbc3520185c2c3b5ae378555574a1b2e7ca94819ed7864658d4a854
e0a2ef604cec27f249bafff77bfd28b3648c69c3120f7fb342ca8446477178ba
e0b7f0409024f888d2cacd720dc30b8eb5803bb763d87a47c0781b388363eae1
e0f084d1464f239038780fd3b7007fd8a6d178d87545bd66391d443d25bcba13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ea6acd185f41daf2a04ce650603eeaab189d03b5347f550b0efaf06f44fb2b
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9f70ad0e3ecd5a0198e980cb478627ece9e5b97c5bef454daff4864739a7c74
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
eba8f0299ba7901370cbc32973297a0e8f7009283ae12799f8a203d43a66f76a
ec3bba10c6f69f6c16fa13f547eb3e27242835dbe1779fac42a055e9aae42638
edc634a0c3ad5c1523dac76892c0092d2032497d92301431594b334ebe4b3855
eed14dd88d72e4baf617a66a1c30927d169b8be98eb0ab32347560057e00e379
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0519cf59735526c06d770daf25ccbcfd671b85ccf66a0899a38164547402d7f

minecraftcommand.science Open in urlscan Pro 68.178.206.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

299 Requests

82 %HTTPS

39 %IPv6

75 Domains

111 Subdomains

76 IPs

10 Countries

3204 kBTransfer

8668 kBSize

71 Cookies

3 Outgoing links

Redirected requests

299 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

minecraftcommand.science Open in urlscan Pro
68.178.206.128 Public Scan

Screenshot
Live screenshot

Full Image

299
Requests

82 %
HTTPS

39 %
IPv6

75
Domains

111
Subdomains

76
IPs

10
Countries

3204 kB
Transfer

8668 kB
Size

71
Cookies

299 HTTP transactions
0 data transactions